Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/DGhfaIbKuaR4VndvznSE8nR2wrg.roa
File: DGhfaIbKuaR4VndvznSE8nR2wrg.roa (raw, json)
Hash identifier: 8NrphRjIiytHyvXTkDnpiVA3CCE+gTEEaSdxC8VtebQ=
Subject key identifier: 0C:68:5F:68:86:CA:B9:A4:78:56:77:6F:CE:74:84:F2:74:76:C2:B8
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 01938B3385E5A5D5398AEE2ABF08EA18B905
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/DGhfaIbKuaR4VndvznSE8nR2wrg.roa
Signing time: Tue 03 Dec 2024 06:27:09 +0000
ROA not before: Tue 03 Dec 2024 06:27:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.101.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 13 Dec 2024 06:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:33:85:e5:a5:d5:39:8a:ee:2a:bf:08:ea:18:b9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Dec 3 06:27:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c685f6886cab9a47856776fce7484f27476c2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f5:38:4a:ac:48:7e:1e:4e:b0:72:67:79:ad:
a9:a0:88:0b:81:f6:82:bf:03:b9:41:6e:72:ce:28:
16:06:1d:1d:d6:29:08:06:2d:f7:53:04:7a:79:b5:
05:1d:d3:13:f4:f7:65:99:03:d5:29:c4:60:94:77:
93:c0:9e:e7:25:ba:1a:87:b3:73:58:6e:18:99:55:
fe:1f:cb:52:ec:b5:88:39:5b:4d:c9:0d:31:b1:45:
ee:2c:38:ab:aa:16:32:5f:6b:48:13:74:55:e5:29:
e0:e8:2e:b2:9b:38:b0:86:e2:54:f0:46:75:e3:c7:
a6:09:6d:98:09:59:95:3f:ce:eb:cd:9b:9a:37:fe:
b6:bc:82:11:c6:53:a0:bf:72:d3:b9:2d:9c:b5:92:
9a:67:82:32:62:4e:92:26:2e:90:99:d0:59:7f:73:
c3:96:26:ec:39:de:f8:cf:73:ff:ca:92:d5:1b:77:
db:e0:29:0e:5e:e6:3d:41:8e:b1:68:26:e4:39:d1:
49:32:cb:f6:36:ad:ed:35:34:ff:dd:aa:5f:9a:37:
53:ae:69:5c:65:9d:f6:87:ea:f8:e7:e5:4e:d7:0e:
13:dd:40:b1:c5:f5:a1:b8:25:9f:34:0f:35:13:d8:
bf:db:f1:76:ca:9a:94:6a:80:0e:d2:ba:8c:88:c3:
ce:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:68:5F:68:86:CA:B9:A4:78:56:77:6F:CE:74:84:F2:74:76:C2:B8
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/DGhfaIbKuaR4VndvznSE8nR2wrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.168.0/23
Signature Algorithm: sha256WithRSAEncryption
be:bc:5b:5d:45:d0:ca:9d:58:94:99:bf:50:e5:2a:1a:74:61:
f5:05:ff:05:6c:ca:81:84:b0:92:4f:12:27:2b:c5:f1:87:9b:
3b:30:ef:dd:c2:e0:d6:51:f2:6e:bf:a8:7f:88:93:dc:82:11:
9b:a4:d4:b9:ed:d3:1a:c3:fa:73:71:05:d5:40:40:db:0a:47:
6e:2d:c8:77:b1:8e:9a:2e:f0:27:3a:66:d3:d8:81:65:1a:0a:
4a:91:3a:8c:48:fc:a0:6b:22:69:58:46:3e:5f:c7:fc:93:97:
15:27:f4:24:d5:3c:a1:50:a2:56:e4:d5:c5:a2:bc:8d:d2:50:
0a:d0:68:31:db:66:21:82:f2:81:dc:c3:e6:d2:9e:1a:44:e3:
0d:fd:57:db:ab:2e:a3:2b:b7:e5:9c:8c:46:f2:c3:dd:73:82:
76:ff:cf:fd:03:4f:81:4e:4b:3c:c7:64:d4:cb:33:07:5c:a3:
29:6b:a6:46:b8:34:ab:5e:be:4d:45:a0:58:c1:5a:a5:fe:75:
b8:49:2b:28:25:58:cb:dd:e8:c7:bc:12:2e:ed:5e:38:94:17:
3d:69:ae:29:0f:81:75:03:82:64:94:db:14:29:b4:d9:0e:91:
38:20:58:03:1b:22:85:0f:49:51:a1:3e:ac:ec:06:8c:66:fc:
5d:ba:c8:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOLM4XlpdU5iu4qvwjqGLkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjQxMjAzMDYyNzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY4NWY2ODg2Y2FiOWE0Nzg1Njc3NmZjZTc0ODRmMjc0NzZjMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/U4SqxIfh5OsHJnea2poIgLgfaC
vwO5QW5yzigWBh0d1ikIBi33UwR6ebUFHdMT9PdlmQPVKcRglHeTwJ7nJboah7Nz
WG4YmVX+H8tS7LWIOVtNyQ0xsUXuLDirqhYyX2tIE3RV5Sng6C6ymziwhuJU8EZ1
48emCW2YCVmVP87rzZuaN/62vIIRxlOgv3LTuS2ctZKaZ4IyYk6SJi6QmdBZf3PD
libsOd74z3P/ypLVG3fb4CkOXuY9QY6xaCbkOdFJMsv2Nq3tNTT/3apfmjdTrmlc
ZZ32h+r45+VO1w4T3UCxxfWhuCWfNA81E9i/2/F2ypqUaoAO0rqMiMPOKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxoX2iGyrmkeFZ3b850hPJ0dsK4MB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvREdoZmFJYkt1YVI0Vm5kdnpuU0U4blIyd3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWWoMA0G
CSqGSIb3DQEBCwUAA4IBAQC+vFtdRdDKnViUmb9Q5SoadGH1Bf8FbMqBhLCSTxIn
K8Xxh5s7MO/dwuDWUfJuv6h/iJPcghGbpNS57dMaw/pzcQXVQEDbCkduLch3sY6a
LvAnOmbT2IFlGgpKkTqMSPygayJpWEY+X8f8k5cVJ/Qk1TyhUKJW5NXForyN0lAK
0Ggx22YhgvKB3MPm0p4aROMN/Vfbqy6jK7flnIxG8sPdc4J2/8/9A0+BTks8x2TU
yzMHXKMpa6ZGuDSrXr5NRaBYwVql/nW4SSsoJVjL3ejHvBIu7V44lBc9aa4pD4F1
A4JklNsUKbTZDpE4IFgDGyKFD0lRoT6s7AaMZvxdusgr
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:44:29 2025 by rpki-client