Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/DSarqqllPX4gPmKs92jjdcT5S_g.roa
File: DSarqqllPX4gPmKs92jjdcT5S_g.roa (raw, json)
Hash identifier: nWODbjNJSzLBg6PshH6M9Jfnx+bVEAtkgli9oHERIcU=
Subject key identifier: 0D:26:AB:AA:A9:65:3D:7E:20:3E:62:AC:F7:68:E3:75:C4:F9:4B:F8
Certificate issuer: /CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Certificate serial: 01856F021E91F2384E5A69CAB83DE26BF6B4
Authority key identifier: 6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/DSarqqllPX4gPmKs92jjdcT5S_g.roa
Signing time: Sun 01 Jan 2023 20:24:47 +0000
ROA not before: Sun 01 Jan 2023 20:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49321
IP address blocks: 194.93.68.0/22 maxlen: 24
185.245.56.0/23 maxlen: 24
2a0d:140::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:1e:91:f2:38:4e:5a:69:ca:b8:3d:e2:6b:f6:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c05cf9c327b2fc877be8b561822b065e09690c2
Validity
Not Before: Jan 1 20:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d26abaaa9653d7e203e62acf768e375c4f94bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:9b:29:f2:36:6a:15:0f:76:92:e5:79:93:25:
75:a3:99:12:80:e9:1c:06:ac:d9:a6:70:3d:5e:56:
ed:4f:84:4d:7b:c2:32:04:03:45:15:60:f1:fe:02:
f8:cc:21:68:23:ab:66:e8:7f:6a:f8:17:bb:ec:bb:
5a:f1:f6:ab:78:4a:54:7b:8f:77:2c:59:98:40:d7:
13:bb:ff:d1:5d:9a:00:e5:20:6c:84:69:8a:e1:04:
7c:01:f1:5c:93:60:4b:08:b0:09:eb:dc:af:fc:94:
d6:07:1f:7a:1e:52:fc:da:6f:0d:65:47:7a:a6:e4:
0e:d5:ba:e2:9f:65:c3:12:b3:ee:85:9f:5c:2b:99:
fe:41:00:dc:95:79:72:2e:e7:17:b4:6c:e9:34:91:
60:f6:5f:a1:ef:a8:a7:ce:bc:fb:68:b8:12:07:c3:
d0:c9:f2:a9:fc:be:ca:09:36:be:be:66:a1:88:d4:
c8:1f:7d:f5:e3:53:0e:2c:76:70:54:ff:90:cf:05:
4e:df:92:3d:08:70:56:aa:11:5c:11:bc:98:1b:65:
50:a9:d7:a7:5d:59:51:70:4a:21:00:1d:45:11:32:
ae:36:87:d5:fc:25:73:e1:ec:78:51:88:eb:79:5b:
71:bf:f6:3d:7b:cd:62:36:36:8c:ca:50:9b:3e:1f:
22:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:26:AB:AA:A9:65:3D:7E:20:3E:62:AC:F7:68:E3:75:C4:F9:4B:F8
X509v3 Authority Key Identifier:
keyid:6C:05:CF:9C:32:7B:2F:C8:77:BE:8B:56:18:22:B0:65:E0:96:90:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bAXPnDJ7L8h3votWGCKwZeCWkMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/DSarqqllPX4gPmKs92jjdcT5S_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/2f5ec7-ac2b-4c66-9364-9a61831869ae/1/bAXPnDJ7L8h3votWGCKwZeCWkMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.56.0/23
194.93.68.0/22
IPv6:
2a0d:140::/29
Signature Algorithm: sha256WithRSAEncryption
