Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/dKeX27qCFC-TpRxB_Tw6xX7skdQ.roa
File: dKeX27qCFC-TpRxB_Tw6xX7skdQ.roa (raw, json)
Hash identifier: DDo9dh8yOlct/TEhZIcZV2+H7dp5Vev0PCsp1Eu3vTI=
Subject key identifier: 74:A7:97:DB:BA:82:14:2F:93:A5:1C:41:FD:3C:3A:C5:7E:EC:91:D4
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 01856D819F4C27BF35A0F6C320CB84D6C946
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/dKeX27qCFC-TpRxB_Tw6xX7skdQ.roa
Signing time: Sun 01 Jan 2023 13:24:49 +0000
ROA not before: Sun 01 Jan 2023 13:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6453
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:9f:4c:27:bf:35:a0:f6:c3:20:cb:84:d6:c9:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 13:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74a797dbba82142f93a51c41fd3c3ac57eec91d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:17:23:42:b3:9a:87:43:36:e6:40:d1:3b:d7:
72:83:9f:28:f6:be:66:02:1a:8b:0e:a2:89:fe:f3:
d4:64:1c:0f:1d:32:56:63:21:1f:fb:08:3a:1f:96:
0f:54:60:14:de:23:58:6d:7e:e9:45:e0:8f:47:19:
63:37:a0:e5:3c:a5:c2:3c:bc:e8:89:f5:21:cb:e2:
e1:f0:34:c8:0a:0c:2a:2e:a9:b3:62:73:2b:7d:66:
dc:cf:b6:f0:2c:3c:dc:ba:96:b5:ec:24:73:66:3f:
12:00:50:2f:7b:df:71:2b:91:a4:6f:29:75:53:31:
6a:0a:e0:78:5c:0c:d7:4b:2e:ec:92:3d:5b:14:79:
83:83:96:00:c8:8f:66:b7:df:d6:59:1c:8c:10:f6:
90:1e:56:35:15:49:8f:cc:6b:83:d2:a2:d6:90:03:
cf:26:62:98:bc:6a:4c:5e:d1:1e:da:6c:86:5b:7a:
a7:da:98:59:e0:b1:5d:ab:77:3f:ff:e4:26:24:bb:
e2:51:c4:b2:b8:fa:a9:c5:79:70:07:e9:c0:40:4d:
2d:6a:1f:70:fc:be:7d:df:71:6a:56:93:9a:b2:46:
8c:be:26:e9:da:3e:68:4c:92:fc:28:57:89:f2:75:
53:87:e1:42:5d:c7:cb:ff:e7:13:33:d8:33:3a:5f:
97:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A7:97:DB:BA:82:14:2F:93:A5:1C:41:FD:3C:3A:C5:7E:EC:91:D4
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/dKeX27qCFC-TpRxB_Tw6xX7skdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:86:8b:43:3e:fd:e1:18:a7:a5:2b:2c:42:d2:45:f5:2e:18:
1b:ff:ec:66:79:6d:c9:65:8e:dd:3b:03:f5:fa:2f:0d:3f:83:
e4:b3:87:4d:92:69:36:ea:d0:2c:a0:df:6b:33:5d:6d:27:e6:
bd:57:34:8a:c3:a9:6f:ce:62:cc:a7:0d:79:ca:8d:f3:41:1a:
e8:a8:f4:c7:97:be:41:49:ad:af:74:19:51:12:ba:a8:71:0b:
65:00:e5:15:85:c0:93:0f:a6:7b:67:ee:ab:f3:a6:00:5c:2d:
7b:ea:c2:c8:4e:0c:bf:e3:7b:cb:12:aa:dd:fb:c3:a5:dd:72:
b8:f8:2a:45:e2:e7:c6:70:1b:5c:b0:0f:a6:c4:46:f6:f8:6e:
33:1e:86:f3:ac:e9:bc:95:58:4b:61:64:a7:31:21:fc:c5:b5:
70:40:34:60:6b:3c:74:61:2a:59:6a:cf:32:b7:56:7f:fa:18:
e9:cb:25:02:bb:b5:4f:b1:10:47:22:ba:54:2c:55:2c:76:c4:
03:4b:5b:f8:a7:a4:57:c4:4d:73:69:04:34:51:9c:c0:ef:ff:
1c:96:63:34:d1:16:67:02:36:7d:7b:64:8e:1b:e3:b4:22:b5:
63:4e:f8:b9:ed:01:4e:5c:01:46:62:0a:3d:48:37:c2:d3:e2:
aa:a8:1f:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtgZ9MJ781oPbDIMuE1slGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjMwMTAxMTMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGE3OTdkYmJhODIxNDJmOTNhNTFjNDFmZDNjM2FjNTdlZWM5MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBcjQrOah0M25kDRO9dyg58o9r5m
AhqLDqKJ/vPUZBwPHTJWYyEf+wg6H5YPVGAU3iNYbX7pReCPRxljN6DlPKXCPLzo
ifUhy+Lh8DTICgwqLqmzYnMrfWbcz7bwLDzcupa17CRzZj8SAFAve99xK5Gkbyl1
UzFqCuB4XAzXSy7skj1bFHmDg5YAyI9mt9/WWRyMEPaQHlY1FUmPzGuD0qLWkAPP
JmKYvGpMXtEe2myGW3qn2phZ4LFdq3c//+QmJLviUcSyuPqpxXlwB+nAQE0tah9w
/L5933FqVpOaskaMvibp2j5oTJL8KFeJ8nVTh+FCXcfL/+cTM9gzOl+XewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHSnl9u6ghQvk6UcQf08OsV+7JHUMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvZEtlWDI3cUNGQy1UcFJ4Ql9UdzZ4WDdza2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQA9hotDPv3hGKelKyxC
0kX1Lhgb/+xmeW3JZY7dOwP1+i8NP4Pks4dNkmk26tAsoN9rM11tJ+a9VzSKw6lv
zmLMpw15yo3zQRroqPTHl75BSa2vdBlRErqocQtlAOUVhcCTD6Z7Z+6r86YAXC17
6sLITgy/43vLEqrd+8Ol3XK4+CpF4ufGcBtcsA+mxEb2+G4zHobzrOm8lVhLYWSn
MSH8xbVwQDRgazx0YSpZas8yt1Z/+hjpyyUCu7VPsRBHIrpULFUsdsQDS1v4p6RX
xE1zaQQ0UZzA7/8clmM00RZnAjZ9e2SOG+O0IrVjTvi57QFOXAFGYgo9SDfC0+Kq
qB+W
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:39 2024 by rpki-client on console-ams.rpki-client.org