Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/DdDFr_NqryT9NstgMrN29Kuv7Mk.roa
File: DdDFr_NqryT9NstgMrN29Kuv7Mk.roa (raw, json)
Hash identifier: bIlaPjH9tsLOzKiVFlXMNEX4etT874+3J0e1f6S+cs4=
Subject key identifier: 0D:D0:C5:AF:F3:6A:AF:24:FD:36:CB:60:32:B3:76:F4:AB:AF:EC:C9
Certificate issuer: /CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Certificate serial: 0185734CB7A0DB20A3783589DBA575183859
Authority key identifier: 4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/DdDFr_NqryT9NstgMrN29Kuv7Mk.roa
Signing time: Mon 02 Jan 2023 16:24:45 +0000
ROA not before: Mon 02 Jan 2023 16:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199397
IP address blocks: 84.14.245.0/24 maxlen: 24
84.14.149.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:b7:a0:db:20:a3:78:35:89:db:a5:75:18:38:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf8ffc088591e4f243baafa21b4298bfb366026
Validity
Not Before: Jan 2 16:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd0c5aff36aaf24fd36cb6032b376f4abafecc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:27:c5:53:71:41:56:00:ab:53:a8:e4:4c:51:
21:11:6f:c7:a1:d5:eb:eb:b5:cf:f8:e1:fb:2a:5a:
52:99:82:fc:fa:6f:e8:ad:a8:37:de:45:85:a3:5f:
90:d1:95:4b:dc:d6:46:84:5b:e2:02:e5:0f:49:67:
ca:5d:64:17:0d:5f:d3:52:59:6c:33:a4:25:db:5d:
e4:d4:e8:ec:73:74:1b:bc:9d:84:7c:69:4b:14:83:
c9:2a:a2:d8:94:b0:f1:b6:19:2f:e1:36:35:07:89:
af:3b:47:3b:ae:3c:ac:b3:d5:b8:b7:60:37:ea:1a:
63:95:4d:28:48:33:d6:7e:39:12:4f:c9:fe:05:9e:
92:c8:76:e6:9b:b9:6f:8d:ef:ac:fc:5d:bd:9a:31:
ff:72:9e:d2:f7:5c:fe:e4:06:68:cf:49:32:1c:07:
79:b0:4f:b2:c5:02:50:b5:7d:74:ac:90:85:69:4d:
a1:d4:94:df:b0:60:ba:54:b4:d1:e2:9f:fe:52:ed:
4b:c6:a8:1b:5a:9f:bc:10:ea:22:bb:b5:54:e5:d0:
63:39:f5:5e:ee:f5:9e:30:41:d2:3b:63:74:5b:5b:
7a:75:ea:e3:f9:4d:9d:01:02:f3:7c:b3:e6:80:ec:
67:40:b1:89:a1:45:c7:15:0b:f5:f1:9c:71:5d:fc:
01:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D0:C5:AF:F3:6A:AF:24:FD:36:CB:60:32:B3:76:F4:AB:AF:EC:C9
X509v3 Authority Key Identifier:
keyid:4C:F8:FF:C0:88:59:1E:4F:24:3B:AA:FA:21:B4:29:8B:FB:36:60:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPj_wIhZHk8kO6r6IbQpi_s2YCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/DdDFr_NqryT9NstgMrN29Kuv7Mk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a0a39c-be03-47bb-bdb3-b3b78b0b66ea/1/TPj_wIhZHk8kO6r6IbQpi_s2YCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.14.149.0/24
