Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/dKKfJiKkjuuT3LTTkG2gM38bpr8.roa
File: dKKfJiKkjuuT3LTTkG2gM38bpr8.roa (raw, json)
Hash identifier: xENakNwcJcG1uSLP4/ZSPCH536vp/muyb2E3cq/ivRI=
Subject key identifier: 74:A2:9F:26:22:A4:8E:EB:93:DC:B4:D3:90:6D:A0:33:7F:1B:A6:BF
Certificate issuer: /CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Certificate serial: 01856ED4C8D6525EBDAF13893CAF64921883
Authority key identifier: B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/dKKfJiKkjuuT3LTTkG2gM38bpr8.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42073
IP address blocks: 194.169.233.0/24 maxlen: 24
185.64.92.0/22 maxlen: 22
194.102.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c8:d6:52:5e:bd:af:13:89:3c:af:64:92:18:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b15e3dc0ebfb10ebb94197454732ef786ac75b70
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=74a29f2622a48eeb93dcb4d3906da0337f1ba6bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:46:c4:02:98:45:35:1f:31:44:65:c1:10:a3:
42:24:c4:d4:6d:42:23:ab:02:49:8e:b1:d6:d4:9e:
23:4c:41:ae:2e:ad:ad:10:d5:93:78:8a:e1:f0:58:
a9:2f:20:7e:28:a3:85:56:be:ff:8f:28:84:fc:f8:
4c:ff:b5:74:09:77:82:2c:4c:89:c4:8a:a7:1b:05:
e2:6d:ca:6a:d9:a6:2f:f6:e0:cd:a8:5f:1d:e2:39:
c2:41:6b:3f:15:f3:85:fa:3f:5b:51:0f:be:f5:d5:
56:d4:1e:ef:69:8b:f8:eb:4a:de:84:e2:e6:3e:9a:
43:f0:21:d2:00:61:1b:0a:c6:44:99:0c:18:0d:d3:
db:9c:6a:38:3e:a2:29:0d:6c:25:d6:ca:7f:d6:05:
3f:0e:17:04:63:6b:a7:0e:e3:88:da:33:3d:04:82:
bd:00:d1:08:ee:b9:65:36:0b:f9:33:53:d9:65:85:
91:40:2b:23:a5:71:74:dd:94:08:b8:57:15:07:05:
ba:df:ba:8e:26:f4:84:45:ce:5c:a1:c0:6c:37:49:
e2:2f:27:58:b1:4f:33:28:56:5b:34:67:14:4d:6f:
b5:23:db:09:6e:35:0f:1f:11:77:e6:8b:5c:62:af:
7c:c8:aa:f1:c7:f0:9d:14:3a:d1:f0:a0:88:3f:8c:
3b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:A2:9F:26:22:A4:8E:EB:93:DC:B4:D3:90:6D:A0:33:7F:1B:A6:BF
X509v3 Authority Key Identifier:
keyid:B1:5E:3D:C0:EB:FB:10:EB:B9:41:97:45:47:32:EF:78:6A:C7:5B:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sV49wOv7EOu5QZdFRzLveGrHW3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/dKKfJiKkjuuT3LTTkG2gM38bpr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/4adc3b-3bd3-4547-8006-1d007be9cdd8/1/sV49wOv7EOu5QZdFRzLveGrHW3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.92.0/22
194.102.202.0/24
