Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/0vkvjjnNQhKDy6zrQgX83oQdK40.roa
File: 0vkvjjnNQhKDy6zrQgX83oQdK40.roa (raw, json)
Hash identifier: XRgrt2eIi3fWC1BrjCgcirh+vA9oa+uyCA54IaZDfRM=
Subject key identifier: D2:F9:2F:8E:39:CD:42:12:83:CB:AC:EB:42:05:FC:DE:84:1D:2B:8D
Certificate issuer: /CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Certificate serial: 018AD6E7C1747B7675E162101B4C19DBFFA7
Authority key identifier: DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/0vkvjjnNQhKDy6zrQgX83oQdK40.roa
Signing time: Wed 27 Sep 2023 13:50:27 +0000
ROA not before: Wed 27 Sep 2023 13:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207572
IP address blocks: 193.17.15.0/24 maxlen: 24
193.17.23.0/24 maxlen: 24
193.17.20.0/24 maxlen: 24
193.17.3.0/24 maxlen: 24
2a0f:74c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d6:e7:c1:74:7b:76:75:e1:62:10:1b:4c:19:db:ff:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc8a3a43301cd2c8047eb8544f80ab4ffcfe9acf
Validity
Not Before: Sep 27 13:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2f92f8e39cd421283cbaceb4205fcde841d2b8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cc:0f:e4:a8:6c:e2:62:c9:71:7d:25:9a:55:
e2:d7:98:f5:fc:cf:d5:71:be:a8:df:14:14:1b:85:
44:d6:4f:bf:3e:01:7a:8e:19:67:88:eb:88:dd:00:
e0:9d:d0:26:40:8d:88:0a:47:f2:cb:ad:ad:b2:87:
86:57:f7:23:32:d4:80:d1:73:a5:de:8b:51:45:c5:
08:d0:f2:bf:bb:72:a7:c2:72:f9:19:c9:a1:f6:40:
3f:62:df:8f:44:a8:6d:29:b7:02:10:4d:94:01:fb:
43:73:0f:51:b8:7c:42:e6:48:1f:b9:c7:04:43:67:
67:88:fb:82:c6:99:22:79:ca:f3:dc:08:72:f3:86:
00:94:e4:a4:df:56:84:c7:2e:8d:43:1d:47:26:8b:
73:cd:5d:dc:2a:0c:69:7f:03:0e:24:d4:fc:25:f1:
3e:86:e9:6d:81:da:d0:60:e9:aa:ba:8e:55:0a:b4:
55:f3:b8:2e:db:ec:3e:39:dc:e6:0b:10:4b:49:16:
f7:81:e1:3d:bc:09:6d:6d:b7:e9:ea:32:0b:d4:95:
e9:04:b5:d5:dd:f9:cc:67:d8:5e:40:60:c7:a5:6a:
cf:76:eb:32:dd:15:f9:9e:2b:82:d8:f8:c0:1b:2b:
d1:66:c9:01:cf:95:70:89:2c:de:09:1d:5a:13:13:
f7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F9:2F:8E:39:CD:42:12:83:CB:AC:EB:42:05:FC:DE:84:1D:2B:8D
X509v3 Authority Key Identifier:
keyid:DC:8A:3A:43:30:1C:D2:C8:04:7E:B8:54:4F:80:AB:4F:FC:FE:9A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Io6QzAc0sgEfrhUT4CrT_z-ms8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/0vkvjjnNQhKDy6zrQgX83oQdK40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/df0ff3-561e-4f77-a7dd-fe844060a46d/1/3Io6QzAc0sgEfrhUT4CrT_z-ms8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.3.0/24
193.17.15.0/24
193.17.20.0/24
