Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/DJlIBoeZjJzA6y6OaQfmfQF-F_I.roa
File: DJlIBoeZjJzA6y6OaQfmfQF-F_I.roa (raw, json)
Hash identifier: UFTTU7pV1Xobxifn/milYdOMebJMRtJII9wVSo8KUWc=
Subject key identifier: 0C:99:48:06:87:99:8C:9C:C0:EB:2E:8E:69:07:E6:7D:01:7E:17:F2
Certificate issuer: /CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Certificate serial: 018571C30910395560A41933C1955BB9D054
Authority key identifier: 27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/DJlIBoeZjJzA6y6OaQfmfQF-F_I.roa
Signing time: Mon 02 Jan 2023 09:14:45 +0000
ROA not before: Mon 02 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29166
IP address blocks: 193.135.31.0/24 maxlen: 24
193.5.8.0/23 maxlen: 23
194.40.212.0/22 maxlen: 22
194.40.216.0/22 maxlen: 22
194.40.220.0/22 maxlen: 22
194.40.224.0/22 maxlen: 22
194.40.228.0/22 maxlen: 22
194.40.232.0/24 maxlen: 24
194.40.234.0/23 maxlen: 23
193.5.42.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:09:10:39:55:60:a4:19:33:c1:95:5b:b9:d0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27fc21856cd8e037a7bb8c6392a6198213a8b4f6
Validity
Not Before: Jan 2 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c99480687998c9cc0eb2e8e6907e67d017e17f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:63:45:e6:2d:cf:ce:ba:5e:78:73:86:14:51:
98:1e:b5:74:9c:27:07:ea:92:5f:1c:80:f7:85:2f:
fc:be:92:d5:a6:08:32:a5:c6:2c:07:87:20:f8:93:
0d:fb:81:7f:94:00:fd:c8:63:01:48:ad:f0:6c:9f:
2e:05:e6:68:21:7f:d6:9f:78:03:83:d7:87:1c:05:
30:96:c4:57:2f:56:a1:dc:e0:3e:ac:71:d9:a3:b8:
dc:8e:02:bb:dc:49:83:42:f1:91:4b:b5:fe:d1:95:
21:3b:08:07:74:65:d3:c6:52:86:2e:c0:43:fd:1f:
46:52:46:df:17:09:fe:14:d2:43:07:ff:18:1e:26:
13:f7:4e:a6:80:db:50:86:bb:e5:80:7f:c2:c4:d7:
40:78:12:bd:3d:f5:73:65:4b:7f:6d:de:64:6a:b4:
ea:97:e0:24:0b:2f:bb:2d:f2:e4:2c:88:f9:fe:81:
28:d1:48:cb:bc:67:fb:60:19:6f:a5:c3:1b:f6:bd:
b0:12:1a:7a:50:c5:38:7c:59:cb:3f:ec:05:10:94:
97:e0:3c:ab:ea:ec:bc:53:0b:6f:74:55:6e:c8:68:
a3:71:b4:52:3f:6c:e4:74:49:15:b2:d3:19:3f:7e:
a2:71:f5:8a:13:16:65:42:3d:eb:b8:f9:c1:8a:ec:
73:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:99:48:06:87:99:8C:9C:C0:EB:2E:8E:69:07:E6:7D:01:7E:17:F2
X509v3 Authority Key Identifier:
keyid:27:FC:21:85:6C:D8:E0:37:A7:BB:8C:63:92:A6:19:82:13:A8:B4:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J_whhWzY4Denu4xjkqYZghOotPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/DJlIBoeZjJzA6y6OaQfmfQF-F_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/c7fa48-2876-422b-8825-e1f367e79620/1/J_whhWzY4Denu4xjkqYZghOotPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.8.0/23
