Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df99a1-86b3-46ab-bce4-941692ecb6d6/1/dyDzp8uiMh2QCsWdmQsW_AbHNxw.roa
File: dyDzp8uiMh2QCsWdmQsW_AbHNxw.roa (raw, json)
Hash identifier: k0cKyX5RUmoiQXzg+aR+n1URygm2/06hUYRu0Wc1T/U=
Subject key identifier: 77:20:F3:A7:CB:A2:32:1D:90:0A:C5:9D:99:0B:16:FC:06:C7:37:1C
Certificate issuer: /CN=a7bac61750ea2fc833f029809fe563a1142c813e
Certificate serial: 01856F26C56B918CA0ACB0708D545AD42238
Authority key identifier: A7:BA:C6:17:50:EA:2F:C8:33:F0:29:80:9F:E5:63:A1:14:2C:81:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p7rGF1DqL8gz8CmAn-VjoRQsgT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/df99a1-86b3-46ab-bce4-941692ecb6d6/1/dyDzp8uiMh2QCsWdmQsW_AbHNxw.roa
Signing time: Sun 01 Jan 2023 21:04:49 +0000
ROA not before: Sun 01 Jan 2023 21:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43915
IP address blocks: 195.244.2.0/23 maxlen: 23
195.242.148.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:c5:6b:91:8c:a0:ac:b0:70:8d:54:5a:d4:22:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7bac61750ea2fc833f029809fe563a1142c813e
Validity
Not Before: Jan 1 21:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7720f3a7cba2321d900ac59d990b16fc06c7371c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fc:2d:b3:46:9a:ef:22:0b:b4:a3:62:29:ff:
5b:4e:b4:74:e7:31:cb:21:12:74:ba:4e:34:6f:5d:
03:76:65:4a:62:0f:ef:f4:36:01:45:0d:31:e7:78:
a1:ca:02:6b:94:76:46:bb:00:50:06:22:d1:d9:5a:
2b:62:65:cf:d3:fa:90:b4:12:1a:c9:2f:e1:b7:61:
a2:47:50:49:25:65:13:1e:21:8e:00:1c:9e:ae:f1:
77:14:80:9b:a6:3e:a7:2b:4f:34:c2:7a:bc:a6:bc:
42:c9:10:80:6c:88:97:0b:24:47:86:b7:2a:0e:ff:
3d:8a:f0:d4:dd:95:91:86:1c:aa:e0:4b:cc:6b:43:
f4:f2:52:e5:da:58:b6:c3:1b:68:7c:90:6b:72:6e:
c7:fc:fa:f6:d2:e6:97:ba:0c:69:62:47:b3:25:9b:
de:97:9d:ce:12:52:cb:f3:60:6d:0d:47:3a:af:ba:
08:fc:71:c2:b7:8a:08:bc:c0:a2:ed:dc:c6:21:1d:
5b:65:7c:90:00:24:16:a4:79:26:66:ec:a3:22:63:
78:f9:ba:ae:ef:88:b6:72:53:d3:88:2c:09:96:98:
84:e5:56:7d:ef:56:90:8c:42:2e:a3:8e:eb:44:20:
c5:a1:61:7d:e2:73:f9:1d:da:29:7e:fe:9e:bc:2b:
d4:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:20:F3:A7:CB:A2:32:1D:90:0A:C5:9D:99:0B:16:FC:06:C7:37:1C
X509v3 Authority Key Identifier:
keyid:A7:BA:C6:17:50:EA:2F:C8:33:F0:29:80:9F:E5:63:A1:14:2C:81:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p7rGF1DqL8gz8CmAn-VjoRQsgT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df99a1-86b3-46ab-bce4-941692ecb6d6/1/dyDzp8uiMh2QCsWdmQsW_AbHNxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df99a1-86b3-46ab-bce4-941692ecb6d6/1/p7rGF1DqL8gz8CmAn-VjoRQsgT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.148.0/23
