Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/Dc9AZaiN6NzqxN4Y0V7SXARYe7A.roa
File: Dc9AZaiN6NzqxN4Y0V7SXARYe7A.roa (raw, json)
Hash identifier: WJ3E96cWKRmW90hTbvj/Kb654E0e0n9MvWVmDT1yuHo=
Subject key identifier: 0D:CF:40:65:A8:8D:E8:DC:EA:C4:DE:18:D1:5E:D2:5C:04:58:7B:B0
Certificate issuer: /CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Certificate serial: 018D5708EE83D9069B90C5F2977E7A1D44C1
Authority key identifier: BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/Dc9AZaiN6NzqxN4Y0V7SXARYe7A.roa
Signing time: Mon 29 Jan 2024 21:03:39 +0000
ROA not before: Mon 29 Jan 2024 21:03:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 45.14.24.0/22 maxlen: 22
109.108.224.0/19 maxlen: 19
141.138.96.0/19 maxlen: 19
178.74.192.0/18 maxlen: 18
178.74.240.0/20 maxlen: 20
185.16.124.0/22 maxlen: 22
185.181.36.0/22 maxlen: 22
193.106.20.0/22 maxlen: 22
193.148.88.0/22 maxlen: 22
213.226.92.0/22 maxlen: 22
217.30.192.0/20 maxlen: 20
2a04:100::/29 maxlen: 29
2a04:100::/36 maxlen: 36
2a04:100:1000::/36 maxlen: 36
2a04:100:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 30 Jan 2024 15:55:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:57:08:ee:83:d9:06:9b:90:c5:f2:97:7e:7a:1d:44:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Validity
Not Before: Jan 29 21:03:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dcf4065a88de8dceac4de18d15ed25c04587bb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:17:cb:b5:8a:6b:83:fe:3a:02:57:b2:68:ab:
25:36:22:2c:40:e1:d8:cc:dd:0d:9f:69:58:35:86:
20:af:17:af:39:82:db:95:2f:d4:77:f0:42:04:18:
d0:af:88:ae:70:23:08:be:9b:1d:b3:82:7f:5d:8d:
66:e1:4b:79:5f:e9:e0:4c:da:36:02:d8:b8:2d:fe:
7f:82:54:ac:3e:ba:6f:09:09:4f:1f:94:4c:b9:a9:
6b:a5:99:f5:57:35:41:70:d5:4c:a6:70:2a:92:34:
c3:71:8a:b9:1e:25:bd:47:81:8a:c3:61:09:0f:5e:
c0:d4:85:82:85:42:15:cb:6f:f2:28:c8:f2:41:49:
6b:17:ca:cd:77:69:f0:2f:f4:b8:de:a7:61:15:1a:
0f:f3:a2:83:59:aa:ea:84:cb:99:ca:d5:f4:47:a8:
48:52:49:3c:c5:ec:92:f3:a8:0b:0e:a9:f3:54:81:
c3:00:04:49:ae:1d:71:56:37:4b:45:e8:37:22:ed:
93:7a:18:d1:75:97:57:ff:b8:0a:e1:5c:10:93:f7:
20:fd:03:ae:66:a0:1d:d2:5c:24:4f:48:f1:fb:63:
be:8a:70:48:09:e9:56:d2:3a:99:35:06:dd:52:fa:
bc:5c:c3:d2:de:51:9d:70:85:3c:2f:fa:ee:8a:06:
65:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:CF:40:65:A8:8D:E8:DC:EA:C4:DE:18:D1:5E:D2:5C:04:58:7B:B0
X509v3 Authority Key Identifier:
keyid:BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/Dc9AZaiN6NzqxN4Y0V7SXARYe7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.24.0/22
109.108.224.0/19
141.138.96.0/19
