Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/_DImHyMxAuQoCGa_BxrMifJ12So.roa
File: _DImHyMxAuQoCGa_BxrMifJ12So.roa (raw, json)
Hash identifier: 2QKyhHb0s6s1ulAG5ZPWiy79jeWAbhx4ZCJxcl8nHd8=
Subject key identifier: FC:32:26:1F:23:31:02:E4:28:08:66:BF:07:1A:CC:89:F2:75:D9:2A
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018D402178038467A28FE90AB1C6780E4D36
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/_DImHyMxAuQoCGa_BxrMifJ12So.roa
Signing time: Thu 25 Jan 2024 10:19:11 +0000
ROA not before: Thu 25 Jan 2024 10:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.152.0/22 maxlen: 22
194.64.164.0/22 maxlen: 22
194.163.192.0/20 maxlen: 20
195.180.196.0/22 maxlen: 22
195.180.224.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 13 Mar 2024 15:39:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:40:21:78:03:84:67:a2:8f:e9:0a:b1:c6:78:0e:4d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 25 10:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc32261f233102e4280866bf071acc89f275d92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b3:5c:19:6b:50:e3:77:41:9f:dc:e4:d5:77:
d0:69:fb:fd:81:f1:74:1d:10:e6:e9:54:8f:46:f1:
8d:08:fa:39:bf:9a:1f:62:b8:a9:97:86:98:eb:0d:
6a:b5:2e:0b:02:1b:f4:01:bb:e3:85:ca:c9:1d:03:
69:a4:6f:ed:35:8a:f4:40:42:90:24:bc:2d:26:2c:
24:a8:6b:5c:a8:20:6b:3d:b5:68:34:d9:c4:58:8f:
5e:4c:48:20:a6:e7:89:1b:d1:e4:aa:15:8d:c5:c7:
41:43:75:f5:f7:a6:b7:24:c6:42:f8:26:a5:67:a1:
00:da:3c:bc:77:ef:a3:76:e8:ce:65:d0:9f:98:a7:
ff:35:58:fa:e0:b6:39:ea:51:46:74:11:a3:ac:af:
52:32:8a:e8:0c:fb:6e:5e:6b:e7:22:57:ff:5e:a9:
04:71:d0:db:d2:61:8f:d2:ec:e9:8e:75:7e:3b:47:
96:5d:a5:a5:65:67:4e:d1:8c:d3:3c:72:70:5a:03:
e0:aa:0e:b8:ec:64:e7:5d:a5:f7:7e:05:a8:e8:07:
7c:28:5f:b2:06:a3:2c:07:93:3f:36:bd:59:8d:e5:
90:c8:15:01:cd:87:50:b1:e4:16:63:c3:02:ca:63:
69:b8:ae:05:34:1d:39:1f:c6:19:29:30:3a:66:86:
4c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:32:26:1F:23:31:02:E4:28:08:66:BF:07:1A:CC:89:F2:75:D9:2A
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/_DImHyMxAuQoCGa_BxrMifJ12So.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.152.0/22
194.64.164.0/22
194.163.192.0/20
195.180.196.0/22
195.180.224.0/22
Signature Algorithm: sha256WithRSAEncryption
60:2c:77:39:6a:3e:0b:ef:a2:ec:0e:4b:48:3f:4b:0d:a3:75:
41:27:5b:cb:ca:0e:b0:12:4a:bc:6d:e0:e1:0a:33:ef:12:38:
b7:38:a5:9f:3c:c4:a8:be:81:5b:da:47:2f:23:fd:f3:0b:5b:
17:f6:55:36:98:8e:68:86:e5:f0:57:90:88:57:81:17:b4:4b:
61:d2:59:40:20:fd:bc:48:18:ef:7a:c3:31:3c:64:84:d8:ef:
65:e6:dc:4d:9c:4e:5e:e0:7c:5a:92:d5:19:9d:04:fd:a8:b9:
35:8f:fd:12:07:58:cf:98:e3:12:24:98:af:8d:c1:3d:ad:5e:
f6:02:05:cb:30:b7:23:47:d8:cb:fc:ce:82:91:7e:1f:90:bf:
f2:7a:b4:0e:49:d3:e5:99:01:62:65:57:d5:9d:0e:fb:0a:d2:
a1:2f:c1:66:37:1d:e4:16:2b:76:1b:21:38:17:1b:70:d4:c4:
fa:68:ee:f1:72:8a:d6:92:82:c6:cf:f2:51:8b:fc:97:84:0e:
05:b4:d4:60:6c:99:b3:57:b0:a0:a7:e0:dd:4e:c5:05:14:ee:
49:bd:a6:d6:64:80:ea:8d:b4:a9:00:ce:06:d6:2d:8b:2f:ee:
f6:3a:7f:e4:de:9a:58:ea:89:39:ca:bf:ee:a6:5f:a8:d3:49:
d4:8d:42:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1AIXgDhGeij+kKscZ4Dk02MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTI1MTAxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzMyMjYxZjIzMzEwMmU0MjgwODY2YmYwNzFhY2M4OWYyNzVkOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbNcGWtQ43dBn9zk1XfQafv9gfF0
HRDm6VSPRvGNCPo5v5ofYripl4aY6w1qtS4LAhv0AbvjhcrJHQNppG/tNYr0QEKQ
JLwtJiwkqGtcqCBrPbVoNNnEWI9eTEggpueJG9HkqhWNxcdBQ3X196a3JMZC+Cal
Z6EA2jy8d++jdujOZdCfmKf/NVj64LY56lFGdBGjrK9SMoroDPtuXmvnIlf/XqkE
cdDb0mGP0uzpjnV+O0eWXaWlZWdO0YzTPHJwWgPgqg647GTnXaX3fgWo6Ad8KF+y
BqMsB5M/Nr1ZjeWQyBUBzYdQseQWY8MCymNpuK4FNB05H8YZKTA6ZoZM5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPwyJh8jMQLkKAhmvwcazInyddkqMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvX0RJbUh5TXhBdVFvQ0dhX0J4ck1pZkoxMlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwkCYAwQC
wkCkAwQEwqPAAwQCw7TEAwQCw7TgMA0GCSqGSIb3DQEBCwUAA4IBAQBgLHc5aj4L
76LsDktIP0sNo3VBJ1vLyg6wEkq8beDhCjPvEji3OKWfPMSovoFb2kcvI/3zC1sX
9lU2mI5ohuXwV5CIV4EXtEth0llAIP28SBjvesMxPGSE2O9l5txNnE5e4HxaktUZ
nQT9qLk1j/0SB1jPmOMSJJivjcE9rV72AgXLMLcjR9jL/M6CkX4fkL/yerQOSdPl
mQFiZVfVnQ77CtKhL8FmNx3kFit2GyE4Fxtw1MT6aO7xcorWkoLGz/JRi/yXhA4F
tNRgbJmzV7Cgp+DdTsUFFO5JvabWZIDqjbSpAM4G1i2LL+72On/k3ppY6ok5yr/u
pl+o00nUjULd
-----END CERTIFICATE-----
Generated at Wed Mar 13 19:59:48 2024 by rpki-client on console-ams.rpki-client.org