Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/DSIkdXxy7UZjCBYikbDVmiDZw3M.roa
File: DSIkdXxy7UZjCBYikbDVmiDZw3M.roa (raw, json)
Hash identifier: UPeasZrEOHZRD8LmCefLjioOnNLJca9ZFVLRIbXO3Gk=
Subject key identifier: 0D:22:24:75:7C:72:ED:46:63:08:16:22:91:B0:D5:9A:20:D9:C3:73
Certificate issuer: /CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Certificate serial: 018571B0E1AC2D2B4857DC1770F436CBDBCA
Authority key identifier: DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/DSIkdXxy7UZjCBYikbDVmiDZw3M.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47396
IP address blocks: 195.216.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e1:ac:2d:2b:48:57:dc:17:70:f4:36:cb:db:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2b5cbf967a0349d889704bb4d61fa526a31d6f
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d2224757c72ed466308162291b0d59a20d9c373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bb:45:f9:64:70:50:66:b6:a9:97:6e:d1:04:
5c:9e:3e:f4:c8:48:6e:26:8d:fa:d4:41:24:0f:d8:
89:44:6f:96:75:28:fb:e0:2b:4d:e6:f5:c3:b4:ab:
60:f9:27:e8:7e:fd:1b:12:6a:f8:f9:23:d3:6e:f5:
ba:12:1f:2f:3b:95:f2:1d:d4:8d:20:fb:2d:fa:8b:
5b:2d:ef:0a:bc:2e:7e:82:cb:1b:1a:6f:5c:15:c8:
c8:35:35:67:e4:07:c4:bc:a2:b9:c3:58:a6:be:f9:
53:2a:12:2b:d7:8a:6e:38:83:3d:c8:ac:aa:a2:60:
f4:6d:9c:00:f1:ee:10:3c:23:7b:82:15:14:00:a5:
c3:9b:10:32:6e:18:3a:a6:af:0c:c2:b4:8a:55:66:
2f:08:3e:9d:1a:6a:e4:2f:fa:16:01:bb:c8:5a:13:
04:d4:39:9f:0f:e3:b3:3c:6c:14:40:6f:0e:31:3d:
c7:7c:f2:8f:f0:ac:d7:c2:d7:d4:89:e8:dc:ac:ca:
69:e1:ab:6c:0a:4b:75:33:87:b5:d1:33:cd:05:92:
75:96:8b:05:55:30:7d:02:de:1d:8d:58:b0:10:31:
cb:89:24:d4:2f:da:60:be:f0:83:4c:7f:27:4b:f8:
0d:23:b4:9d:ad:0d:20:35:63:ff:da:32:58:3b:eb:
ee:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:22:24:75:7C:72:ED:46:63:08:16:22:91:B0:D5:9A:20:D9:C3:73
X509v3 Authority Key Identifier:
keyid:DE:2B:5C:BF:96:7A:03:49:D8:89:70:4B:B4:D6:1F:A5:26:A3:1D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3itcv5Z6A0nYiXBLtNYfpSajHW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/DSIkdXxy7UZjCBYikbDVmiDZw3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/646e7d-4f46-407c-bdd0-fd72d962df27/1/3itcv5Z6A0nYiXBLtNYfpSajHW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.250.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:d1:f7:6f:7b:ed:c2:ef:2d:96:ea:4f:a6:57:4f:ce:cc:b2:
50:c3:11:24:61:3b:16:1f:c8:54:95:47:3e:5c:09:85:9b:b1:
00:2a:af:21:4e:35:2a:c4:df:95:25:b9:f9:12:17:22:e8:3c:
5f:d9:61:f0:62:0c:3e:51:af:bb:aa:d4:53:40:e8:13:c1:6e:
31:fc:9c:41:a3:1b:62:04:50:e2:db:85:1f:a3:e3:53:b5:18:
0d:59:5c:bc:c2:37:bc:8f:6d:9e:2e:f5:8e:bd:4a:4b:41:f0:
0a:c3:29:9b:8e:00:67:74:42:9c:70:68:63:32:7b:e2:86:77:
bb:cd:cc:1d:53:1c:5c:bc:dd:43:74:c9:f2:37:e2:b6:94:f0:
ca:c8:6e:8a:00:70:66:b1:e8:63:92:cb:e3:dc:af:6c:6b:79:
3c:74:68:ce:ef:b6:d9:aa:27:d3:27:11:2d:b2:e9:c2:a5:6c:
50:bd:86:c0:e7:38:09:89:91:3a:ab:97:6d:2b:6b:16:a2:42:
f7:f5:e7:e3:90:4a:2c:cc:55:69:26:68:a8:6f:22:9f:9a:98:
d3:ab:c1:b9:f9:cc:ec:60:94:d0:95:c3:63:e0:75:ff:59:61:
b7:ac:a7:2f:b6:a8:5a:96:03:2b:9d:65:ce:37:13:f2:f2:44:
f9:42:d2:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOGsLStIV9wXcPQ2y9vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmI1Y2JmOTY3YTAzNDlkODg5NzA0YmI0ZDYxZmE1MjZh
MzFkNmYwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIyMjQ3NTdjNzJlZDQ2NjMwODE2MjI5MWIwZDU5YTIwZDljMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLtF+WRwUGa2qZdu0QRcnj70yEhu
Jo361EEkD9iJRG+WdSj74CtN5vXDtKtg+Sfofv0bEmr4+SPTbvW6Eh8vO5XyHdSN
IPst+otbLe8KvC5+gssbGm9cFcjINTVn5AfEvKK5w1imvvlTKhIr14puOIM9yKyq
omD0bZwA8e4QPCN7ghUUAKXDmxAybhg6pq8MwrSKVWYvCD6dGmrkL/oWAbvIWhME
1DmfD+OzPGwUQG8OMT3HfPKP8KzXwtfUiejcrMpp4atsCkt1M4e10TPNBZJ1losF
VTB9At4djViwEDHLiSTUL9pgvvCDTH8nS/gNI7SdrQ0gNWP/2jJYO+vu/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0iJHV8cu1GYwgWIpGw1Zog2cNzMB8GA1UdIwQY
MBaAFN4rXL+WegNJ2IlwS7TWH6Umox1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAt
ZmQ3MmQ5NjJkZjI3LzEvRFNJa2RYeHk3VVpqQ0JZaWtiRFZtaURadzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi82NDZlN2QtNGY0Ni00MDdjLWJkZDAtZmQ3MmQ5NjJkZjI3
LzEvM2l0Y3Y1WjZBMG5ZaVhCTHROWWZwU2FqSFc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9j6MA0G
CSqGSIb3DQEBCwUAA4IBAQAu0fdve+3C7y2W6k+mV0/OzLJQwxEkYTsWH8hUlUc+
XAmFm7EAKq8hTjUqxN+VJbn5Ehci6Dxf2WHwYgw+Ua+7qtRTQOgTwW4x/JxBoxti
BFDi24Ufo+NTtRgNWVy8wje8j22eLvWOvUpLQfAKwymbjgBndEKccGhjMnvihne7
zcwdUxxcvN1DdMnyN+K2lPDKyG6KAHBmsehjksvj3K9sa3k8dGjO77bZqifTJxEt
sunCpWxQvYbA5zgJiZE6q5dtK2sWokL39efjkEoszFVpJmiobyKfmpjTq8G5+czs
YJTQlcNj4HX/WWG3rKcvtqhalgMrnWXONxPy8kT5QtKs
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:14 2024 by rpki-client on console-fra.rpki-client.org