178.74.192.0/18
185.16.124.0/22
185.181.36.0/22
193.106.20.0/22
193.148.88.0/22
213.226.92.0/22
217.30.192.0/20
IPv6:
2a04:100::/29
Signature Algorithm: sha256WithRSAEncryption
95:37:5c:15:e2:0f:e3:f4:95:59:80:ca:ac:66:56:3e:c6:b9:
66:70:2e:c5:47:73:94:06:3e:e4:a5:39:25:03:e2:63:d2:f2:
92:de:6f:b2:5e:5f:cb:19:74:1c:71:eb:de:56:29:17:42:1a:
d8:0e:85:36:48:54:93:d7:69:e4:ae:89:12:11:94:0b:37:a4:
78:95:e2:b7:50:a4:6d:d1:ea:bc:06:e3:6e:77:11:33:72:62:
2a:ba:e7:0d:75:6e:f7:11:d9:0b:f5:58:5e:d4:9f:7f:57:34:
b1:5e:24:e6:8a:5a:24:8c:d7:e8:7c:c1:6d:b1:8d:91:a9:5e:
1d:08:c0:98:e0:59:f9:ac:a2:b2:64:45:9f:25:bb:4d:29:a5:
fd:de:9c:41:73:48:fa:56:54:7f:05:2c:7c:e3:c1:6d:be:f9:
5d:5d:d6:b9:5d:08:84:ec:31:43:ca:1e:be:4c:00:f3:96:32:
b2:fa:50:0d:d3:c2:a7:55:10:75:6a:26:32:dd:40:90:b2:03:
d9:8d:24:0b:51:f6:54:2d:8a:db:9f:49:3a:67:6a:d9:89:bd:
cd:82:50:27:5d:be:bb:79:89:a0:6d:5c:20:75:0a:63:69:c7:
c0:a6:e3:f8:ea:e0:cc:5f:22:7f:9d:a9:75:1c:ca:92:9d:d2:
54:9b:4b:d4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY1XCO6D2QabkMXyl356HUTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2NjYjFhNmUzYmNhYjYzMTlkMzE3ZjYyYzc0YmYxZTFm
NDE0NzMwHhcNMjQwMTI5MjEwMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGNmNDA2NWE4OGRlOGRjZWFjNGRlMThkMTVlZDI1YzA0NTg3YmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBfLtYprg/46AleyaKslNiIsQOHY
zN0Nn2lYNYYgrxevOYLblS/Ud/BCBBjQr4iucCMIvpsds4J/XY1m4Ut5X+ngTNo2
Ati4Lf5/glSsPrpvCQlPH5RMualrpZn1VzVBcNVMpnAqkjTDcYq5HiW9R4GKw2EJ
D17A1IWChUIVy2/yKMjyQUlrF8rNd2nwL/S43qdhFRoP86KDWarqhMuZytX0R6hI
Ukk8xeyS86gLDqnzVIHDAARJrh1xVjdLReg3Iu2TehjRdZdX/7gK4VwQk/cg/QOu
ZqAd0lwkT0jx+2O+inBICelW0jqZNQbdUvq8XMPS3lGdcIU8L/ruigZlqwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFA3PQGWojejc6sTeGNFe0lwEWHuwMB8GA1UdIwQY
MBaAFLt8yxpuO8q2MZ0xf2LHS/Hh9BRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMt
NjRiMGU2MTRkMDA0LzEvRGM5QVphaU42TnpxeE40WTBWN1NYQVJZZTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMtNjRiMGU2MTRkMDA0
LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLQ4YAwQF
bWzgAwQFjYpgAwQGskrAAwQCuRB8AwQCubUkAwQCwWoUAwQCwZRYAwQC1eJcAwQE
2R7AMA0EAgACMAcDBQMqBAEAMA0GCSqGSIb3DQEBCwUAA4IBAQCVN1wV4g/j9JVZ
gMqsZlY+xrlmcC7FR3OUBj7kpTklA+Jj0vKS3m+yXl/LGXQcceveVikXQhrYDoU2
SFST12nkrokSEZQLN6R4leK3UKRt0eq8BuNudxEzcmIquucNdW73EdkL9Vhe1J9/
VzSxXiTmilokjNfofMFtsY2RqV4dCMCY4Fn5rKKyZEWfJbtNKaX93pxBc0j6VlR/
BSx848FtvvldXda5XQiE7DFDyh6+TADzljKy+lAN08KnVRB1aiYy3UCQsgPZjSQL
UfZULYrbn0k6Z2rZib3NglAnXb67eYmgbVwgdQpjacfApuP46uDMXyJ/nal1HMqS
ndJUm0vU
-----END CERTIFICATE-----
Generated at Mon Apr 28 18:06:44 2025 by rpki-client