84.14.245.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:97:f1:eb:bc:48:44:82:52:42:cf:10:f5:c6:de:9c:53:a3:
27:8c:e4:0d:50:71:48:78:6b:56:86:8f:fe:80:4e:e4:84:9a:
04:9e:28:e0:05:ad:1a:10:b9:76:f4:da:fd:59:c5:ea:72:3e:
c4:35:ad:4a:d4:50:a7:ae:1e:2e:ff:46:8c:a0:81:74:68:4e:
80:d4:9b:45:87:cd:af:ed:84:42:e9:ed:f4:96:b1:00:1f:0f:
50:e0:f5:db:26:70:5d:45:ac:fc:72:01:00:a2:ec:6c:a1:92:
6c:96:c2:9b:88:a8:7a:4c:4d:1f:fd:50:f0:fc:cf:14:6a:41:
7f:e7:08:45:51:90:6b:6d:c0:03:85:5e:5f:42:f7:2a:f5:85:
92:08:15:48:0e:2d:99:72:97:a6:5b:98:20:5f:e7:7d:29:3d:
eb:25:63:29:9f:7e:20:98:b2:26:fd:6c:a0:3f:a3:31:4d:79:
77:12:ce:ae:29:c5:7e:95:92:e6:7b:04:65:fa:03:e4:3f:48:
6a:1c:26:5f:99:3e:ce:65:b4:54:4f:e9:a4:aa:27:ce:58:4f:
25:d7:c3:00:75:6c:ea:8f:17:87:3f:cf:17:e3:6f:a0:df:9e:
3a:33:f6:0f:f3:71:95:c9:70:25:da:a2:b3:8d:11:76:bd:25:
6c:6b:f1:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVzTLeg2yCjeDWJ26V1GDhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjhmZmMwODg1OTFlNGYyNDNiYWFmYTIxYjQyOThiZmIz
NjYwMjYwHhcNMjMwMTAyMTYyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQwYzVhZmYzNmFhZjI0ZmQzNmNiNjAzMmIzNzZmNGFiYWZlY2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkifFU3FBVgCrU6jkTFEhEW/HodXr
67XP+OH7KlpSmYL8+m/orag33kWFo1+Q0ZVL3NZGhFviAuUPSWfKXWQXDV/TUlls
M6Ql213k1Ojsc3QbvJ2EfGlLFIPJKqLYlLDxthkv4TY1B4mvO0c7rjyss9W4t2A3
6hpjlU0oSDPWfjkST8n+BZ6SyHbmm7lvje+s/F29mjH/cp7S91z+5AZoz0kyHAd5
sE+yxQJQtX10rJCFaU2h1JTfsGC6VLTR4p/+Uu1LxqgbWp+8EOoiu7VU5dBjOfVe
7vWeMEHSO2N0W1t6derj+U2dAQLzfLPmgOxnQLGJoUXHFQv18ZxxXfwB8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA3Qxa/zaq8k/TbLYDKzdvSrr+zJMB8GA1UdIwQY
MBaAFEz4/8CIWR5PJDuq+iG0KYv7NmAmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMt
YjNiNzhiMGI2NmVhLzEvRGRERnJfTnFyeVQ5TnN0Z01yTjI5S3V2N01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hMGEzOWMtYmUwMy00N2JiLWJkYjMtYjNiNzhiMGI2NmVh
LzEvVFBqX3dJaFpIazhrTzZyNkliUXBpX3MyWUNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVA6VAwQA
VA71MA0GCSqGSIb3DQEBCwUAA4IBAQCrl/HrvEhEglJCzxD1xt6cU6MnjOQNUHFI
eGtWho/+gE7khJoEnijgBa0aELl29Nr9WcXqcj7ENa1K1FCnrh4u/0aMoIF0aE6A
1JtFh82v7YRC6e30lrEAHw9Q4PXbJnBdRaz8cgEAouxsoZJslsKbiKh6TE0f/VDw
/M8UakF/5whFUZBrbcADhV5fQvcq9YWSCBVIDi2ZcpemW5ggX+d9KT3rJWMpn34g
mLIm/WygP6MxTXl3Es6uKcV+lZLmewRl+gPkP0hqHCZfmT7OZbRUT+mkqifOWE8l
18MAdWzqjxeHP88X42+g3546M/YP83GVyXAl2qKzjRF2vSVsa/Gi
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:09 2024 by rpki-client on console-ams.rpki-client.org