Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/u1DGzIHj4sKU8SglFmawNRcWh4g.roa
File: u1DGzIHj4sKU8SglFmawNRcWh4g.roa (raw, json)
Hash identifier: 8HitRBprvsqTTPLCkNxe/TvFAuWBFAykwpyFWFrKR2k=
Subject key identifier: BB:50:C6:CC:81:E3:E2:C2:94:F1:28:25:16:66:B0:35:17:16:87:88
Certificate issuer: /CN=83ad289621833dae86fdda62e4b9b09e29e078a0
Certificate serial: 0185728C66DC29DB841B110E3DEA56D5D6BC
Authority key identifier: 83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/u1DGzIHj4sKU8SglFmawNRcWh4g.roa
Signing time: Mon 02 Jan 2023 12:54:41 +0000
ROA not before: Mon 02 Jan 2023 12:54:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44180
IP address blocks: 193.34.116.0/22 maxlen: 24
185.144.204.0/22 maxlen: 24
46.227.88.0/21 maxlen: 24
185.98.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Mar 2023 04:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:66:dc:29:db:84:1b:11:0e:3d:ea:56:d5:d6:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83ad289621833dae86fdda62e4b9b09e29e078a0
Validity
Not Before: Jan 2 12:54:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bb50c6cc81e3e2c294f128251666b03517168788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9a:95:98:25:98:6d:fd:35:79:42:9b:f8:e8:
d7:5d:65:51:59:43:bd:46:a3:5e:d3:da:67:f6:93:
ca:78:ec:f6:7c:3a:9c:40:2e:38:67:5d:fc:0b:3e:
94:68:8e:2c:af:35:95:fe:0e:e5:9a:8f:e1:31:8b:
6b:82:c2:eb:21:43:f0:60:ed:d9:01:e3:be:e9:77:
2d:c2:5c:b4:af:11:b9:23:5e:e6:e9:d9:1c:aa:60:
f0:f6:2a:02:21:c9:9d:9f:ed:ba:df:5a:30:2c:32:
06:a2:22:24:3e:7b:2b:b8:80:5a:55:54:59:0c:d9:
97:ff:c9:31:91:27:7b:48:b0:a2:2c:ad:ae:fd:d9:
67:b5:d7:f2:70:4b:d4:a6:e2:e7:3d:b1:19:bb:2a:
02:c6:51:e4:af:b1:b9:30:dc:f5:80:19:85:95:fe:
37:27:1a:d9:48:06:ae:82:f3:e5:0f:1c:bc:68:bb:
3e:1e:02:a1:c6:40:41:8e:6a:ab:c3:36:ea:ec:5d:
54:99:aa:8a:67:b8:ff:f6:99:99:25:9d:57:34:76:
55:dc:e4:64:d1:01:f1:8c:76:4c:a3:f8:bc:d0:de:
0e:d6:68:e8:a4:91:ee:7b:d7:55:74:d5:08:6e:3c:
75:03:73:31:89:76:6a:63:0d:04:a0:dc:6b:97:00:
f2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:50:C6:CC:81:E3:E2:C2:94:F1:28:25:16:66:B0:35:17:16:87:88
X509v3 Authority Key Identifier:
keyid:83:AD:28:96:21:83:3D:AE:86:FD:DA:62:E4:B9:B0:9E:29:E0:78:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g60oliGDPa6G_dpi5LmwningeKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/u1DGzIHj4sKU8SglFmawNRcWh4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e1870f-9cb6-4339-aa38-0af4231da79a/1/g60oliGDPa6G_dpi5LmwningeKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.88.0/21
185.98.56.0/22
185.144.204.0/22
193.34.116.0/22
