Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/DCvRwf-bc1MVyQe4GPluypCuhag.roa
File: DCvRwf-bc1MVyQe4GPluypCuhag.roa (raw, json)
Hash identifier: xXKdUIoK+9EpPXdfzuULkM6puCmeoRshBeMhG5sS5TQ=
Subject key identifier: 0C:2B:D1:C1:FF:9B:73:53:15:C9:07:B8:18:F9:6E:CA:90:AE:85:A8
Certificate issuer: /CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Certificate serial: 01856BDC9D42B402F5A0DDA524802E54D7A5
Authority key identifier: 04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/DCvRwf-bc1MVyQe4GPluypCuhag.roa
Signing time: Sun 01 Jan 2023 05:44:58 +0000
ROA not before: Sun 01 Jan 2023 05:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.219.118.0/24 maxlen: 24
2001:67c:788::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:9d:42:b4:02:f5:a0:dd:a5:24:80:2e:54:d7:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d9bc828a566b06af4d765dfb5da5bc1d76c725
Validity
Not Before: Jan 1 05:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c2bd1c1ff9b735315c907b818f96eca90ae85a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:7a:2a:59:6e:54:fa:47:0b:8f:20:8e:a0:
53:27:f1:11:c0:5c:9a:79:ec:ec:39:56:d9:ee:4d:
5d:e2:b7:5d:e4:97:3f:ff:7c:c7:77:32:f3:3e:22:
e8:bf:5c:03:01:50:c1:48:79:30:93:dd:ef:a2:36:
d9:1c:55:a1:a2:57:a9:fe:fe:b6:62:12:1a:0c:b2:
c4:9d:c7:74:7d:83:a7:0c:f1:50:2e:1e:fc:f2:c8:
a4:e5:68:bc:bc:a3:a4:56:3a:c6:a1:6b:23:f1:3e:
03:e2:b3:ae:00:bd:20:f8:65:52:45:53:a0:e2:5a:
1c:42:be:66:0d:ff:a4:8c:26:2c:74:00:b2:9f:d7:
61:a4:a2:cd:90:4e:ce:e0:75:10:6a:4e:1a:d4:93:
da:05:0d:84:cd:e9:52:5b:bb:b1:d3:0e:ce:fe:80:
2a:f4:97:0b:4f:f1:92:2b:fa:63:c1:62:99:73:c4:
ec:16:e3:59:d9:b6:0a:45:00:e4:46:c5:88:01:11:
6a:21:18:c2:7e:e1:4f:dc:19:ad:62:c2:6a:51:dc:
78:bd:bc:74:ad:c9:09:2f:a3:a5:9f:79:bd:90:dc:
52:a7:6f:5e:1a:b4:1d:b1:bc:db:41:59:35:ba:78:
64:4a:b3:d7:59:4d:1a:9a:05:e5:04:d0:cc:1f:33:
49:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:2B:D1:C1:FF:9B:73:53:15:C9:07:B8:18:F9:6E:CA:90:AE:85:A8
X509v3 Authority Key Identifier:
keyid:04:D9:BC:82:8A:56:6B:06:AF:4D:76:5D:FB:5D:A5:BC:1D:76:C7:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNm8gopWawavTXZd-12lvB12xyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/DCvRwf-bc1MVyQe4GPluypCuhag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/72435b-7e7e-447b-ac24-982c429d4156/1/BNm8gopWawavTXZd-12lvB12xyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.118.0/24
IPv6:
2001:67c:788::/48
Signature Algorithm: sha256WithRSAEncryption
25:e1:f8:9f:e6:c1:dd:c7:49:45:63:83:67:b0:5c:a9:51:e3:
