Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/DARddzCL-WG2sHJRd3McIU1he5U.roa
File: DARddzCL-WG2sHJRd3McIU1he5U.roa (raw, json)
Hash identifier: QAZqa4YGQYtKivmyADJmC0+2NZlUc5XAIWkB9/LSQkE=
Subject key identifier: 0C:04:5D:77:30:8B:F9:61:B6:B0:72:51:77:73:1C:21:4D:61:7B:95
Certificate issuer: /CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Certificate serial: 0195E7F94C40C9CE4990BD420D12A4F0B766
Authority key identifier: 2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/DARddzCL-WG2sHJRd3McIU1he5U.roa
Signing time: Sun 30 Mar 2025 16:53:49 +0000
ROA not before: Sun 30 Mar 2025 16:53:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58002
IP address blocks: 37.208.64.0/20 maxlen: 20
77.247.232.0/21 maxlen: 21
92.241.0.0/19 maxlen: 24
2a00:c9c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 31 Mar 2025 09:25:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e7:f9:4c:40:c9:ce:49:90:bd:42:0d:12:a4:f0:b7:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eeec5231d212b310579d78fc41479ca6ec2aa07
Validity
Not Before: Mar 30 16:53:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c045d77308bf961b6b0725177731c214d617b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:88:65:ff:7e:8d:6d:bd:f2:b4:d0:22:64:cb:
a5:8a:9a:9a:e5:2d:5d:db:b8:ce:50:52:e1:5e:2c:
6d:cc:fc:0b:3f:b6:de:da:1e:26:05:5f:57:df:44:
1a:a7:92:ad:26:39:68:f2:aa:ed:79:dd:81:13:b4:
44:44:68:01:31:54:ed:1c:58:30:84:67:5c:fb:0f:
e2:ad:0a:f9:a1:1e:e6:3f:f6:50:a1:8f:38:5b:57:
d1:76:bf:61:7d:6a:1b:6a:bb:e1:f8:cc:30:96:aa:
5e:a2:34:52:e9:c7:6a:87:d7:da:29:7b:f4:15:9a:
31:e7:47:a2:80:83:47:16:9a:c7:ef:87:f0:6e:c5:
4b:04:02:cf:cc:60:d2:2c:6f:56:97:57:7e:c5:8c:
6b:18:58:4f:04:72:fc:f9:5a:cc:25:c6:89:f4:76:
f4:a9:ae:04:e8:d1:2e:a8:07:d3:a9:c9:a9:f6:a2:
48:00:d9:99:bf:3c:a0:ec:0b:2e:0d:18:d1:84:23:
4e:c9:78:7d:40:1c:89:fd:09:5c:26:66:90:30:14:
9e:c9:89:96:fd:48:96:be:f2:3f:64:d5:ff:30:01:
9f:de:a3:d0:b2:7a:c3:29:20:cd:59:fe:b5:d8:de:
90:13:77:86:2a:5d:b4:cd:f8:ee:6e:62:b1:25:9a:
66:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:04:5D:77:30:8B:F9:61:B6:B0:72:51:77:73:1C:21:4D:61:7B:95
X509v3 Authority Key Identifier:
keyid:2E:EE:C5:23:1D:21:2B:31:05:79:D7:8F:C4:14:79:CA:6E:C2:AA:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lu7FIx0hKzEFedePxBR5ym7Cqgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/DARddzCL-WG2sHJRd3McIU1he5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/8b856a-38ae-4cfb-81d2-271a9576eae7/1/Lu7FIx0hKzEFedePxBR5ym7Cqgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.64.0/20