Signature Algorithm: sha256WithRSAEncryption
15:ac:56:9b:30:b4:24:e4:c3:5d:6f:34:54:b8:66:ae:fd:0e:
dc:a3:76:bc:d0:46:50:0e:e6:a1:07:4c:67:59:db:46:22:8f:
81:4b:1a:94:40:c3:2a:bd:8b:e2:cf:31:f4:8f:9a:64:bb:e2:
45:df:31:1f:b5:5a:c0:78:be:75:09:59:3e:fc:0b:59:89:89:
a0:77:b6:2f:b5:6c:4c:bc:89:5c:8d:32:d2:a0:56:1b:72:a6:
1e:1d:ff:31:8c:2d:f0:0d:f1:44:95:0b:99:98:fe:14:59:d9:
ee:0a:0c:0f:27:dd:dc:0c:57:27:ec:c5:1b:c3:7f:b8:9c:5d:
c1:cc:58:a0:b1:9d:3e:6b:46:27:d8:9f:76:40:8c:8d:ef:5f:
52:49:8d:3d:a5:1a:f5:5a:74:22:dd:4c:24:a8:1e:c1:9a:10:
b9:ad:2e:10:ee:64:2a:dd:36:f7:12:f4:68:84:ee:90:1f:85:
95:bd:47:7d:9c:e9:59:de:a1:04:f3:86:65:16:ce:81:d4:22:
79:70:e0:af:6c:ee:46:bc:5b:94:13:78:9a:38:01:4d:8f:11:
da:08:1d:40:e7:e0:fb:0b:4c:d9:4c:0c:11:c1:60:40:b9:0d:
94:17:23:96:70:fe:96:6e:f4:4f:18:0a:d6:d3:fc:79:c5:ae:
a9:af:3b:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVyjGbcKduEGxEOPepW1da8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYWQyODk2MjE4MzNkYWU4NmZkZGE2MmU0YjliMDllMjll
MDc4YTAwHhcNMjMwMTAyMTI1NDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjUwYzZjYzgxZTNlMmMyOTRmMTI4MjUxNjY2YjAzNTE3MTY4Nzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJqVmCWYbf01eUKb+OjXXWVRWUO9
RqNe09pn9pPKeOz2fDqcQC44Z138Cz6UaI4srzWV/g7lmo/hMYtrgsLrIUPwYO3Z
AeO+6Xctwly0rxG5I17m6dkcqmDw9ioCIcmdn+2631owLDIGoiIkPnsruIBaVVRZ
DNmX/8kxkSd7SLCiLK2u/dlntdfycEvUpuLnPbEZuyoCxlHkr7G5MNz1gBmFlf43
JxrZSAaugvPlDxy8aLs+HgKhxkBBjmqrwzbq7F1UmaqKZ7j/9pmZJZ1XNHZV3ORk
0QHxjHZMo/i80N4O1mjopJHue9dVdNUIbjx1A3MxiXZqYw0EoNxrlwDyzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLtQxsyB4+LClPEoJRZmsDUXFoeIMB8GA1UdIwQY
MBaAFIOtKJYhgz2uhv3aYuS5sJ4p4HigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzYwb2xpR0RQYTZHX2RwaTVMbXduaW5nZUtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lMTg3MGYtOWNiNi00MzM5LWFhMzgt
MGFmNDIzMWRhNzlhLzEvdTFER3pJSGo0c0tVOFNnbEZtYXdOUmNXaDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lMTg3MGYtOWNiNi00MzM5LWFhMzgtMGFmNDIzMWRhNzlh
LzEvZzYwb2xpR0RQYTZHX2RwaTVMbXduaW5nZUtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDLuNYAwQC
uWI4AwQCuZDMAwQCwSJ0MA0GCSqGSIb3DQEBCwUAA4IBAQAVrFabMLQk5MNdbzRU
uGau/Q7co3a80EZQDuahB0xnWdtGIo+BSxqUQMMqvYvizzH0j5pku+JF3zEftVrA
eL51CVk+/AtZiYmgd7YvtWxMvIlcjTLSoFYbcqYeHf8xjC3wDfFElQuZmP4UWdnu
CgwPJ93cDFcn7MUbw3+4nF3BzFigsZ0+a0Yn2J92QIyN719SSY09pRr1WnQi3Uwk
qB7BmhC5rS4Q7mQq3Tb3EvRohO6QH4WVvUd9nOlZ3qEE84ZlFs6B1CJ5cOCvbO5G
vFuUE3iaOAFNjxHaCB1A5+D7C0zZTAwRwWBAuQ2UFyOWcP6WbvRPGArW0/x5xa6p
rzvk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:20 2024 by rpki-client on console-fra.rpki-client.org