Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/DfFH9h3uWrmkairClSPWoi0tEOI.roa
File: DfFH9h3uWrmkairClSPWoi0tEOI.roa (raw, json)
Hash identifier: 5+c0l2VwA+BXl3b8F4X0TvNQKWFViLtIh3O2s5EQKeg=
Subject key identifier: 0D:F1:47:F6:1D:EE:5A:B9:A4:6A:2A:C2:95:23:D6:A2:2D:2D:10:E2
Certificate issuer: /CN=68a8e93d3f590f4450d1db3c2074598244353e93
Certificate serial: 01856D0A9FEF56DCC4866FF6BC5B08E77AFA
Authority key identifier: 68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/DfFH9h3uWrmkairClSPWoi0tEOI.roa
Signing time: Sun 01 Jan 2023 11:14:50 +0000
ROA not before: Sun 01 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15922
IP address blocks: 217.18.64.0/20 maxlen: 20
178.255.192.0/21 maxlen: 21
178.255.199.0/24 maxlen: 24
2a00:19c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 25 Apr 2023 11:58:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9f:ef:56:dc:c4:86:6f:f6:bc:5b:08:e7:7a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a8e93d3f590f4450d1db3c2074598244353e93
Validity
Not Before: Jan 1 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0df147f61dee5ab9a46a2ac29523d6a22d2d10e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:65:78:bd:92:77:b5:b5:2e:6d:04:0e:37:bd:
59:fc:da:19:6c:e5:b7:a6:6a:d4:6d:9a:28:52:b7:
59:93:10:f0:0c:a4:fc:84:f5:29:df:6e:26:ee:a8:
72:28:2d:7f:d4:6b:3f:23:1f:28:f8:e7:43:ad:55:
04:1b:37:15:5f:4f:64:16:86:d3:98:8a:2f:39:67:
22:fb:21:f0:a9:6c:48:8f:a2:de:1d:23:6b:6a:cb:
33:bd:80:1a:90:61:aa:3b:bb:0e:c7:18:10:e4:e1:
c6:f4:2e:dd:d2:e7:54:2e:4b:93:38:50:cc:d3:d8:
b9:31:c3:f1:20:3d:79:3f:98:c4:e5:74:88:c9:a7:
53:e0:70:1d:7a:b1:30:c9:9e:dc:b1:0a:5b:1a:5a:
8a:03:d2:3b:42:cd:b3:72:6b:f3:21:41:c9:b2:ad:
24:06:95:fe:17:55:00:1a:27:8d:de:17:40:f4:b4:
5e:dc:fa:d0:87:fd:40:ec:2b:11:6b:ee:43:f4:45:
f4:44:27:c1:5b:68:c1:ec:49:d8:a7:cb:a1:4a:c9:
7c:27:58:2e:b5:36:c5:cb:5f:2b:c4:6b:5d:b4:9a:
33:dd:53:50:5e:fd:0c:43:89:33:dd:69:95:45:a4:
f5:71:73:8b:f8:eb:37:e3:48:fa:53:b7:99:5a:69:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F1:47:F6:1D:EE:5A:B9:A4:6A:2A:C2:95:23:D6:A2:2D:2D:10:E2
X509v3 Authority Key Identifier:
keyid:68:A8:E9:3D:3F:59:0F:44:50:D1:DB:3C:20:74:59:82:44:35:3E:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/DfFH9h3uWrmkairClSPWoi0tEOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/bb3b29-81e5-45a2-81ec-25dd4cbb3698/1/aKjpPT9ZD0RQ0ds8IHRZgkQ1PpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.192.0/21
217.18.64.0/20
IPv6:
2a00:19c0::/32