fd:f9:5f:9d:dc:cc:06:20:2e:c5:65:3f:a0:b0:70:06:44:aa:
f8:b5:58:f2:f0:b8:e5:ee:a5:5a:be:bf:1f:fc:a7:05:70:72:
25:ed:2b:33:2f:8c:c8:41:7f:6b:de:6b:dc:35:ba:8c:c5:01:
d6:7f:f2:76:a2:88:f0:36:b9:ac:3a:93:21:52:96:9f:34:8a:
7b:27:8d:4e:dc:ea:78:ef:bb:52:4e:26:8d:7c:3c:f5:85:16:
f1:1f:13:bd:8d:ab:c3:02:ae:4e:dc:b5:8c:5e:43:d7:82:06:
ac:e6:87:6e:6e:40:1a:f7:f0:9b:c8:4f:0d:2f:8f:16:8e:c2:
85:ae:4b:b0:eb:6d:57:9e:57:7e:2c:dd:e8:90:75:0d:b8:17:
79:be:8c:24:dc:25:7e:b4:61:8a:67:36:be:87:45:36:b2:e9:
42:3b:fa:34:48:b6:3a:5e:b2:aa:2f:89:5c:0c:f5:b3:a5:86:
03:fe:8f:90:39:65:b0:b7:77:56:8a:5a:28:76:5b:15:e0:13:
bb:c6:25:71:a8:af:8c:63:78:89:c9:4d:6b:9b:43:e3:a5:79:
a6:ae:ab:11:e6:63:21:f5:39:65:9f:24:45:52:58:8f:44:a2:
55:84:2c:68
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVr3J1CtAL1oN2lJIAuVNelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDliYzgyOGE1NjZiMDZhZjRkNzY1ZGZiNWRhNWJjMWQ3
NmM3MjUwHhcNMjMwMTAxMDU0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzJiZDFjMWZmOWI3MzUzMTVjOTA3YjgxOGY5NmVjYTkwYWU4NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgd6KlluVPpHC48gjqBTJ/ERwFya
eezsOVbZ7k1d4rdd5Jc//3zHdzLzPiLov1wDAVDBSHkwk93vojbZHFWholep/v62
YhIaDLLEncd0fYOnDPFQLh788sik5Wi8vKOkVjrGoWsj8T4D4rOuAL0g+GVSRVOg
4locQr5mDf+kjCYsdACyn9dhpKLNkE7O4HUQak4a1JPaBQ2EzelSW7ux0w7O/oAq
9JcLT/GSK/pjwWKZc8TsFuNZ2bYKRQDkRsWIARFqIRjCfuFP3BmtYsJqUdx4vbx0
rckJL6Oln3m9kNxSp29eGrQdsbzbQVk1unhkSrPXWU0amgXlBNDMHzNJVwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAwr0cH/m3NTFckHuBj5bsqQroWoMB8GA1UdIwQY
MBaAFATZvIKKVmsGr012XftdpbwddsclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5tOGdvcFdhd2F2VFhaZC0xMmx2QjEyeHlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83MjQzNWItN2U3ZS00NDdiLWFjMjQt
OTgyYzQyOWQ0MTU2LzEvREN2UndmLWJjMU1WeVFlNEdQbHV5cEN1aGFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83MjQzNWItN2U3ZS00NDdiLWFjMjQtOTgyYzQyOWQ0MTU2
LzEvQk5tOGdvcFdhd2F2VFhaZC0xMmx2QjEyeHlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwdt2MA8E
AgACMAkDBwAgAQZ8B4gwDQYJKoZIhvcNAQELBQADggEBACXh+J/mwd3HSUVjg2ew
XKlR4/35X53czAYgLsVlP6CwcAZEqvi1WPLwuOXupVq+vx/8pwVwciXtKzMvjMhB
f2vea9w1uozFAdZ/8naiiPA2uaw6kyFSlp80insnjU7c6njvu1JOJo18PPWFFvEf
E72Nq8MCrk7ctYxeQ9eCBqzmh25uQBr38JvITw0vjxaOwoWuS7DrbVeeV34s3eiQ
dQ24F3m+jCTcJX60YYpnNr6HRTay6UI7+jRItjpesqoviVwM9bOlhgP+j5A5ZbC3
d1aKWih2WxXgE7vGJXGor4xjeInJTWubQ+OleaauqxHmYyH1OWWfJEVSWI9EolWE
LGg=
-----END CERTIFICATE-----
Generated at Tue Sep 26 22:36:50 2023 by rpki-client on console-fra.rpki-client.org