77.247.232.0/21
92.241.0.0/19
IPv6:
2a00:c9c0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:74:92:a0:89:2d:f1:85:0c:fe:7d:e9:ee:84:fa:15:26:68:
d3:9e:69:4a:70:10:98:44:86:13:07:86:b7:5e:19:b6:4f:2b:
ef:55:ba:28:2c:5a:4a:af:6b:08:54:71:66:62:89:4b:19:a4:
97:c2:db:8e:d4:05:65:80:23:e0:c8:66:bb:a5:07:be:28:2c:
3e:f7:58:ed:42:dd:70:39:e4:ad:9d:63:d3:ae:a2:d9:16:5a:
b3:c8:a7:7a:04:03:1f:72:88:94:26:15:01:72:31:12:49:96:
7a:f6:bd:70:4e:33:4e:38:28:10:2e:10:e0:8f:0c:3c:90:d8:
15:14:5d:d6:64:5d:b4:83:ee:9e:fa:5c:53:41:a8:ce:4c:e8:
2a:66:d0:e7:c8:b9:c2:13:d7:0d:03:05:43:d0:83:01:9f:94:
5f:71:52:88:da:51:3b:dc:bf:13:b8:af:74:86:73:15:1c:21:
ec:1a:f4:37:64:d4:52:62:90:10:45:28:a4:1b:fb:56:7d:22:
a7:90:ac:d4:49:5f:f7:59:f9:0b:58:d5:fd:31:af:93:7b:63:
ec:07:03:36:e8:cc:6a:ea:d9:da:56:02:bd:8e:6d:a8:e1:a3:
93:64:65:b3:63:d9:8a:ef:03:63:2b:c7:a8:c8:6f:94:70:37:
24:1a:9a:b2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZXn+UxAyc5JkL1CDRKk8LdmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWVjNTIzMWQyMTJiMzEwNTc5ZDc4ZmM0MTQ3OWNhNmVj
MmFhMDcwHhcNMjUwMzMwMTY1MzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA0NWQ3NzMwOGJmOTYxYjZiMDcyNTE3NzczMWMyMTRkNjE3Yjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvohl/36Nbb3ytNAiZMulipqa5S1d
27jOUFLhXixtzPwLP7be2h4mBV9X30Qap5KtJjlo8qrted2BE7RERGgBMVTtHFgw
hGdc+w/irQr5oR7mP/ZQoY84W1fRdr9hfWobarvh+MwwlqpeojRS6cdqh9faKXv0
FZox50eigINHFprH74fwbsVLBALPzGDSLG9Wl1d+xYxrGFhPBHL8+VrMJcaJ9Hb0
qa4E6NEuqAfTqcmp9qJIANmZvzyg7AsuDRjRhCNOyXh9QByJ/QlcJmaQMBSeyYmW
/UiWvvI/ZNX/MAGf3qPQsnrDKSDNWf612N6QE3eGKl20zfjubmKxJZpmKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAwEXXcwi/lhtrByUXdzHCFNYXuVMB8GA1UdIwQY
MBaAFC7uxSMdISsxBXnXj8QUecpuwqoHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDIt
MjcxYTk1NzZlYWU3LzEvREFSZGR6Q0wtV0cyc0hKUmQzTWNJVTFoZTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84Yjg1NmEtMzhhZS00Y2ZiLTgxZDItMjcxYTk1NzZlYWU3
LzEvTHU3Rkl4MGhLekVGZWRlUHhCUjV5bTdDcWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJdBAAwQD
TffoAwQFXPEAMA0EAgACMAcDBQAqAMnAMA0GCSqGSIb3DQEBCwUAA4IBAQCbdJKg
iS3xhQz+fenuhPoVJmjTnmlKcBCYRIYTB4a3Xhm2TyvvVbooLFpKr2sIVHFmYolL
GaSXwtuO1AVlgCPgyGa7pQe+KCw+91jtQt1wOeStnWPTrqLZFlqzyKd6BAMfcoiU
JhUBcjESSZZ69r1wTjNOOCgQLhDgjww8kNgVFF3WZF20g+6e+lxTQajOTOgqZtDn
yLnCE9cNAwVD0IMBn5RfcVKI2lE73L8TuK90hnMVHCHsGvQ3ZNRSYpAQRSikG/tW
fSKnkKzUSV/3WfkLWNX9Ma+Te2PsBwM26Mxq6tnaVgK9jm2o4aOTZGWzY9mK7wNj
K8eoyG+UcDckGpqy
-----END CERTIFICATE-----
Generated at Sun May 11 05:00:34 2025 by rpki-client