Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/dcf9b7-6d72-475a-baa7-646ee6dfa6b6/1/3UPCAT3KfBxwz5W0hg6jdXDomUo.roa
File: 3UPCAT3KfBxwz5W0hg6jdXDomUo.roa (raw, json)
Hash identifier: lSMwPS+c19DBf2KSZM1Poe6AUJ8kkmkmpu8rrbKFnFU=
Subject key identifier: DD:43:C2:01:3D:CA:7C:1C:70:CF:95:B4:86:0E:A3:75:70:E8:99:4A
Certificate issuer: /CN=fd89381307ae5e3b1ba8658cda7ee2ada4141447
Certificate serial: 01856C012BB0251FC43C8CCE9018E6F9D843
Authority key identifier: FD:89:38:13:07:AE:5E:3B:1B:A8:65:8C:DA:7E:E2:AD:A4:14:14:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Yk4EweuXjsbqGWM2n7iraQUFEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/dcf9b7-6d72-475a-baa7-646ee6dfa6b6/1/3UPCAT3KfBxwz5W0hg6jdXDomUo.roa
Signing time: Sun 01 Jan 2023 06:24:54 +0000
ROA not before: Sun 01 Jan 2023 06:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58349
IP address blocks: 193.42.23.0/24 maxlen: 24
2a10:e5c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:2b:b0:25:1f:c4:3c:8c:ce:90:18:e6:f9:d8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd89381307ae5e3b1ba8658cda7ee2ada4141447
Validity
Not Before: Jan 1 06:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd43c2013dca7c1c70cf95b4860ea37570e8994a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2d:2e:89:48:64:f7:1e:69:e8:c5:dc:dc:76:
90:86:89:a9:ae:21:87:cb:6d:54:d7:d2:35:70:d6:
93:97:03:34:a8:9d:14:e0:47:23:1e:7c:72:9b:c3:
27:d1:9b:9a:ca:8f:43:a3:d4:fa:28:6d:17:7d:8e:
59:3b:99:a6:59:29:d9:b4:53:39:5c:4b:79:d6:4a:
2d:55:85:2d:7d:e6:d6:1c:fb:2e:f7:98:82:37:60:
60:79:8f:d3:38:5c:6a:33:8a:21:f5:3d:63:dc:3c:
af:d4:51:1c:dc:eb:24:80:6c:1f:19:20:ec:5b:79:
50:b2:45:38:87:be:8b:d4:f6:a7:99:fb:0b:7a:cb:
d4:e4:11:b1:ad:34:4d:b7:ca:91:91:3f:df:76:54:
55:58:f0:32:85:82:55:f9:67:1d:a3:00:4c:9e:8b:
03:f3:fe:96:b0:21:58:a8:93:6d:22:ec:ac:a9:d9:
14:d3:ee:d0:71:b9:e1:68:23:d8:95:e5:37:5c:e7:
33:6f:41:e9:8d:91:ee:3a:e1:83:57:78:32:11:69:
d7:b8:7a:4e:d7:0b:b7:df:1a:3b:b7:63:e5:27:62:
81:3b:bf:cb:df:60:6b:35:af:d7:c3:21:47:8c:c7:
d0:e0:dd:28:b6:6d:1e:ad:e5:65:9b:eb:c8:8e:09:
99:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:43:C2:01:3D:CA:7C:1C:70:CF:95:B4:86:0E:A3:75:70:E8:99:4A
X509v3 Authority Key Identifier:
keyid:FD:89:38:13:07:AE:5E:3B:1B:A8:65:8C:DA:7E:E2:AD:A4:14:14:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Yk4EweuXjsbqGWM2n7iraQUFEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/dcf9b7-6d72-475a-baa7-646ee6dfa6b6/1/3UPCAT3KfBxwz5W0hg6jdXDomUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/dcf9b7-6d72-475a-baa7-646ee6dfa6b6/1/_Yk4EweuXjsbqGWM2n7iraQUFEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.42.23.0/24
