Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/DCPNah1iz7NEqJeNsLHp4o7XbpA.roa
File: DCPNah1iz7NEqJeNsLHp4o7XbpA.roa (raw, json)
Hash identifier: yeg0qOPF+UZAi3SAz55DzuE6aSXhyT4wRXKjC3db6Gg=
Subject key identifier: 0C:23:CD:6A:1D:62:CF:B3:44:A8:97:8D:B0:B1:E9:E2:8E:D7:6E:90
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 01856F9DCA9DD0F054A6DFB22FB2D8A77E4B
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/DCPNah1iz7NEqJeNsLHp4o7XbpA.roa
Signing time: Sun 01 Jan 2023 23:14:50 +0000
ROA not before: Sun 01 Jan 2023 23:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61986
IP address blocks: 193.164.94.0/24 maxlen: 24
193.164.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:ca:9d:d0:f0:54:a6:df:b2:2f:b2:d8:a7:7e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 23:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c23cd6a1d62cfb344a8978db0b1e9e28ed76e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:89:9c:bb:7c:ad:5b:cd:fa:bc:b1:a6:bf:0a:
99:49:fa:70:12:ed:ed:a5:fc:17:6d:e0:e5:d1:1d:
0d:54:44:93:32:de:c6:05:74:93:5a:02:9d:94:0c:
a7:6f:40:e6:79:19:80:0f:6a:ba:cc:4f:65:84:9f:
64:f6:a3:1f:ad:35:2a:a3:79:c1:98:2d:57:5f:5d:
8f:5b:e2:22:97:8f:4a:4b:54:3a:13:02:b6:c8:57:
ab:a3:e6:4a:d2:df:f1:59:2e:3f:2b:b8:81:ae:86:
cd:22:15:49:b0:66:fb:1d:03:a6:3b:67:60:e8:5d:
0e:12:4e:e4:67:16:94:3d:8f:6b:c9:34:91:de:ed:
7d:cb:59:d8:a3:06:c9:48:3f:0c:14:5c:b1:ba:f3:
7d:3e:d6:de:68:c2:ab:48:3f:51:55:25:76:4d:1e:
ac:d7:49:b3:7f:36:e5:05:5d:77:31:00:1c:53:78:
f8:2a:d7:bd:5a:f3:3f:27:b3:32:61:83:c6:21:8b:
fe:87:61:04:2a:b3:17:1c:a3:ef:d8:ab:f5:9b:4d:
d8:c0:9d:dc:8a:52:13:4d:9d:9e:60:d6:94:14:5c:
ee:09:f2:c3:c8:78:23:aa:f6:66:23:9a:11:44:0b:
5d:5c:0e:bc:eb:b3:4b:fb:35:aa:34:e7:dc:65:e6:
4e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:23:CD:6A:1D:62:CF:B3:44:A8:97:8D:B0:B1:E9:E2:8E:D7:6E:90
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/DCPNah1iz7NEqJeNsLHp4o7XbpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.94.0/23
Signature Algorithm: sha256WithRSAEncryption
a8:60:16:fc:f7:ac:7b:b9:44:a2:89:e4:80:49:44:41:5c:3e:
08:f3:2c:67:b4:41:e6:cb:ff:ab:ff:30:6f:ae:db:6a:75:09:
cc:20:ab:b0:e7:d9:fd:82:07:8a:e6:6d:af:93:e7:b7:aa:24:
9e:fd:8e:ff:36:d1:e2:f5:34:1b:b0:c5:db:99:20:d2:4a:c2:
8a:98:e2:d4:8d:0e:54:ea:74:0b:a5:7e:8e:79:ed:8c:54:b5:
0d:e9:b5:78:5e:54:19:81:2e:65:2c:01:fb:99:db:a3:8f:8f:
6f:3d:ae:d0:6f:7f:02:82:5a:de:87:2b:e3:e3:7d:8c:71:2c:
d1:96:ff:03:1d:78:19:d5:e9:9c:a1:d6:eb:3f:d7:ea:7f:4d:
05:63:bc:8e:f7:e6:3c:31:bd:96:3e:a7:cb:6e:c2:f0:2d:f3:
42:5e:52:3f:f4:64:fc:6a:8a:2e:83:7e:1b:3a:04:fb:7d:dc:
55:7a:a3:38:da:a9:40:d3:9b:2e:c8:2c:bd:63:6a:8e:a7:ea:
26:1f:58:08:91:c8:98:7b:ce:d9:69:16:e9:00:70:55:95:9d:
4a:ad:e4:09:98:55:22:4b:39:20:be:c8:35:3a:1f:46:4a:e1:
1b:bf:ee:0c:d9:a8:f9:40:b0:cb:63:95:30:ed:b9:d2:f1:fb:
18:ff:7c:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvncqd0PBUpt+yL7LYp35LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjMwMTAxMjMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzIzY2Q2YTFkNjJjZmIzNDRhODk3OGRiMGIxZTllMjhlZDc2ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYmcu3ytW836vLGmvwqZSfpwEu3t
pfwXbeDl0R0NVESTMt7GBXSTWgKdlAynb0DmeRmAD2q6zE9lhJ9k9qMfrTUqo3nB
mC1XX12PW+Iil49KS1Q6EwK2yFero+ZK0t/xWS4/K7iBrobNIhVJsGb7HQOmO2dg
6F0OEk7kZxaUPY9ryTSR3u19y1nYowbJSD8MFFyxuvN9PtbeaMKrSD9RVSV2TR6s
10mzfzblBV13MQAcU3j4Kte9WvM/J7MyYYPGIYv+h2EEKrMXHKPv2Kv1m03YwJ3c
ilITTZ2eYNaUFFzuCfLDyHgjqvZmI5oRRAtdXA6867NL+zWqNOfcZeZOOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAwjzWodYs+zRKiXjbCx6eKO126QMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvRENQTmFoMWl6N05FcUplTnNMSHA0bzdYYnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwaReMA0G
CSqGSIb3DQEBCwUAA4IBAQCoYBb896x7uUSiieSASURBXD4I8yxntEHmy/+r/zBv
rttqdQnMIKuw59n9ggeK5m2vk+e3qiSe/Y7/NtHi9TQbsMXbmSDSSsKKmOLUjQ5U
6nQLpX6Oee2MVLUN6bV4XlQZgS5lLAH7mdujj49vPa7Qb38Cglrehyvj432McSzR
lv8DHXgZ1emcodbrP9fqf00FY7yO9+Y8Mb2WPqfLbsLwLfNCXlI/9GT8aooug34b
OgT7fdxVeqM42qlA05suyCy9Y2qOp+omH1gIkciYe87ZaRbpAHBVlZ1KreQJmFUi
Szkgvsg1Oh9GSuEbv+4M2aj5QLDLY5Uw7bnS8fsY/3y3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org