Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/DDylCMUZ-OS148ejC0YeqYinebA.roa
File: DDylCMUZ-OS148ejC0YeqYinebA.roa (raw, json)
Hash identifier: cdCcmrnw7c6qlW/WuXiDB3HDkamF/FU4ZcbaPmpW6Tc=
Subject key identifier: 0C:3C:A5:08:C5:19:F8:E4:B5:E3:C7:A3:0B:46:1E:A9:88:A7:79:B0
Certificate issuer: /CN=97242dba26ed882b380dabebab3c5f3942006ecc
Certificate serial: 01936760B018CAB88FD734E262A6B8F20BAC
Authority key identifier: 97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/DDylCMUZ-OS148ejC0YeqYinebA.roa
Signing time: Tue 26 Nov 2024 07:30:10 +0000
ROA not before: Tue 26 Nov 2024 07:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 109.68.248.0/24 maxlen: 24
185.68.58.0/24 maxlen: 24
185.68.59.0/24 maxlen: 24
185.255.32.0/23 maxlen: 23
185.255.34.0/24 maxlen: 24
185.255.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:60:b0:18:ca:b8:8f:d7:34:e2:62:a6:b8:f2:0b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97242dba26ed882b380dabebab3c5f3942006ecc
Validity
Not Before: Nov 26 07:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c3ca508c519f8e4b5e3c7a30b461ea988a779b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a3:c5:10:03:ba:2d:d5:08:12:89:3a:7f:04:
f6:3e:ad:62:c2:d5:61:d3:aa:ea:47:e7:ad:b9:98:
c2:29:a7:60:0a:70:c8:a4:ec:3a:0e:f2:b2:c6:66:
4b:71:d5:cd:bc:e7:cc:99:b3:a3:50:4b:7b:d7:d4:
a0:c0:e2:0c:80:60:6d:15:73:a4:f5:54:7d:9e:2e:
f8:ca:7d:90:27:43:14:de:d2:fc:37:0b:16:92:79:
e1:c9:f9:ce:3e:ed:f6:ea:e9:32:22:9a:bb:a1:c6:
3f:61:e3:12:9a:1e:72:88:89:c7:ca:2b:af:75:86:
ca:4c:8e:99:1c:18:d8:f4:b2:be:54:74:e6:01:ed:
a2:0e:9c:9d:f8:ea:02:4f:31:ec:34:20:a8:79:98:
d0:86:df:67:32:03:0a:96:25:a9:8b:ab:ad:34:4e:
bd:78:87:64:60:f8:0f:8f:ea:08:ea:49:93:48:a7:
d1:51:1b:05:40:aa:23:3e:81:c6:a7:98:4b:13:45:
94:a6:63:1d:d1:72:d0:2c:3d:f8:84:32:01:85:af:
70:7b:a8:a9:0c:65:f9:24:4f:a2:bb:e5:55:f5:c0:
ee:49:5b:ba:ce:dd:47:07:f7:98:0e:de:20:0e:80:
8c:e3:53:41:1d:f4:71:48:11:df:7d:18:a1:67:39:
a3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3C:A5:08:C5:19:F8:E4:B5:E3:C7:A3:0B:46:1E:A9:88:A7:79:B0
X509v3 Authority Key Identifier:
keyid:97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/DDylCMUZ-OS148ejC0YeqYinebA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.248.0/24
185.68.58.0/23
185.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:a1:62:c2:82:c2:2b:16:68:24:52:d3:47:94:cc:d2:36:9a:
62:f0:23:af:94:ac:39:ae:21:38:25:e4:3c:77:91:11:7a:dc:
9d:43:80:05:50:92:80:e8:1e:27:f1:2d:62:c7:ff:17:2f:4c:
71:d5:d1:15:26:c8:e8:be:4f:2b:59:2f:5a:86:e9:fb:fc:d8:
32:c8:c1:a6:9f:8f:96:a0:b3:42:0d:42:29:01:ab:09:fa:52:
b0:05:5e:cf:b7:50:6e:3f:c4:e3:11:b1:cb:aa:39:b5:1c:39:
d2:d7:be:60:35:1c:5b:b3:f0:55:d5:50:9c:13:f8:12:27:80:
56:84:94:04:bf:8f:86:70:5d:7f:af:ce:fb:18:8e:53:4e:6e:
3a:ae:61:a7:38:9d:9e:f4:63:24:4f:05:26:db:03:11:93:66:
2a:5d:d3:f6:0b:c5:c4:1d:a0:24:7e:7e:f1:86:e5:f8:25:71:
a0:66:0b:0d:a3:1e:91:42:82:22:ba:a2:cc:21:58:43:77:f8:
54:ea:83:24:23:61:86:b7:df:b1:e6:29:5b:e6:47:41:dc:36:
d7:0d:f1:3d:7d:3a:3d:70:2d:19:81:b5:ad:0e:0b:cb:21:88:
3b:f3:99:4c:23:a4:60:1e:85:cb:9a:db:66:5e:52:52:c9:ef:
3e:b3:d1:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNnYLAYyriP1zTiYqa48gusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MjQyZGJhMjZlZDg4MmIzODBkYWJlYmFiM2M1ZjM5NDIw
MDZlY2MwHhcNMjQxMTI2MDczMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNjYTUwOGM1MTlmOGU0YjVlM2M3YTMwYjQ2MWVhOTg4YTc3OWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKPFEAO6LdUIEok6fwT2Pq1iwtVh
06rqR+etuZjCKadgCnDIpOw6DvKyxmZLcdXNvOfMmbOjUEt719SgwOIMgGBtFXOk
9VR9ni74yn2QJ0MU3tL8NwsWknnhyfnOPu326ukyIpq7ocY/YeMSmh5yiInHyiuv
dYbKTI6ZHBjY9LK+VHTmAe2iDpyd+OoCTzHsNCCoeZjQht9nMgMKliWpi6utNE69
eIdkYPgPj+oI6kmTSKfRURsFQKojPoHGp5hLE0WUpmMd0XLQLD34hDIBha9we6ip
DGX5JE+iu+VV9cDuSVu6zt1HB/eYDt4gDoCM41NBHfRxSBHffRihZzmjuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAw8pQjFGfjktePHowtGHqmIp3mwMB8GA1UdIwQY
MBaAFJckLbom7YgrOA2r66s8XzlCAG7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmIt
NjA3MjcyZDczN2NiLzEvRER5bENNVVotT1MxNDhlakMwWWVxWWluZWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmItNjA3MjcyZDczN2Ni
LzEvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbUT4AwQB
uUQ6AwQCuf8gMA0GCSqGSIb3DQEBCwUAA4IBAQCpoWLCgsIrFmgkUtNHlMzSNppi
8COvlKw5riE4JeQ8d5ERetydQ4AFUJKA6B4n8S1ix/8XL0xx1dEVJsjovk8rWS9a
hun7/NgyyMGmn4+WoLNCDUIpAasJ+lKwBV7Pt1BuP8TjEbHLqjm1HDnS175gNRxb
s/BV1VCcE/gSJ4BWhJQEv4+GcF1/r877GI5TTm46rmGnOJ2e9GMkTwUm2wMRk2Yq
XdP2C8XEHaAkfn7xhuX4JXGgZgsNox6RQoIiuqLMIVhDd/hU6oMkI2GGt9+x5ilb
5kdB3DbXDfE9fTo9cC0ZgbWtDgvLIYg785lMI6RgHoXLmttmXlJSye8+s9Ek
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:05:41 2025 by rpki-client