IPv6:
2a10:e5c0::/48
Signature Algorithm: sha256WithRSAEncryption
5e:7e:dc:bb:44:95:7a:8d:d9:f7:7e:18:b9:d3:f6:cf:9c:8f:
45:a1:f5:7c:a6:fa:af:00:e3:d1:cc:ab:48:22:e6:05:2a:50:
bd:82:30:6b:8b:62:61:0e:83:7b:94:61:c5:63:7c:bd:ff:c4:
a2:00:70:90:24:0c:b1:49:a5:d8:46:9d:50:f3:25:a4:ec:5e:
9a:a1:49:87:fe:2d:1c:50:1b:23:b5:d5:4b:bf:d6:0a:60:17:
8a:5e:b8:0c:ba:f3:8f:4f:ba:e1:71:5b:18:79:30:59:ac:00:
dc:7b:9e:35:04:55:67:ec:13:55:2a:f3:77:5c:47:a1:71:2e:
a1:b5:65:90:29:a6:ad:91:09:0f:23:be:9d:15:4c:f8:79:8b:
c3:39:4f:77:c3:bc:0e:e7:d3:88:df:d8:05:81:16:b5:98:06:
bb:e9:c5:de:5d:fc:c6:39:a5:70:08:1e:3f:be:40:6c:b0:2f:
f2:9a:0b:83:2c:72:08:c6:cc:6c:b5:4d:e8:61:23:3e:a4:e1:
90:15:83:ce:76:78:3a:b3:a5:e3:a3:f1:4a:54:27:06:16:2f:
11:42:11:c9:eb:cb:0c:0f:72:a1:8e:b6:65:8e:76:a0:fa:1c:
05:e9:8c:2f:3d:17:1a:ff:66:14:e2:d5:18:06:81:d1:79:d8:
4f:7b:af:0b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsASuwJR/EPIzOkBjm+dhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkODkzODEzMDdhZTVlM2IxYmE4NjU4Y2RhN2VlMmFkYTQx
NDE0NDcwHhcNMjMwMTAxMDYyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQzYzIwMTNkY2E3YzFjNzBjZjk1YjQ4NjBlYTM3NTcwZTg5OTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhy0uiUhk9x5p6MXc3HaQhompriGH
y21U19I1cNaTlwM0qJ0U4EcjHnxym8Mn0Zuayo9Do9T6KG0XfY5ZO5mmWSnZtFM5
XEt51kotVYUtfebWHPsu95iCN2BgeY/TOFxqM4oh9T1j3Dyv1FEc3OskgGwfGSDs
W3lQskU4h76L1PanmfsLesvU5BGxrTRNt8qRkT/fdlRVWPAyhYJV+WcdowBMnosD
8/6WsCFYqJNtIuysqdkU0+7QcbnhaCPYleU3XOczb0HpjZHuOuGDV3gyEWnXuHpO
1wu33xo7t2PlJ2KBO7/L32BrNa/XwyFHjMfQ4N0otm0ereVlm+vIjgmZBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFN1DwgE9ynwccM+VtIYOo3Vw6JlKMB8GA1UdIwQY
MBaAFP2JOBMHrl47G6hljNp+4q2kFBRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1lrNEV3ZXVYanNicUdXTTJuN2lyYVFVRkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kY2Y5YjctNmQ3Mi00NzVhLWJhYTct
NjQ2ZWU2ZGZhNmI2LzEvM1VQQ0FUM0tmQnh3ejVXMGhnNmpkWERvbVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9kY2Y5YjctNmQ3Mi00NzVhLWJhYTctNjQ2ZWU2ZGZhNmI2
LzEvX1lrNEV3ZXVYanNicUdXTTJuN2lyYVFVRkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwSoXMA8E
AgACMAkDBwAqEOXAAAAwDQYJKoZIhvcNAQELBQADggEBAF5+3LtElXqN2fd+GLnT
9s+cj0Wh9Xym+q8A49HMq0gi5gUqUL2CMGuLYmEOg3uUYcVjfL3/xKIAcJAkDLFJ
pdhGnVDzJaTsXpqhSYf+LRxQGyO11Uu/1gpgF4peuAy6849PuuFxWxh5MFmsANx7
njUEVWfsE1Uq83dcR6FxLqG1ZZAppq2RCQ8jvp0VTPh5i8M5T3fDvA7n04jf2AWB
FrWYBrvpxd5d/MY5pXAIHj++QGywL/KaC4MscgjGzGy1TehhIz6k4ZAVg852eDqz
peOj8UpUJwYWLxFCEcnrywwPcqGOtmWOdqD6HAXpjC89Fxr/ZhTi1RgGgdF52E97
rws=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:37 2024 by rpki-client on console-fra.rpki-client.org