194.169.233.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d7:00:0d:2a:85:f7:7f:62:c2:1c:09:4b:12:6d:9b:6a:73:
b7:da:18:53:9a:92:17:f2:ab:6a:1a:9e:c1:6a:f2:62:fc:d0:
73:43:f2:9c:73:cd:2b:3b:7e:6a:c1:cc:00:25:92:8c:a5:bf:
b9:ee:ce:91:38:fa:91:a3:c7:ef:9f:b6:65:0d:96:db:9a:97:
13:d9:0e:15:2b:5b:91:76:25:98:2b:ac:85:8e:55:e3:85:01:
86:d8:76:ad:19:24:53:59:61:c9:4f:24:1c:a4:9e:e8:26:f0:
3b:e9:e0:48:c6:8a:c2:af:52:e3:19:96:42:86:5a:cd:e1:d7:
ad:b8:20:f0:c0:e0:7e:6f:c9:8e:7d:8f:16:f4:7d:cf:8e:9b:
94:e2:b0:4d:e9:51:46:ac:07:d1:da:be:88:bb:ad:39:1b:d2:
92:09:29:d1:86:e4:9d:59:01:00:a0:b9:37:3d:06:2e:bd:24:
c6:04:d1:29:7f:ae:05:8a:11:6a:7e:a7:2c:2b:67:06:f9:bc:
a1:96:3a:c5:0f:3d:b5:2b:16:0b:9e:d7:75:d0:41:40:c7:2b:
54:92:d5:e9:37:b3:c7:42:6d:80:5d:57:c5:2b:45:ef:b1:a7:
e1:e6:28:55:89:c5:dd:16:1f:37:79:7c:84:73:5d:67:4c:c9:
26:2a:0e:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1MjWUl69rxOJPK9kkhiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNWUzZGMwZWJmYjEwZWJiOTQxOTc0NTQ3MzJlZjc4NmFj
NzViNzAwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGEyOWYyNjIyYTQ4ZWViOTNkY2I0ZDM5MDZkYTAzMzdmMWJhNmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00bEAphFNR8xRGXBEKNCJMTUbUIj
qwJJjrHW1J4jTEGuLq2tENWTeIrh8FipLyB+KKOFVr7/jyiE/PhM/7V0CXeCLEyJ
xIqnGwXibcpq2aYv9uDNqF8d4jnCQWs/FfOF+j9bUQ++9dVW1B7vaYv460rehOLm
PppD8CHSAGEbCsZEmQwYDdPbnGo4PqIpDWwl1sp/1gU/DhcEY2unDuOI2jM9BIK9
ANEI7rllNgv5M1PZZYWRQCsjpXF03ZQIuFcVBwW637qOJvSERc5cocBsN0niLydY
sU8zKFZbNGcUTW+1I9sJbjUPHxF35otcYq98yKrxx/CdFDrR8KCIP4w7BwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHSinyYipI7rk9y005BtoDN/G6a/MB8GA1UdIwQY
MBaAFLFePcDr+xDruUGXRUcy73hqx1twMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYt
MWQwMDdiZTljZGQ4LzEvZEtLZkppS2tqdXVUM0xUVGtHMmdNMzhicHI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi80YWRjM2ItM2JkMy00NTQ3LTgwMDYtMWQwMDdiZTljZGQ4
LzEvc1Y0OXdPdjdFT3U1UVpkRlJ6THZlR3JIVzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuUBcAwQA
wmbKAwQAwqnpMA0GCSqGSIb3DQEBCwUAA4IBAQBi1wANKoX3f2LCHAlLEm2banO3
2hhTmpIX8qtqGp7BavJi/NBzQ/Kcc80rO35qwcwAJZKMpb+57s6ROPqRo8fvn7Zl
DZbbmpcT2Q4VK1uRdiWYK6yFjlXjhQGG2HatGSRTWWHJTyQcpJ7oJvA76eBIxorC
r1LjGZZChlrN4detuCDwwOB+b8mOfY8W9H3PjpuU4rBN6VFGrAfR2r6Iu605G9KS
CSnRhuSdWQEAoLk3PQYuvSTGBNEpf64FihFqfqcsK2cG+byhljrFDz21KxYLntd1
0EFAxytUktXpN7PHQm2AXVfFK0Xvsafh5ihVicXdFh83eXyEc11nTMkmKg5j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:17 2024 by rpki-client on console-fra.rpki-client.org