Signature Algorithm: sha256WithRSAEncryption
54:6a:f8:4c:21:8f:d3:60:68:20:52:1f:0a:22:ac:88:c2:16:
46:c5:53:70:3e:2a:7f:ae:87:f2:77:1e:29:fc:0e:29:78:54:
32:71:24:78:63:ee:68:62:d2:d9:d3:a2:fc:39:8b:2a:e4:21:
0e:41:55:32:73:68:b5:03:9a:e7:7b:0e:53:8c:00:21:72:f4:
bf:2f:72:72:bd:39:f8:17:7a:a1:c8:c0:76:d9:42:20:a7:22:
05:e5:72:a6:ba:78:75:65:04:61:75:35:1a:09:cf:eb:74:a3:
3e:fb:34:ec:35:93:44:ed:d8:ae:03:82:fe:cf:b0:12:20:7d:
c0:75:b5:fc:00:36:b0:c4:eb:d3:fa:68:92:45:8e:71:9e:f9:
7d:98:a8:ee:3c:8b:e5:dd:93:72:d6:5d:4f:5a:c7:05:a2:c8:
98:5c:75:f9:9c:b1:c3:58:a3:01:9e:24:a6:bf:2b:e9:4a:21:
cc:8b:35:ee:9b:ad:40:ee:72:de:5d:56:f5:f8:77:8d:38:ca:
13:ad:28:9e:88:47:a5:0b:22:0f:91:39:85:d3:38:a6:5f:55:
50:43:fc:f7:c6:b9:9c:5e:43:21:c2:2c:43:92:b7:3f:35:b6:
d3:f7:80:d1:0c:d5:27:1f:3a:c7:e1:31:1c:a0:68:0f:b9:2a:
6a:ad:a7:60
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtCp/vVtzEhm/2vFsI53r6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YThlOTNkM2Y1OTBmNDQ1MGQxZGIzYzIwNzQ1OTgyNDQz
NTNlOTMwHhcNMjMwMTAxMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGYxNDdmNjFkZWU1YWI5YTQ2YTJhYzI5NTIzZDZhMjJkMmQxMGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmV4vZJ3tbUubQQON71Z/NoZbOW3
pmrUbZooUrdZkxDwDKT8hPUp324m7qhyKC1/1Gs/Ix8o+OdDrVUEGzcVX09kFobT
mIovOWci+yHwqWxIj6LeHSNrasszvYAakGGqO7sOxxgQ5OHG9C7d0udULkuTOFDM
09i5McPxID15P5jE5XSIyadT4HAderEwyZ7csQpbGlqKA9I7Qs2zcmvzIUHJsq0k
BpX+F1UAGieN3hdA9LRe3PrQh/1A7CsRa+5D9EX0RCfBW2jB7EnYp8uhSsl8J1gu
tTbFy18rxGtdtJoz3VNQXv0MQ4kz3WmVRaT1cXOL+Os340j6U7eZWmkiuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA3xR/Yd7lq5pGoqwpUj1qItLRDiMB8GA1UdIwQY
MBaAFGio6T0/WQ9EUNHbPCB0WYJENT6TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMt
MjVkZDRjYmIzNjk4LzEvRGZGSDloM3VXcm1rYWlyQ2xTUFdvaTB0RU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYjNiMjktODFlNS00NWEyLTgxZWMtMjVkZDRjYmIzNjk4
LzEvYUtqcFBUOVpEMFJRMGRzOElIUlpna1ExUHBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv/AAwQE
2RJAMA0EAgACMAcDBQAqABnAMA0GCSqGSIb3DQEBCwUAA4IBAQBUavhMIY/TYGgg
Uh8KIqyIwhZGxVNwPip/rofydx4p/A4peFQycSR4Y+5oYtLZ06L8OYsq5CEOQVUy
c2i1A5rnew5TjAAhcvS/L3JyvTn4F3qhyMB22UIgpyIF5XKmunh1ZQRhdTUaCc/r
dKM++zTsNZNE7diuA4L+z7ASIH3AdbX8ADawxOvT+miSRY5xnvl9mKjuPIvl3ZNy
1l1PWscFosiYXHX5nLHDWKMBniSmvyvpSiHMizXum61A7nLeXVb1+HeNOMoTrSie
iEelCyIPkTmF0zimX1VQQ/z3xrmcXkMhwixDkrc/NbbT94DRDNUnHzrH4TEcoGgP
uSpqradg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:35 2024 by rpki-client on console-fra.rpki-client.org