07:ed:4a:5e:14:97:54:4d:0c:5c:a8:7f:44:9a:c1:cf:f7:3c:
d6:43:a3:a0:2f:fa:91:17:40:c2:10:11:ec:6d:85:43:e8:03:
f2:ba:32:f1:2a:9b:a9:cc:5d:5f:66:fe:af:e2:a8:72:69:15:
d1:c8:4b:0c:aa:8f:e8:a6:9b:73:2a:b2:f8:3f:5f:59:6c:fa:
87:b5:0f:47:aa:86:8d:3e:75:de:24:16:90:56:54:54:78:01:
37:f4:1c:d7:67:64:8a:f0:17:dc:86:3c:d9:dd:aa:66:cc:5d:
ab:a1:f9:c6:e6:5b:27:e3:81:a8:60:c5:f4:91:45:2d:a9:09:
cc:8c:7c:f5:40:24:89:9b:80:24:45:d2:30:23:c2:2b:7e:04:
5a:1e:f6:d6:17:35:2f:ce:50:49:e2:11:6c:22:16:a4:e6:34:
e4:f9:81:5c:70:e4:19:98:09:a1:46:f0:7a:cb:28:3d:1c:82:
e3:34:a7:9b:4e:3c:5e:42:78:d5:48:c7:22:2d:46:8d:bf:43:
6f:cb:c7:53:fb:c3:4b:0d:1a:46:45:c1:b5:81:1a:6b:bf:e2:
18:4c:0e:b0:ef:a9:88:7d:40:0f:01:23:15:7d:d7:2e:6e:98:
91:c5:79:8e:17:5c:47:75:8d:fc:64:e6:10:33:ae:46:d0:4e:
d3:0f:9f:9a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvAh6R8jhOWmnKuD3ia/a0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMDVjZjljMzI3YjJmYzg3N2JlOGI1NjE4MjJiMDY1ZTA5
NjkwYzIwHhcNMjMwMTAxMjAyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDI2YWJhYWE5NjUzZDdlMjAzZTYyYWNmNzY4ZTM3NWM0Zjk0YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5sp8jZqFQ92kuV5kyV1o5kSgOkc
BqzZpnA9XlbtT4RNe8IyBANFFWDx/gL4zCFoI6tm6H9q+Be77Lta8fareEpUe493
LFmYQNcTu//RXZoA5SBshGmK4QR8AfFck2BLCLAJ69yv/JTWBx96HlL82m8NZUd6
puQO1brin2XDErPuhZ9cK5n+QQDclXlyLucXtGzpNJFg9l+h76inzrz7aLgSB8PQ
yfKp/L7KCTa+vmahiNTIH33141MOLHZwVP+QzwVO35I9CHBWqhFcEbyYG2VQqden
XVlRcEohAB1FETKuNofV/CVz4ex4UYjreVtxv/Y9e81iNjaMylCbPh8iTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA0mq6qpZT1+ID5irPdo43XE+Uv4MB8GA1UdIwQY
MBaAFGwFz5wyey/Id76LVhgisGXglpDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkFYUG5ESjdMOGgzdm90V0dDS3daZUNXa01JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8yZjVlYzctYWMyYi00YzY2LTkzNjQt
OWE2MTgzMTg2OWFlLzEvRFNhcnFxbGxQWDRnUG1LczkyampkY1Q1U19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8yZjVlYzctYWMyYi00YzY2LTkzNjQtOWE2MTgzMTg2OWFl
LzEvYkFYUG5ESjdMOGgzdm90V0dDS3daZUNXa01JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBufU4AwQC
wl1EMA0EAgACMAcDBQMqDQFAMA0GCSqGSIb3DQEBCwUAA4IBAQAH7UpeFJdUTQxc
qH9EmsHP9zzWQ6OgL/qRF0DCEBHsbYVD6APyujLxKpupzF1fZv6v4qhyaRXRyEsM
qo/opptzKrL4P19ZbPqHtQ9HqoaNPnXeJBaQVlRUeAE39BzXZ2SK8BfchjzZ3apm
zF2rofnG5lsn44GoYMX0kUUtqQnMjHz1QCSJm4AkRdIwI8IrfgRaHvbWFzUvzlBJ
4hFsIhak5jTk+YFccOQZmAmhRvB6yyg9HILjNKebTjxeQnjVSMciLUaNv0Nvy8dT
+8NLDRpGRcG1gRprv+IYTA6w76mIfUAPASMVfdcubpiRxXmOF1xHdY38ZOYQM65G
0E7TD5+a
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org