Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/3Dh6egIm2s8k2HFShcFF_sShaqo.roa
File: 3Dh6egIm2s8k2HFShcFF_sShaqo.roa (raw, json)
Hash identifier: dUh1gVEeoi7mSG93nE4c4IBNRTvjeZm09gXd293edUA=
Subject key identifier: DC:38:7A:7A:02:26:DA:CF:24:D8:71:52:85:C1:45:FE:C4:A1:6A:AA
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 01856E78CBF4B8E81764908DB4EB65CE39EF
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/3Dh6egIm2s8k2HFShcFF_sShaqo.roa
Signing time: Sun 01 Jan 2023 17:54:48 +0000
ROA not before: Sun 01 Jan 2023 17:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 84.33.14.0/24 maxlen: 24
84.33.244.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:78:cb:f4:b8:e8:17:64:90:8d:b4:eb:65:ce:39:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 1 17:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc387a7a0226dacf24d8715285c145fec4a16aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:da:61:db:ad:41:bb:ff:67:8c:98:4c:07:b3:
1b:cd:76:e6:4f:79:fe:09:ad:5e:00:c2:05:b1:0b:
1d:e9:e5:dc:45:01:3f:29:fb:9f:e7:2b:ce:4d:08:
15:5a:35:96:de:25:2d:4a:3c:fa:4f:07:eb:d0:95:
8a:18:d6:dc:00:d7:01:98:1e:e3:6d:a9:e8:41:90:
64:bf:51:85:88:5c:ec:62:4a:8a:3f:fd:71:54:b0:
69:37:b2:88:2a:93:5b:a0:fa:4d:a6:c8:5e:9d:47:
ea:95:f5:2d:eb:97:f4:0b:df:90:0d:00:d3:b6:b5:
6a:1f:79:fe:76:0e:e7:ec:7b:00:20:15:f9:57:7b:
90:5c:c1:3a:49:56:9c:c9:cf:47:d7:ce:14:14:f9:
57:f9:85:f0:55:cf:96:53:a6:37:7c:a5:de:49:5d:
df:e4:84:28:f5:06:fc:cb:a3:c9:87:c8:b7:e4:09:
70:eb:79:db:a7:58:dd:31:f4:54:8d:44:97:dc:73:
0f:04:31:14:41:f9:b0:df:34:fa:1e:e6:40:1d:90:
66:35:b5:f4:a2:fb:20:b5:bb:43:f9:ff:b2:20:df:
de:db:5d:8c:2b:82:19:9c:fd:19:37:e4:b4:f9:35:
50:69:32:51:09:c9:37:bf:c5:93:4c:12:54:b9:ee:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:38:7A:7A:02:26:DA:CF:24:D8:71:52:85:C1:45:FE:C4:A1:6A:AA
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/3Dh6egIm2s8k2HFShcFF_sShaqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.33.14.0/24
84.33.244.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:c2:10:47:8f:ad:f0:8e:3d:11:43:20:96:6d:a9:5d:a1:bb:
84:83:45:5e:f6:74:16:fc:6b:2f:1a:5f:4c:63:3b:29:0b:b3:
70:8f:e5:23:bc:b3:2e:eb:2b:b1:d4:d2:89:e0:35:c1:1f:6a:
f8:17:69:ca:07:cf:f2:7e:a8:27:f0:42:8c:70:ed:df:c0:cd:
69:2e:6b:a5:76:be:c4:ef:fa:7e:82:a8:e1:43:70:6d:3c:8c:
7f:44:f9:91:82:0e:5d:4a:e0:9b:f9:5f:da:b9:03:40:c6:08:
b8:59:bc:95:34:d3:5a:26:b2:e0:39:e9:82:b0:7f:5b:9e:3e:
13:43:64:68:82:d6:88:f4:35:aa:b3:b4:26:88:0d:0c:f4:d2:
c0:e9:77:4a:1d:c4:5a:fc:76:b6:18:63:89:2a:9a:ee:9d:05:
57:26:d6:38:1f:0a:3f:a9:39:2d:33:bc:00:97:89:49:f5:96:
4d:dd:d0:6b:a9:60:47:f2:91:43:02:27:aa:2f:2d:a4:a9:42:
7e:6b:4d:72:6e:a7:80:3b:33:87:68:44:68:36:43:80:64:5f:
15:9f:25:90:30:11:7b:bb:9a:ab:d6:cb:9d:32:1a:60:95:33:
79:30:da:20:23:51:77:7f:83:ed:29:06:f9:1b:e0:02:d2:87:
ad:d9:9b:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVueMv0uOgXZJCNtOtlzjnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZWJjOWJmZWYyYjRkMjNmMTk1MTNiZmQ0ZDYwYmI3OThm
NWE1OWQwHhcNMjMwMTAxMTc1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM4N2E3YTAyMjZkYWNmMjRkODcxNTI4NWMxNDVmZWM0YTE2YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtph261Bu/9njJhMB7MbzXbmT3n+
Ca1eAMIFsQsd6eXcRQE/Kfuf5yvOTQgVWjWW3iUtSjz6Twfr0JWKGNbcANcBmB7j
banoQZBkv1GFiFzsYkqKP/1xVLBpN7KIKpNboPpNpshenUfqlfUt65f0C9+QDQDT
trVqH3n+dg7n7HsAIBX5V3uQXME6SVacyc9H184UFPlX+YXwVc+WU6Y3fKXeSV3f
5IQo9Qb8y6PJh8i35Alw63nbp1jdMfRUjUSX3HMPBDEUQfmw3zT6HuZAHZBmNbX0
ovsgtbtD+f+yIN/e212MK4IZnP0ZN+S0+TVQaTJRCck3v8WTTBJUue6oeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNw4enoCJtrPJNhxUoXBRf7EoWqqMB8GA1UdIwQY
MBaAFKrryb/vK00j8ZUTv9TWC7eY9aWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2Nzkt
MTFhZmI0OTkyZWVmLzEvM0RoNmVnSW0yczhrMkhGU2hjRkZfc1NoYXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9mYjEyODktNGQxNC00MGYwLTk2NzktMTFhZmI0OTkyZWVm
LzEvcXV2SnYtOHJUU1B4bFJPXzFOWUx0NWoxcFowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCEOAwQB
VCH0MA0GCSqGSIb3DQEBCwUAA4IBAQBdwhBHj63wjj0RQyCWbaldobuEg0Ve9nQW
/GsvGl9MYzspC7Nwj+UjvLMu6yux1NKJ4DXBH2r4F2nKB8/yfqgn8EKMcO3fwM1p
Lmuldr7E7/p+gqjhQ3BtPIx/RPmRgg5dSuCb+V/auQNAxgi4WbyVNNNaJrLgOemC
sH9bnj4TQ2RogtaI9DWqs7QmiA0M9NLA6XdKHcRa/Ha2GGOJKprunQVXJtY4Hwo/
qTktM7wAl4lJ9ZZN3dBrqWBH8pFDAieqLy2kqUJ+a01ybqeAOzOHaERoNkOAZF8V
nyWQMBF7u5qr1sudMhpglTN5MNogI1F3f4PtKQb5G+AC0oet2Zsh
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:47 2024 by rpki-client on console-fra.rpki-client.org