Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dUCl8IosZglBmuUo8Qbl96i4rjk.roa
File: dUCl8IosZglBmuUo8Qbl96i4rjk.roa (raw, json)
Hash identifier: ww7X13q1ogrpjnjrtpHqoqGd5BsUfFAiD4X2T3+WrFU=
Subject key identifier: 75:40:A5:F0:8A:2C:66:09:41:9A:E5:28:F1:06:E5:F7:A8:B8:AE:39
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14F450A3E785A0B8C99DA6DDF02B30
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dUCl8IosZglBmuUo8Qbl96i4rjk.roa
Signing time: Sun 01 Jan 2023 20:45:22 +0000
ROA not before: Sun 01 Jan 2023 20:45:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31017
IP address blocks: 80.97.125.0/24 maxlen: 24
193.231.242.0/24 maxlen: 24
217.156.76.0/24 maxlen: 24
193.226.60.0/24 maxlen: 24
85.120.34.0/24 maxlen: 24
193.226.63.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:f4:50:a3:e7:85:a0:b8:c9:9d:a6:dd:f0:2b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7540a5f08a2c6609419ae528f106e5f7a8b8ae39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f6:f5:ef:51:97:05:5a:0d:5f:24:ec:d3:94:
e8:93:db:84:a3:61:70:e9:9a:68:7a:d4:6c:51:8c:
71:f7:95:25:71:b5:ea:74:78:8d:04:f1:af:cf:cc:
be:d2:4d:f3:82:40:b2:6b:3b:3a:18:d7:26:a3:80:
5b:d4:47:75:8d:86:c3:cc:22:51:77:ed:93:ab:41:
84:e9:93:d6:0c:f1:65:f7:c4:8c:2d:a7:0d:1e:c9:
14:15:ad:96:d0:0f:e9:20:6a:1d:44:16:32:28:37:
a3:3b:4e:ff:e9:23:dd:37:42:46:6f:fa:a3:cf:ed:
bc:0c:4d:1c:37:a2:51:06:cf:f8:c1:c2:a4:5a:1f:
f8:ee:45:15:89:10:03:ae:4d:82:0d:0e:07:d7:50:
d8:0d:28:d2:9e:b8:89:83:97:24:fb:33:90:d6:bf:
28:ef:1d:2d:38:3f:6e:0d:25:45:3f:18:eb:73:ce:
3b:ba:a9:84:b8:4a:ec:ea:55:00:c7:5c:ab:b3:e5:
d2:5f:c6:c1:b4:68:ec:b6:e7:5c:8c:9e:b4:e7:26:
0b:75:71:0e:76:55:c9:88:c2:d5:66:9e:70:39:9e:
59:05:bf:00:00:dc:fa:b6:3d:fa:03:26:2e:bd:34:
43:74:a9:fc:f8:2d:e1:b2:37:3c:83:26:34:44:7e:
38:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:40:A5:F0:8A:2C:66:09:41:9A:E5:28:F1:06:E5:F7:A8:B8:AE:39
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/dUCl8IosZglBmuUo8Qbl96i4rjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.125.0/24
85.120.34.0/24
193.226.60.0/24
193.226.63.0/24
193.231.242.0/24
217.156.76.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:53:bd:7f:8e:21:a9:07:c8:4b:0e:e7:fb:7b:1c:21:7d:ac:
bb:f6:59:1a:73:d9:a1:ac:60:17:c0:e4:1a:01:8e:a5:ef:7f:
7a:0c:43:a4:b0:e3:dc:fe:8f:9c:ab:69:62:f7:66:d0:fe:f4:
82:a9:c6:4b:9a:73:db:14:88:05:30:90:75:2b:6f:b7:88:49:
f7:7a:75:3f:c1:b7:44:38:15:9d:9c:5b:7f:dd:84:1d:1f:56:
82:6b:bf:b7:82:83:ef:5d:53:dd:e6:d3:24:52:a0:36:bb:44:
df:47:86:57:9a:e7:fc:7d:14:10:73:28:a9:84:8a:04:00:63:
5d:48:7d:df:fb:31:b5:97:34:f1:66:57:7b:21:b1:6a:af:0a:
66:ef:bc:80:72:6e:f9:29:f5:37:1c:f1:81:5e:24:1e:a3:94:
f0:99:f3:c9:c8:52:65:e1:1c:6d:12:eb:19:48:11:5c:36:24:
bb:5b:a5:9b:5e:c8:d0:03:e7:26:7b:38:3b:7c:3b:51:86:ae:
f3:5a:2f:aa:95:83:22:de:72:75:8d:94:39:57:84:71:2f:38:
5a:47:86:0c:73:ce:00:bf:55:07:40:99:b8:df:a8:57:90:65:
f2:e3:27:12:10:bc:61:1e:8f:4a:6a:66:7a:37:6c:d8:e4:f1:
d0:c7:c4:2c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvFPRQo+eFoLjJnabd8CswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQwYTVmMDhhMmM2NjA5NDE5YWU1MjhmMTA2ZTVmN2E4YjhhZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivb171GXBVoNXyTs05Tok9uEo2Fw
6ZpoetRsUYxx95UlcbXqdHiNBPGvz8y+0k3zgkCyazs6GNcmo4Bb1Ed1jYbDzCJR
d+2Tq0GE6ZPWDPFl98SMLacNHskUFa2W0A/pIGodRBYyKDejO07/6SPdN0JGb/qj
z+28DE0cN6JRBs/4wcKkWh/47kUViRADrk2CDQ4H11DYDSjSnriJg5ck+zOQ1r8o
7x0tOD9uDSVFPxjrc847uqmEuErs6lUAx1yrs+XSX8bBtGjstudcjJ605yYLdXEO
dlXJiMLVZp5wOZ5ZBb8AANz6tj36AyYuvTRDdKn8+C3hsjc8gyY0RH44UQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHVApfCKLGYJQZrlKPEG5feouK45MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvZFVDbDhJb3NaZ2xCbXVVbzhRYmw5Nmk0cmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUGF9AwQA
VXgiAwQAweI8AwQAweI/AwQAwefyAwQA2ZxMMA0GCSqGSIb3DQEBCwUAA4IBAQCl
U71/jiGpB8hLDuf7exwhfay79lkac9mhrGAXwOQaAY6l7396DEOksOPc/o+cq2li
92bQ/vSCqcZLmnPbFIgFMJB1K2+3iEn3enU/wbdEOBWdnFt/3YQdH1aCa7+3goPv
XVPd5tMkUqA2u0TfR4ZXmuf8fRQQcyiphIoEAGNdSH3f+zG1lzTxZld7IbFqrwpm
77yAcm75KfU3HPGBXiQeo5TwmfPJyFJl4RxtEusZSBFcNiS7W6WbXsjQA+cmezg7
fDtRhq7zWi+qlYMi3nJ1jZQ5V4RxLzhaR4YMc84Av1UHQJm436hXkGXy4ycSELxh
Ho9KamZ6N2zY5PHQx8Qs
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:06 2024 by rpki-client on console-fra.rpki-client.org