Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/dd6db4-f523-4de6-8be6-e7e9715e7813/1/DIc3jy0my6qRne-Q7jeryFVxR7A.roa
File: DIc3jy0my6qRne-Q7jeryFVxR7A.roa (raw, json)
Hash identifier: bP74XDg25jMwVXZBzZpF9vk7PeggodajYerkhCGY3LQ=
Subject key identifier: 0C:87:37:8F:2D:26:CB:AA:91:9D:EF:90:EE:37:AB:C8:55:71:47:B0
Certificate issuer: /CN=5780ce640579476eb7aa73c19cb74ebedfdd682b
Certificate serial: 01856DC1C6DA3D04D341DFCEEDED85F5D98E
Authority key identifier: 57:80:CE:64:05:79:47:6E:B7:AA:73:C1:9C:B7:4E:BE:DF:DD:68:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V4DOZAV5R263qnPBnLdOvt_daCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/dd6db4-f523-4de6-8be6-e7e9715e7813/1/DIc3jy0my6qRne-Q7jeryFVxR7A.roa
Signing time: Sun 01 Jan 2023 14:34:53 +0000
ROA not before: Sun 01 Jan 2023 14:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2602
IP address blocks: 193.168.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c6:da:3d:04:d3:41:df:ce:ed:ed:85:f5:d9:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5780ce640579476eb7aa73c19cb74ebedfdd682b
Validity
Not Before: Jan 1 14:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c87378f2d26cbaa919def90ee37abc8557147b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3f:ca:76:e4:2c:4c:4d:93:e5:6b:00:f1:1d:
63:6d:34:ab:41:77:85:af:6d:38:f8:88:a5:61:49:
5f:4f:0c:81:7d:ef:70:dc:9e:da:f9:3d:f7:5a:a5:
59:ea:89:bc:d0:36:fd:80:b6:f3:44:8c:e2:82:a4:
54:de:6e:a5:28:6a:cd:0e:32:21:00:f2:ec:13:df:
1c:7d:9d:a8:1a:4e:af:b6:a2:c9:bc:64:57:f8:0d:
47:e1:96:dc:29:a5:f0:e9:a2:0f:8d:10:4d:28:aa:
2a:e2:13:5b:83:1d:30:a0:ff:48:e4:18:b2:22:26:
92:64:3d:22:37:03:99:fa:b4:49:ab:48:7b:4b:62:
1f:95:d3:7c:a5:24:18:ec:1b:10:23:f6:76:00:a6:
6e:53:42:88:89:65:b1:4c:5f:1a:8b:0c:51:83:8a:
d5:d6:29:1f:e8:8f:89:4c:b6:c2:6c:57:09:25:8e:
60:cd:ac:cb:e1:fa:41:9b:16:41:5d:a2:48:39:5f:
7c:fa:ea:0c:85:ce:d8:17:26:52:57:2a:57:de:88:
75:c7:0c:23:6c:00:d4:fd:26:6b:d5:6c:9b:96:9a:
6a:4e:13:85:f3:b1:28:e5:7f:6e:28:99:64:06:fb:
f8:f0:0a:e4:d9:85:7e:7d:27:40:cf:ef:bf:0a:da:
ba:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:87:37:8F:2D:26:CB:AA:91:9D:EF:90:EE:37:AB:C8:55:71:47:B0
X509v3 Authority Key Identifier:
keyid:57:80:CE:64:05:79:47:6E:B7:AA:73:C1:9C:B7:4E:BE:DF:DD:68:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V4DOZAV5R263qnPBnLdOvt_daCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/dd6db4-f523-4de6-8be6-e7e9715e7813/1/DIc3jy0my6qRne-Q7jeryFVxR7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/dd6db4-f523-4de6-8be6-e7e9715e7813/1/V4DOZAV5R263qnPBnLdOvt_daCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.1.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:31:5a:b9:f0:10:c0:b9:52:e9:2e:f5:61:5a:0b:29:68:ba:
a9:df:a6:f8:2a:64:cc:68:d6:2c:a9:05:b9:0e:a2:42:ed:a3:
b6:74:8c:05:aa:94:28:4c:0d:3e:87:73:42:14:ed:32:1b:79:
39:e2:3f:2a:f9:02:b1:8e:3b:90:4f:2c:81:89:20:63:46:1f:
6a:08:7e:85:dc:9f:99:c1:11:16:c9:04:cb:c8:b9:f0:f5:73:
3a:12:db:00:e3:71:ca:c8:2e:3d:f6:36:d9:35:49:1b:ef:12:
5a:b7:32:99:2b:f7:ca:c4:8d:ee:24:26:3e:94:93:e3:80:7a:
d7:ec:ea:6e:5b:fc:ff:57:9e:fc:3a:30:af:cd:f6:52:dc:3f:
cb:af:c1:9e:d4:75:f0:05:95:88:20:13:f6:6a:4c:9c:e4:e8:
22:a5:af:df:75:1d:b6:1d:7d:f6:a1:21:8a:94:6d:de:4f:67:
25:47:1a:7c:23:63:e6:80:a2:a6:e5:5b:5c:78:fd:87:d7:ce:
cd:ad:cc:fa:0f:3d:cf:cd:53:6a:30:07:e5:6a:a7:3c:84:c4:
71:76:d4:31:37:e7:10:82:2e:46:30:48:09:35:c9:e5:9d:ff:
25:73:85:f6:09:a1:2d:d1:ed:ba:d1:77:0a:30:72:4c:ee:7b:
6a:7b:89:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtwcbaPQTTQd/O7e2F9dmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ODBjZTY0MDU3OTQ3NmViN2FhNzNjMTljYjc0ZWJlZGZk
ZDY4MmIwHhcNMjMwMTAxMTQzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzg3Mzc4ZjJkMjZjYmFhOTE5ZGVmOTBlZTM3YWJjODU1NzE0N2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T/KduQsTE2T5WsA8R1jbTSrQXeF
r204+IilYUlfTwyBfe9w3J7a+T33WqVZ6om80Db9gLbzRIzigqRU3m6lKGrNDjIh
APLsE98cfZ2oGk6vtqLJvGRX+A1H4ZbcKaXw6aIPjRBNKKoq4hNbgx0woP9I5Biy
IiaSZD0iNwOZ+rRJq0h7S2IfldN8pSQY7BsQI/Z2AKZuU0KIiWWxTF8aiwxRg4rV
1ikf6I+JTLbCbFcJJY5gzazL4fpBmxZBXaJIOV98+uoMhc7YFyZSVypX3oh1xwwj
bADU/SZr1WyblppqThOF87Eo5X9uKJlkBvv48Ark2YV+fSdAz++/Ctq6+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAyHN48tJsuqkZ3vkO43q8hVcUewMB8GA1UdIwQY
MBaAFFeAzmQFeUdut6pzwZy3Tr7f3WgrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjRET1pBVjVSMjYzcW5QQm5MZE92dF9kYUNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kZDZkYjQtZjUyMy00ZGU2LThiZTYt
ZTdlOTcxNWU3ODEzLzEvREljM2p5MG15NnFSbmUtUTdqZXJ5RlZ4UjdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kZDZkYjQtZjUyMy00ZGU2LThiZTYtZTdlOTcxNWU3ODEz
LzEvVjRET1pBVjVSMjYzcW5QQm5MZE92dF9kYUNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwagBMA0G
CSqGSIb3DQEBCwUAA4IBAQA6MVq58BDAuVLpLvVhWgspaLqp36b4KmTMaNYsqQW5
DqJC7aO2dIwFqpQoTA0+h3NCFO0yG3k54j8q+QKxjjuQTyyBiSBjRh9qCH6F3J+Z
wREWyQTLyLnw9XM6EtsA43HKyC499jbZNUkb7xJatzKZK/fKxI3uJCY+lJPjgHrX
7OpuW/z/V578OjCvzfZS3D/Lr8Ge1HXwBZWIIBP2akyc5Ogipa/fdR22HX32oSGK
lG3eT2clRxp8I2PmgKKm5VtceP2H187Nrcz6Dz3PzVNqMAflaqc8hMRxdtQxN+cQ
gi5GMEgJNcnlnf8lc4X2CaEt0e260XcKMHJM7ntqe4lI
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:47 2024 by rpki-client on console-ams.rpki-client.org