Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/DjEowSbcytl4_cUkI9abLsGYChA.roa
File: DjEowSbcytl4_cUkI9abLsGYChA.roa (raw, json)
Hash identifier: gHaVjQ76nrILeJnw9GtL4Dvl8xQuHgO4cDZrd3YSXY0=
Subject key identifier: 0E:31:28:C1:26:DC:CA:D9:78:FD:C5:24:23:D6:9B:2E:C1:98:0A:10
Certificate issuer: /CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Certificate serial: 018A4170DD8121BBF7D51F22DEFA57BE0E44
Authority key identifier: 3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/DjEowSbcytl4_cUkI9abLsGYChA.roa
Signing time: Tue 29 Aug 2023 13:17:10 +0000
ROA not before: Tue 29 Aug 2023 13:17:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34125
IP address blocks: 193.29.2.0/24 maxlen: 24
212.2.64.0/19 maxlen: 24
2a0a:ba80::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:70:dd:81:21:bb:f7:d5:1f:22:de:fa:57:be:0e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a1935b3cbc2527eaf167d69b2078d33e4c4da20
Validity
Not Before: Aug 29 13:17:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e3128c126dccad978fdc52423d69b2ec1980a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:53:67:28:80:5f:ec:84:29:83:1e:b3:f2:6d:
d4:a3:7c:a9:49:05:7c:e3:a1:f3:22:0f:5d:09:8b:
d9:9f:47:25:0c:16:62:8a:ed:c7:82:36:6e:23:e0:
9a:96:67:04:c6:db:b2:97:31:7b:95:20:dc:96:de:
ab:e3:8e:dc:99:c1:e6:bc:62:e8:38:ea:19:d0:1f:
f5:a2:86:7f:07:a7:24:bb:cd:6a:18:23:3f:4a:21:
df:f4:c4:31:33:96:1d:c5:53:8a:20:a0:59:54:da:
aa:5c:1c:f2:96:d2:a1:62:e6:56:ae:9e:c7:23:37:
63:47:22:ef:e4:82:65:6b:f3:57:c3:7e:b0:57:35:
d4:e7:83:06:fd:ce:c8:75:e0:cd:ae:1d:cc:b0:f6:
17:02:5d:88:54:68:49:0c:6b:24:14:12:b0:81:de:
6d:6b:f2:ca:3b:f0:fb:a3:f9:88:89:d5:d1:00:70:
58:6f:aa:fa:66:5d:2f:74:86:dd:a7:5d:4f:8e:fc:
53:84:8f:7b:68:02:0f:6c:5a:8d:12:fc:29:e5:dc:
69:f4:fd:02:35:b8:d8:dd:60:c9:00:79:f1:2b:9b:
a3:16:92:6f:5b:f5:51:30:a5:0a:48:6f:3d:6f:af:
78:b2:99:37:66:18:bb:d8:6c:3d:8a:9d:b3:5d:12:
74:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:31:28:C1:26:DC:CA:D9:78:FD:C5:24:23:D6:9B:2E:C1:98:0A:10
X509v3 Authority Key Identifier:
keyid:3A:19:35:B3:CB:C2:52:7E:AF:16:7D:69:B2:07:8D:33:E4:C4:DA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ohk1s8vCUn6vFn1psgeNM-TE2iA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/DjEowSbcytl4_cUkI9abLsGYChA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/fffba4-2efa-465f-af96-abf837ace8e4/1/Ohk1s8vCUn6vFn1psgeNM-TE2iA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.2.0/24
212.2.64.0/19
IPv6:
2a0a:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
88:f7:cb:1c:b4:14:c6:35:6a:18:d0:dd:1f:6a:02:a2:4f:33:
06:8f:69:b3:e3:d9:bd:39:8f:ec:e3:ff:0f:89:7d:c1:9a:a3:
48:16:b1:d4:d1:18:78:41:ce:43:27:10:b3:4c:da:1b:39:b4:
ab:fc:b2:fc:b4:8f:fb:ad:ff:cb:28:8e:c2:d4:f6:61:dc:88:
a7:4a:e6:4b:17:38:d6:a7:27:5f:0c:e8:1f:71:0d:de:a7:04:
af:0f:47:01:dd:f2:07:ae:5f:b8:90:50:6c:eb:08:01:6a:cf:
a9:a6:76:cd:c1:7b:87:6c:0d:4b:26:0f:a1:cd:85:8a:1f:65:
d1:d7:24:4d:df:ef:92:e6:bb:92:f4:1e:b4:6c:28:1d:e8:a3:
55:3f:f9:c3:f5:a2:c8:ba:07:fd:da:26:6f:7d:63:f7:be:bd:
97:bc:b8:80:d7:8b:49:6a:69:5b:73:9b:54:c2:1e:5b:e1:a2:
90:79:ef:dc:de:e9:b3:4b:66:ba:b7:ac:b0:e8:97:c7:a1:9b:
19:c3:31:c3:43:f6:1e:f4:3d:34:41:1a:c8:90:2f:d5:ba:ad:
cd:9b:5a:3f:3c:7a:57:4b:18:81:d6:cf:9e:6b:2a:cd:4b:ad:
d0:15:9d:1b:55:77:77:2e:76:92:80:4a:7e:47:2c:dc:e9:73:
7b:f4:14:df
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYpBcN2BIbv31R8i3vpXvg5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMTkzNWIzY2JjMjUyN2VhZjE2N2Q2OWIyMDc4ZDMzZTRj
NGRhMjAwHhcNMjMwODI5MTMxNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTMxMjhjMTI2ZGNjYWQ5NzhmZGM1MjQyM2Q2OWIyZWMxOTgwYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1NnKIBf7IQpgx6z8m3Uo3ypSQV8
46HzIg9dCYvZn0clDBZiiu3HgjZuI+CalmcExtuylzF7lSDclt6r447cmcHmvGLo
OOoZ0B/1ooZ/B6cku81qGCM/SiHf9MQxM5YdxVOKIKBZVNqqXBzyltKhYuZWrp7H
IzdjRyLv5IJla/NXw36wVzXU54MG/c7IdeDNrh3MsPYXAl2IVGhJDGskFBKwgd5t
a/LKO/D7o/mIidXRAHBYb6r6Zl0vdIbdp11PjvxThI97aAIPbFqNEvwp5dxp9P0C
NbjY3WDJAHnxK5ujFpJvW/VRMKUKSG89b694spk3Zhi72Gw9ip2zXRJ03QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA4xKMEm3MrZeP3FJCPWmy7BmAoQMB8GA1UdIwQY
MBaAFDoZNbPLwlJ+rxZ9abIHjTPkxNogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYt
YWJmODM3YWNlOGU0LzEvRGpFb3dTYmN5dGw0X2NVa0k5YWJMc0dZQ2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mZmZiYTQtMmVmYS00NjVmLWFmOTYtYWJmODM3YWNlOGU0
LzEvT2hrMXM4dkNVbjZ2Rm4xcHNnZU5NLVRFMmlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwR0CAwQF
1AJAMA0EAgACMAcDBQMqCrqAMA0GCSqGSIb3DQEBCwUAA4IBAQCI98sctBTGNWoY
0N0fagKiTzMGj2mz49m9OY/s4/8PiX3BmqNIFrHU0Rh4Qc5DJxCzTNobObSr/LL8
tI/7rf/LKI7C1PZh3IinSuZLFzjWpydfDOgfcQ3epwSvD0cB3fIHrl+4kFBs6wgB
as+ppnbNwXuHbA1LJg+hzYWKH2XR1yRN3++S5ruS9B60bCgd6KNVP/nD9aLIugf9
2iZvfWP3vr2XvLiA14tJamlbc5tUwh5b4aKQee/c3umzS2a6t6yw6JfHoZsZwzHD
Q/Ye9D00QRrIkC/Vuq3Nm1o/PHpXSxiB1s+eayrNS63QFZ0bVXd3LnaSgEp+Ryzc
6XN79BTf
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:26:36 2024 by rpki-client on console-fra.rpki-client.org