193.5.42.0/23
193.135.31.0/24
194.40.212.0-194.40.232.255
194.40.234.0/23
Signature Algorithm: sha256WithRSAEncryption
09:3f:56:9f:31:bb:44:0f:0b:4c:6a:5d:35:44:5c:6a:7b:ed:
30:75:6b:4b:05:37:fb:a4:ac:aa:65:a5:ca:ae:c4:13:e0:40:
da:ff:90:01:45:5a:db:59:d8:53:dc:74:26:5b:2f:b6:f9:06:
46:3c:b2:63:e6:58:23:a6:00:e8:2e:2f:0c:45:ce:f9:be:69:
36:62:2f:19:2a:9a:aa:39:12:f2:77:f7:9f:42:e4:44:d0:94:
11:cb:15:5e:5e:8b:ea:01:ef:a3:51:09:a4:23:7a:f6:e5:79:
ec:c3:ca:f9:d7:1d:75:00:a3:fc:e8:1d:af:86:cf:8b:5e:6e:
b7:e9:59:43:bf:35:cb:a7:40:60:ed:de:9c:dc:45:b9:d1:74:
80:8d:7b:7b:e1:bc:c3:20:40:a5:df:82:7e:e6:97:a4:79:93:
c0:c8:d5:f1:c0:76:cf:09:be:62:d3:5d:25:34:fa:68:0c:5d:
c1:fc:a8:56:1b:59:34:ce:91:a6:79:5c:66:bc:df:9f:56:b0:
b9:96:8c:d3:3f:f3:e3:00:1e:49:f8:c3:55:b0:df:a8:0e:47:
3b:b5:a0:45:e2:ce:84:25:ff:a8:af:87:0f:88:b6:05:4e:0d:
52:75:5b:a2:2d:de:ef:31:4f:b6:57:b9:43:a3:63:f1:69:22:
1e:13:81:77
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxwwkQOVVgpBkzwZVbudBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZmMyMTg1NmNkOGUwMzdhN2JiOGM2MzkyYTYxOTgyMTNh
OGI0ZjYwHhcNMjMwMTAyMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzk5NDgwNjg3OTk4YzljYzBlYjJlOGU2OTA3ZTY3ZDAxN2UxN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimNF5i3PzrpeeHOGFFGYHrV0nCcH
6pJfHID3hS/8vpLVpggypcYsB4cg+JMN+4F/lAD9yGMBSK3wbJ8uBeZoIX/Wn3gD
g9eHHAUwlsRXL1ah3OA+rHHZo7jcjgK73EmDQvGRS7X+0ZUhOwgHdGXTxlKGLsBD
/R9GUkbfFwn+FNJDB/8YHiYT906mgNtQhrvlgH/CxNdAeBK9PfVzZUt/bd5karTq
l+AkCy+7LfLkLIj5/oEo0UjLvGf7YBlvpcMb9r2wEhp6UMU4fFnLP+wFEJSX4Dyr
6uy8UwtvdFVuyGijcbRSP2zkdEkVstMZP36icfWKExZlQj3ruPnBiuxzuQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAyZSAaHmYycwOsujmkH5n0BfhfyMB8GA1UdIwQY
MBaAFCf8IYVs2OA3p7uMY5KmGYITqLT2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUt
ZTFmMzY3ZTc5NjIwLzEvREpsSUJvZVpqSnpBNnk2T2FRZm1mUUYtRl9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9jN2ZhNDgtMjg3Ni00MjJiLTg4MjUtZTFmMzY3ZTc5NjIw
LzEvSl93aGhXelk0RGVudTR4amtxWVpnaE9vdFBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBwQUIAwQB
wQUqAwQAwYcfMAwDBALCKNQDBADCKOgDBAHCKOowDQYJKoZIhvcNAQELBQADggEB
AAk/Vp8xu0QPC0xqXTVEXGp77TB1a0sFN/ukrKplpcquxBPgQNr/kAFFWttZ2FPc
dCZbL7b5BkY8smPmWCOmAOguLwxFzvm+aTZiLxkqmqo5EvJ3959C5ETQlBHLFV5e
i+oB76NRCaQjevbleezDyvnXHXUAo/zoHa+Gz4tebrfpWUO/NcunQGDt3pzcRbnR
dICNe3vhvMMgQKXfgn7ml6R5k8DI1fHAds8JvmLTXSU0+mgMXcH8qFYbWTTOkaZ5
XGa8359WsLmWjNM/8+MAHkn4w1Ww36gORzu1oEXizoQl/6ivhw+ItgVODVJ1W6It
3u8xT7ZXuUOjY/FpIh4TgXc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:10 2024 by rpki-client on console-fra.rpki-client.org