Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/73f4ab-b3e6-426d-b284-69bfc925979d/1/pDzgy83v4STwj8WFcaciuGvA2Kc.roa
File: pDzgy83v4STwj8WFcaciuGvA2Kc.roa (raw, json)
Hash identifier: k7sTbJX3p5LtDOuzBnq7j3wcz9mpJ8zAvXKTPUOaYxM=
Subject key identifier: A4:3C:E0:CB:CD:EF:E1:24:F0:8F:C5:85:71:A7:22:B8:6B:C0:D8:A7
Certificate issuer: /CN=dfea4e9bff294e20bd749ed2eeb9184f208bc9d6
Certificate serial: 018879DAF361D1ECF6991EA2B7A90929AE24
Authority key identifier: DF:EA:4E:9B:FF:29:4E:20:BD:74:9E:D2:EE:B9:18:4F:20:8B:C9:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3-pOm_8pTiC9dJ7S7rkYTyCLydY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/73f4ab-b3e6-426d-b284-69bfc925979d/1/pDzgy83v4STwj8WFcaciuGvA2Kc.roa
Signing time: Fri 02 Jun 2023 02:06:12 +0000
ROA not before: Fri 02 Jun 2023 02:06:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56540
IP address blocks: 188.244.114.0/24 maxlen: 24
85.237.192.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:79:da:f3:61:d1:ec:f6:99:1e:a2:b7:a9:09:29:ae:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfea4e9bff294e20bd749ed2eeb9184f208bc9d6
Validity
Not Before: Jun 2 02:06:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a43ce0cbcdefe124f08fc58571a722b86bc0d8a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:a6:f6:92:93:60:36:80:8a:c7:a5:d8:24:
2c:ea:af:df:bc:b3:7d:94:83:ff:68:77:0a:1c:3e:
6d:36:8a:4d:b1:4e:76:df:0c:9f:36:ab:7a:e0:fe:
e2:6b:26:f9:77:08:18:76:14:7b:b4:5a:be:1d:41:
21:61:a1:75:3f:ba:8f:3f:d0:34:ea:a0:c0:eb:f6:
87:c0:5a:76:b2:0d:de:11:43:45:a1:df:eb:b6:04:
72:ab:3c:fc:eb:a4:8b:ce:d8:c2:33:5c:99:4e:b5:
21:9c:a2:ea:d3:6a:9d:23:72:a2:41:5c:21:bc:bd:
1a:94:5a:82:21:33:c1:1b:e8:13:82:a4:1f:56:61:
12:70:d1:73:ec:51:45:8f:41:d0:49:55:3c:cf:d9:
a5:43:08:f1:3c:c8:7b:62:6f:02:e2:db:28:16:d1:
67:0a:ce:08:89:6b:87:a6:fb:62:10:4d:95:63:d1:
62:e1:dd:8a:53:49:63:0a:b4:5c:8e:70:6c:45:50:
83:93:d7:11:b1:ba:da:03:92:a1:67:3a:02:8a:4a:
fd:28:8a:d4:92:ef:d9:ec:29:b9:ee:ba:2f:89:02:
9b:b8:63:20:dd:49:33:f9:5a:9b:69:17:3f:3c:f7:
5d:11:8f:7b:b2:37:02:62:b8:34:4d:dd:57:dc:92:
28:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3C:E0:CB:CD:EF:E1:24:F0:8F:C5:85:71:A7:22:B8:6B:C0:D8:A7
X509v3 Authority Key Identifier:
keyid:DF:EA:4E:9B:FF:29:4E:20:BD:74:9E:D2:EE:B9:18:4F:20:8B:C9:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-pOm_8pTiC9dJ7S7rkYTyCLydY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/73f4ab-b3e6-426d-b284-69bfc925979d/1/pDzgy83v4STwj8WFcaciuGvA2Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/73f4ab-b3e6-426d-b284-69bfc925979d/1/3-pOm_8pTiC9dJ7S7rkYTyCLydY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.192.0/23
