Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/DY_f-s-Gm5Z02Zd6BzPeUTkpbE8.roa
File: DY_f-s-Gm5Z02Zd6BzPeUTkpbE8.roa (raw, json)
Hash identifier: JSeXpJHUVq7yXhOpgCVI2ahUI30FxC+vAt5+NLZvn5A=
Subject key identifier: 0D:8F:DF:FA:CF:86:9B:96:74:D9:97:7A:07:33:DE:51:39:29:6C:4F
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 018C746B1F28115F40E8318C165484E87DC5
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/DY_f-s-Gm5Z02Zd6BzPeUTkpbE8.roa
Signing time: Sat 16 Dec 2023 20:57:06 +0000
ROA not before: Sat 16 Dec 2023 20:57:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.150.175.0/24 maxlen: 24
193.239.197.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:74:6b:1f:28:11:5f:40:e8:31:8c:16:54:84:e8:7d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Dec 16 20:57:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d8fdffacf869b9674d9977a0733de5139296c4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:00:bf:c6:93:4d:7a:31:53:f1:41:a5:ff:67:
e3:dc:16:bd:c1:bb:99:d1:e1:89:b8:c1:7d:c8:82:
93:1f:a3:1e:eb:47:15:8f:bf:69:98:c2:c4:92:a4:
50:76:57:4d:90:3f:1a:52:4e:c8:75:15:33:12:3f:
82:34:a5:ac:bb:7d:dc:38:90:a1:be:0c:5b:a8:82:
b1:7a:e1:64:f0:fa:42:5c:1c:6b:89:0e:b9:14:aa:
83:0e:44:9f:ae:d3:17:fe:37:3f:a1:03:b1:3c:a9:
ec:29:80:1c:e2:5e:0b:62:d1:46:05:fc:8d:17:cd:
3d:4c:81:f4:9b:99:d1:3f:3e:80:62:02:58:01:37:
9b:61:ac:ad:84:f0:aa:5c:78:fd:0f:eb:eb:2f:2a:
74:09:fa:0e:b1:bb:61:a1:55:52:04:17:be:87:5a:
1f:57:1d:11:01:0e:7f:9c:d0:a8:72:4f:7a:74:a9:
01:f3:30:f7:ff:38:08:bd:b3:4f:e4:a7:0f:39:64:
f9:8e:f1:b4:ef:71:47:fc:7e:8c:48:5f:fa:3c:16:
73:14:41:7b:ef:ad:5f:a8:7f:c8:4a:ee:0c:e7:53:
58:1d:95:21:49:10:ca:e1:22:84:36:6c:1d:c4:62:
8a:f1:7e:38:75:d8:a6:20:26:7e:15:96:60:b5:83:
33:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8F:DF:FA:CF:86:9B:96:74:D9:97:7A:07:33:DE:51:39:29:6C:4F
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/DY_f-s-Gm5Z02Zd6BzPeUTkpbE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.175.0/24
193.239.197.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f3:bb:da:f9:68:79:da:8a:68:fd:46:0d:31:a7:3f:50:c9:
4f:46:25:96:a6:ba:c3:80:3a:b4:0a:59:fc:10:c5:0a:e2:e4:
12:a9:a2:8b:80:c3:c1:30:c9:93:f8:2b:83:28:df:f5:f2:46:
d6:7b:9c:b8:59:ae:5f:73:57:24:4d:dd:11:22:d1:b4:20:0b:
14:e0:da:2e:de:31:0c:70:77:65:6d:cd:9f:cb:b8:27:9f:21:
01:1f:76:98:41:77:68:e6:17:b7:42:44:50:1f:07:43:f6:7a:
06:0b:04:f6:b6:3c:6e:ea:05:4d:90:9c:a2:47:40:e0:5e:f5:
33:85:fb:05:ed:4e:b8:fc:1e:d1:d6:74:70:42:dd:a1:1b:10:
0f:d5:80:6d:f4:4c:1f:67:e7:89:6b:61:4a:ed:24:4d:04:4a:
1b:b8:9c:55:dd:a0:e1:1b:19:e3:87:8e:ab:3e:a3:ee:6f:9b:
6e:32:cc:6a:01:d8:3e:15:fe:69:17:0b:30:9e:06:fd:b2:f1:
f0:96:fa:35:2c:98:fd:f2:86:3c:34:58:7f:59:43:c9:2a:e5:
d1:90:10:38:87:d6:a6:7a:7b:a0:15:b2:8d:91:9c:67:a4:ed:
cd:f1:7b:c2:1a:40:1d:39:b9:e3:7d:1d:69:91:b6:2c:65:44:
12:04:af:4d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYx0ax8oEV9A6DGMFlSE6H3FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjMxMjE2MjA1NzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhmZGZmYWNmODY5Yjk2NzRkOTk3N2EwNzMzZGU1MTM5Mjk2YzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAC/xpNNejFT8UGl/2fj3Ba9wbuZ
0eGJuMF9yIKTH6Me60cVj79pmMLEkqRQdldNkD8aUk7IdRUzEj+CNKWsu33cOJCh
vgxbqIKxeuFk8PpCXBxriQ65FKqDDkSfrtMX/jc/oQOxPKnsKYAc4l4LYtFGBfyN
F809TIH0m5nRPz6AYgJYATebYaythPCqXHj9D+vrLyp0CfoOsbthoVVSBBe+h1of
Vx0RAQ5/nNCock96dKkB8zD3/zgIvbNP5KcPOWT5jvG073FH/H6MSF/6PBZzFEF7
761fqH/ISu4M51NYHZUhSRDK4SKENmwdxGKK8X44ddimICZ+FZZgtYMzBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA2P3/rPhpuWdNmXegcz3lE5KWxPMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvRFlfZi1zLUdtNVowMlpkNkJ6UGVVVGtwYkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZavAwQA
we/FMA0GCSqGSIb3DQEBCwUAA4IBAQAg87va+Wh52opo/UYNMac/UMlPRiWWprrD
gDq0Cln8EMUK4uQSqaKLgMPBMMmT+CuDKN/18kbWe5y4Wa5fc1ckTd0RItG0IAsU
4Nou3jEMcHdlbc2fy7gnnyEBH3aYQXdo5he3QkRQHwdD9noGCwT2tjxu6gVNkJyi
R0DgXvUzhfsF7U64/B7R1nRwQt2hGxAP1YBt9EwfZ+eJa2FK7SRNBEobuJxV3aDh
Gxnjh46rPqPub5tuMsxqAdg+Ff5pFwswngb9svHwlvo1LJj98oY8NFh/WUPJKuXR
kBA4h9amenugFbKNkZxnpO3N8XvCGkAdObnjfR1pkbYsZUQSBK9N
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:03 2024 by rpki-client on console-fra.rpki-client.org