193.17.23.0/24
IPv6:
2a0f:74c0::/29
Signature Algorithm: sha256WithRSAEncryption
e0:48:65:c4:31:2b:f5:29:cf:70:0a:66:6b:f1:6f:d3:57:5f:
8c:e1:c7:7a:cc:9a:79:93:c0:d3:23:cc:ab:51:13:a7:93:72:
9d:a1:a6:52:ed:29:16:60:3c:1e:5f:b3:cf:23:f9:fb:48:9b:
7e:76:56:cb:a0:ce:5e:01:3d:24:5c:50:e2:bc:b3:c7:44:55:
50:f6:73:f6:a2:04:46:48:fb:4b:c1:ec:35:a9:69:46:67:87:
de:b4:87:8a:6f:b4:3e:d3:1f:0f:6a:75:9c:1a:d9:c7:21:7f:
ec:64:85:2d:7f:63:a2:31:cc:65:b5:26:7c:bf:06:19:31:3c:
37:45:27:90:5a:84:e3:ab:b4:0d:d3:83:2c:d3:d2:76:48:d9:
aa:18:ab:96:34:4f:52:9b:1d:7a:2e:a0:7a:d5:bd:18:d8:7b:
f8:68:0d:fa:e9:62:3a:28:db:f6:9f:ea:6f:e7:93:c5:75:f6:
49:c1:77:10:af:af:48:de:c5:80:93:82:86:29:fa:8b:e5:12:
0e:be:77:9b:4d:3e:17:91:6c:c7:a9:b1:0c:70:a9:62:6b:5e:
63:ba:f4:18:d1:4c:e2:25:e5:3b:e7:e1:58:8c:3e:20:0b:66:
e9:d7:9c:98:a3:08:28:10:5f:fe:79:9a:66:26:85:79:7e:9b:
b4:1f:7d:3c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYrW58F0e3Z14WIQG0wZ2/+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOGEzYTQzMzAxY2QyYzgwNDdlYjg1NDRmODBhYjRmZmNm
ZTlhY2YwHhcNMjMwOTI3MTM1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY5MmY4ZTM5Y2Q0MjEyODNjYmFjZWI0MjA1ZmNkZTg0MWQyYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmswP5Khs4mLJcX0lmlXi15j1/M/V
cb6o3xQUG4VE1k+/PgF6jhlniOuI3QDgndAmQI2ICkfyy62tsoeGV/cjMtSA0XOl
3otRRcUI0PK/u3KnwnL5Gcmh9kA/Yt+PRKhtKbcCEE2UAftDcw9RuHxC5kgfuccE
Q2dniPuCxpkiecrz3Ahy84YAlOSk31aExy6NQx1HJotzzV3cKgxpfwMOJNT8JfE+
hultgdrQYOmquo5VCrRV87gu2+w+OdzmCxBLSRb3geE9vAltbbfp6jIL1JXpBLXV
3fnMZ9heQGDHpWrPdusy3RX5niuC2PjAGyvRZskBz5VwiSzeCR1aExP3gQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNL5L445zUISg8us60IF/N6EHSuNMB8GA1UdIwQY
MBaAFNyKOkMwHNLIBH64VE+Aq0/8/prPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQt
ZmU4NDQwNjBhNDZkLzEvMHZrdmpqbk5RaEtEeTZ6clFnWDgzb1FkSzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kZjBmZjMtNTYxZS00Zjc3LWE3ZGQtZmU4NDQwNjBhNDZk
LzEvM0lvNlF6QWMwc2dFZnJoVVQ0Q3JUX3otbXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwREDAwQA
wREPAwQAwREUAwQAwREXMA0EAgACMAcDBQMqD3TAMA0GCSqGSIb3DQEBCwUAA4IB
AQDgSGXEMSv1Kc9wCmZr8W/TV1+M4cd6zJp5k8DTI8yrUROnk3KdoaZS7SkWYDwe
X7PPI/n7SJt+dlbLoM5eAT0kXFDivLPHRFVQ9nP2ogRGSPtLwew1qWlGZ4fetIeK
b7Q+0x8PanWcGtnHIX/sZIUtf2OiMcxltSZ8vwYZMTw3RSeQWoTjq7QN04Ms09J2
SNmqGKuWNE9Smx16LqB61b0Y2Hv4aA366WI6KNv2n+pv55PFdfZJwXcQr69I3sWA
k4KGKfqL5RIOvnebTT4XkWzHqbEMcKlia15juvQY0UziJeU75+FYjD4gC2bp15yY
owgoEF/+eZpmJoV5fpu0H308
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:37 2024 by rpki-client on console-fra.rpki-client.org