195.244.2.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:9c:f0:76:3f:91:f5:04:16:52:b6:12:84:e5:72:12:99:56:
c3:ac:55:02:10:fd:e4:c3:e3:90:41:23:a4:31:4a:78:67:5b:
cb:44:22:92:ec:8f:30:f6:21:2c:f6:fa:86:ff:35:4b:70:ed:
17:34:00:ef:5d:ae:3b:29:69:a8:73:3e:9f:42:9d:c7:63:10:
11:cd:3a:38:e2:48:af:4b:01:8c:7e:ff:03:69:c2:c2:f6:ca:
69:56:34:bb:75:51:ac:f1:2b:49:5f:29:b8:69:fc:bb:0e:f4:
bb:43:95:09:20:1e:31:6c:2c:78:58:08:a0:83:23:34:9e:78:
39:8d:b0:c7:82:76:f6:a5:71:bf:df:14:bb:c9:67:69:7d:16:
ad:a4:6f:b9:6c:9a:5c:7c:be:3f:b6:0c:bc:80:f0:f3:9a:cb:
6c:bc:b6:0c:35:32:01:fa:72:b6:94:1c:a3:40:59:16:af:d8:
07:f2:79:28:67:e2:68:51:b0:89:94:90:bf:96:6a:03:c1:fb:
7a:13:f9:60:2c:a0:6e:0b:6a:19:6e:f0:da:96:90:f5:2e:ed:
72:da:f7:ff:af:fd:9e:d5:42:dd:49:15:0e:f6:d0:a3:4f:38:
bd:8f:58:2a:d0:27:88:c4:15:20:22:0f:fb:89:10:31:58:23:
6c:e9:eb:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvJsVrkYygrLBwjVRa1CI4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3YmFjNjE3NTBlYTJmYzgzM2YwMjk4MDlmZTU2M2ExMTQy
YzgxM2UwHhcNMjMwMTAxMjEwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzIwZjNhN2NiYTIzMjFkOTAwYWM1OWQ5OTBiMTZmYzA2YzczNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvwts0aa7yILtKNiKf9bTrR05zHL
IRJ0uk40b10DdmVKYg/v9DYBRQ0x53ihygJrlHZGuwBQBiLR2VorYmXP0/qQtBIa
yS/ht2GiR1BJJWUTHiGOAByervF3FICbpj6nK080wnq8prxCyRCAbIiXCyRHhrcq
Dv89ivDU3ZWRhhyq4EvMa0P08lLl2li2wxtofJBrcm7H/Pr20uaXugxpYkezJZve
l53OElLL82BtDUc6r7oI/HHCt4oIvMCi7dzGIR1bZXyQACQWpHkmZuyjImN4+bqu
74i2clPTiCwJlpiE5VZ971aQjEIuo47rRCDFoWF94nP5Hdopfv6evCvUrQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHcg86fLojIdkArFnZkLFvwGxzccMB8GA1UdIwQY
MBaAFKe6xhdQ6i/IM/ApgJ/lY6EULIE+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDdyR0YxRHFMOGd6OENtQW4tVmpvUlFzZ1Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9kZjk5YTEtODZiMy00NmFiLWJjZTQt
OTQxNjkyZWNiNmQ2LzEvZHlEenA4dWlNaDJRQ3NXZG1Rc1dfQWJITnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9kZjk5YTEtODZiMy00NmFiLWJjZTQtOTQxNjkyZWNiNmQ2
LzEvcDdyR0YxRHFMOGd6OENtQW4tVmpvUlFzZ1Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw/KUAwQB
w/QCMA0GCSqGSIb3DQEBCwUAA4IBAQAtnPB2P5H1BBZSthKE5XISmVbDrFUCEP3k
w+OQQSOkMUp4Z1vLRCKS7I8w9iEs9vqG/zVLcO0XNADvXa47KWmocz6fQp3HYxAR
zTo44kivSwGMfv8DacLC9sppVjS7dVGs8StJXym4afy7DvS7Q5UJIB4xbCx4WAig
gyM0nng5jbDHgnb2pXG/3xS7yWdpfRatpG+5bJpcfL4/tgy8gPDzmstsvLYMNTIB
+nK2lByjQFkWr9gH8nkoZ+JoUbCJlJC/lmoDwft6E/lgLKBuC2oZbvDalpD1Lu1y
2vf/r/2e1ULdSRUO9tCjTzi9j1gq0CeIxBUgIg/7iRAxWCNs6etU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:36 2024 by rpki-client on console-fra.rpki-client.org