188.244.114.0/24
Signature Algorithm: sha256WithRSAEncryption
66:7f:30:ad:b9:da:1b:f7:3f:b0:73:00:eb:e8:df:d9:b8:53:
55:7f:74:75:df:de:60:1e:db:d3:ab:ca:b9:10:a2:01:9c:34:
89:18:28:94:a8:f2:60:5a:b2:fb:6e:ce:8e:8a:6a:05:70:b2:
f2:56:68:4f:14:c6:aa:d8:76:b1:a9:93:f0:8f:b5:7d:db:f4:
54:7e:46:d7:4f:f4:ff:74:5c:26:24:90:78:44:35:02:ac:d4:
fa:88:56:db:94:1e:fc:f8:9b:f2:3d:97:6c:c0:af:b0:18:65:
ff:55:77:c2:b3:c0:2a:ab:b7:d0:53:c7:e9:78:b1:c6:f8:b6:
e7:1d:1b:89:bb:fe:31:72:b3:17:1e:ba:9e:f1:c4:98:e1:c5:
eb:78:63:28:bc:e3:87:d1:e4:36:7b:13:bc:a5:98:c3:13:b1:
87:82:73:fe:66:3a:31:12:7b:33:74:f8:9b:0e:27:37:db:4f:
fb:e6:3f:7d:d4:b5:e7:ee:29:b2:9a:22:2d:b3:b3:f2:71:04:
46:66:fb:54:df:d0:e4:83:d8:c9:5a:d3:9a:b0:8d:58:98:54:
2f:d6:c7:2a:79:a7:95:32:5e:05:17:ce:2b:b2:82:69:a7:7b:
05:e0:60:d0:73:18:f1:04:c2:31:f7:5a:88:a8:94:6d:44:80:
f2:d4:ff:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYh52vNh0ez2mR6it6kJKa4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZWE0ZTliZmYyOTRlMjBiZDc0OWVkMmVlYjkxODRmMjA4
YmM5ZDYwHhcNMjMwNjAyMDIwNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNjZTBjYmNkZWZlMTI0ZjA4ZmM1ODU3MWE3MjJiODZiYzBkOGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk+m9pKTYDaAisel2CQs6q/fvLN9
lIP/aHcKHD5tNopNsU523wyfNqt64P7iayb5dwgYdhR7tFq+HUEhYaF1P7qPP9A0
6qDA6/aHwFp2sg3eEUNFod/rtgRyqzz866SLztjCM1yZTrUhnKLq02qdI3KiQVwh
vL0alFqCITPBG+gTgqQfVmEScNFz7FFFj0HQSVU8z9mlQwjxPMh7Ym8C4tsoFtFn
Cs4IiWuHpvtiEE2VY9Fi4d2KU0ljCrRcjnBsRVCDk9cRsbraA5KhZzoCikr9KIrU
ku/Z7Cm57roviQKbuGMg3Ukz+VqbaRc/PPddEY97sjcCYrg0Td1X3JIokwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKQ84MvN7+Ek8I/FhXGnIrhrwNinMB8GA1UdIwQY
MBaAFN/qTpv/KU4gvXSe0u65GE8gi8nWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMy1wT21fOHBUaUM5ZEo3Uzdya1lUeUNMeWRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS83M2Y0YWItYjNlNi00MjZkLWIyODQt
NjliZmM5MjU5NzlkLzEvcER6Z3k4M3Y0U1R3ajhXRmNhY2l1R3ZBMktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS83M2Y0YWItYjNlNi00MjZkLWIyODQtNjliZmM5MjU5Nzlk
LzEvMy1wT21fOHBUaUM5ZEo3Uzdya1lUeUNMeWRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVe3AAwQA
vPRyMA0GCSqGSIb3DQEBCwUAA4IBAQBmfzCtudob9z+wcwDr6N/ZuFNVf3R1395g
HtvTq8q5EKIBnDSJGCiUqPJgWrL7bs6OimoFcLLyVmhPFMaq2HaxqZPwj7V92/RU
fkbXT/T/dFwmJJB4RDUCrNT6iFbblB78+JvyPZdswK+wGGX/VXfCs8Aqq7fQU8fp
eLHG+LbnHRuJu/4xcrMXHrqe8cSY4cXreGMovOOH0eQ2exO8pZjDE7GHgnP+Zjox
EnszdPibDic320/75j991LXn7imymiIts7PycQRGZvtU39Dkg9jJWtOasI1YmFQv
1scqeaeVMl4FF84rsoJpp3sF4GDQcxjxBMIx91qIqJRtRIDy1P+I
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:22 2024 by rpki-client on console-ams.rpki-client.org