Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DD4pd1HdYhMMbFkSQOxRmK7danQ.roa
File: DD4pd1HdYhMMbFkSQOxRmK7danQ.roa (raw, json)
Hash identifier: hFoTHQNC3wI+Zui5nLbUG4FmyA79KOjixSiqGlzj8y0=
Subject key identifier: 0C:3E:29:77:51:DD:62:13:0C:6C:59:12:40:EC:51:98:AE:DD:6A:74
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0189AB48DE7A441782C5AFF53A0F8413A5F3
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DD4pd1HdYhMMbFkSQOxRmK7danQ.roa
Signing time: Mon 31 Jul 2023 09:30:26 +0000
ROA not before: Mon 31 Jul 2023 09:30:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 194.233.56.0/22 maxlen: 22
195.179.252.0/22 maxlen: 22
195.179.248.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:48:de:7a:44:17:82:c5:af:f5:3a:0f:84:13:a5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jul 31 09:30:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c3e297751dd62130c6c591240ec5198aedd6a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:82:ca:f1:dd:8f:60:99:b2:e9:e6:3e:e7:
d5:79:4f:a2:70:c0:97:d1:ba:8f:0e:92:ad:ce:f7:
a7:63:6f:e5:07:7e:50:9f:7c:21:04:3d:4e:32:02:
7f:2e:8d:21:b5:39:d8:dd:f9:17:08:65:2d:15:c7:
d1:af:4d:d9:8d:c9:ae:f3:62:53:ec:4a:98:fc:3b:
9e:05:31:61:cd:1e:0d:a2:5e:b7:ea:a2:87:df:89:
0e:32:fe:b8:1d:28:f7:a1:dc:2d:ea:34:cf:e5:ed:
7b:dd:a2:af:dd:28:75:4f:42:84:01:24:05:43:2f:
90:60:4b:e9:b2:3e:b6:8d:7c:03:21:4e:6b:a9:2e:
ad:3e:32:75:1f:03:ad:f4:cd:45:7b:c9:27:32:cf:
e3:10:9b:45:a7:ee:1c:90:c4:8e:57:4f:6e:4b:df:
14:e2:c5:0a:0b:59:ec:8c:70:a2:22:ec:26:b9:6f:
bd:a0:3e:89:6e:7e:7c:38:04:bc:4f:8b:2b:56:d4:
ce:d6:f7:0a:1b:dc:3d:17:f1:01:1d:55:9a:54:fb:
4b:bd:04:a4:68:15:d6:45:3d:14:0b:a7:31:90:b9:
28:2b:77:b2:4b:fd:15:03:5a:80:15:c7:07:08:35:
30:e5:10:80:6f:4b:ff:88:36:33:c1:ce:5f:d1:44:
54:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:3E:29:77:51:DD:62:13:0C:6C:59:12:40:EC:51:98:AE:DD:6A:74
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/DD4pd1HdYhMMbFkSQOxRmK7danQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.56.0/22
195.179.248.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:2d:2b:ab:fd:1b:8b:d9:07:f5:5b:c9:7a:86:5d:e1:42:29:
cc:19:25:c5:95:9d:1b:24:b7:20:4d:1a:c8:f0:e1:16:b9:23:
74:71:d6:d7:08:0a:f5:67:82:14:e7:54:2c:2a:0b:aa:0b:18:
82:e0:e1:f8:32:d3:e4:37:d2:8e:d7:f7:b5:c6:e9:d0:3b:26:
34:3b:4a:ee:7e:1f:b3:12:ed:02:b3:dc:1b:3c:3b:11:22:05:
65:d0:51:cc:af:77:7e:5c:d9:c2:21:42:ab:e9:a7:3c:5a:61:
6d:eb:fb:04:fb:10:ad:ff:95:e5:e9:93:d0:fa:86:56:ef:fd:
5c:b0:02:4c:0a:04:74:90:44:7f:69:81:9c:0f:ef:d6:c3:ac:
63:0b:db:eb:9f:ac:87:d1:2d:c7:34:6a:4e:43:63:83:7e:a3:
c1:68:58:fa:c0:ef:f2:41:9e:1b:30:f1:32:85:ac:15:d8:9e:
63:0a:b5:52:50:4c:a5:df:0f:20:68:5f:85:87:84:fe:76:f4:
60:5f:40:9f:18:24:e2:a9:23:0f:57:bb:95:a0:45:fd:3e:1e:
a8:d2:8f:ab:48:fc:74:16:af:65:32:e7:fa:e6:48:35:4c:9e:
09:38:c5:36:e6:95:84:b0:fa:e2:43:1e:15:cb:6c:35:0d:8a:
2e:3c:68:9a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmrSN56RBeCxa/1Og+EE6XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwNzMxMDkzMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzNlMjk3NzUxZGQ2MjEzMGM2YzU5MTI0MGVjNTE5OGFlZGQ2YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGCyvHdj2CZsunmPufVeU+icMCX
0bqPDpKtzvenY2/lB35Qn3whBD1OMgJ/Lo0htTnY3fkXCGUtFcfRr03Zjcmu82JT
7EqY/DueBTFhzR4Nol636qKH34kOMv64HSj3odwt6jTP5e173aKv3Sh1T0KEASQF
Qy+QYEvpsj62jXwDIU5rqS6tPjJ1HwOt9M1Fe8knMs/jEJtFp+4ckMSOV09uS98U
4sUKC1nsjHCiIuwmuW+9oD6Jbn58OAS8T4srVtTO1vcKG9w9F/EBHVWaVPtLvQSk
aBXWRT0UC6cxkLkoK3eyS/0VA1qAFccHCDUw5RCAb0v/iDYzwc5f0URUnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAw+KXdR3WITDGxZEkDsUZiu3Wp0MB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvREQ0cGQxSGRZaE1NYkZrU1FPeFJtSzdkYW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwuk4AwQD
w7P4MA0GCSqGSIb3DQEBCwUAA4IBAQBqLSur/RuL2Qf1W8l6hl3hQinMGSXFlZ0b
JLcgTRrI8OEWuSN0cdbXCAr1Z4IU51QsKguqCxiC4OH4MtPkN9KO1/e1xunQOyY0
O0rufh+zEu0Cs9wbPDsRIgVl0FHMr3d+XNnCIUKr6ac8WmFt6/sE+xCt/5Xl6ZPQ
+oZW7/1csAJMCgR0kER/aYGcD+/Ww6xjC9vrn6yH0S3HNGpOQ2ODfqPBaFj6wO/y
QZ4bMPEyhawV2J5jCrVSUEyl3w8gaF+Fh4T+dvRgX0CfGCTiqSMPV7uVoEX9Ph6o
0o+rSPx0Fq9lMuf65kg1TJ4JOMU25pWEsPriQx4Vy2w1DYouPGia
-----END CERTIFICATE-----
Generated at Mon Jul 31 10:58:45 2023 by rpki-client on console-ams.rpki-client.org