Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DdSRKkHnoOXx3yBL90elLBWebMg.roa
File: DdSRKkHnoOXx3yBL90elLBWebMg.roa (raw, json)
Hash identifier: q4+sv8T2n3f+6l6kQ75PfHtH7G/rRW1YsLLr/Y6MO0Y=
Subject key identifier: 0D:D4:91:2A:41:E7:A0:E5:F1:DF:20:4B:F7:47:A5:2C:15:9E:6C:C8
Certificate issuer: /CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Certificate serial: 018570D5154721D10196E5A6AA9D30819733
Authority key identifier: AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DdSRKkHnoOXx3yBL90elLBWebMg.roa
Signing time: Mon 02 Jan 2023 04:54:50 +0000
ROA not before: Mon 02 Jan 2023 04:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47971
IP address blocks: 81.94.218.0/23 maxlen: 24
81.94.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:d5:15:47:21:d1:01:96:e5:a6:aa:9d:30:81:97:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aeb66ec5e8f2405f6f8d486e73fb82b8de0dee0f
Validity
Not Before: Jan 2 04:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd4912a41e7a0e5f1df204bf747a52c159e6cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:89:77:ba:e3:c3:79:c3:82:53:cf:0a:57:
0d:61:4d:fe:55:23:eb:4a:90:76:32:42:79:a5:da:
97:a0:ba:ba:63:19:87:d1:7a:b6:bb:4b:ac:92:de:
10:a2:74:d1:80:9a:9a:09:3b:f6:f4:23:56:33:b1:
94:5c:b7:59:1b:bd:21:94:d6:51:4c:40:48:4c:4c:
c1:3c:d9:ac:40:86:8c:5f:8b:51:36:b2:a1:12:5d:
8c:ca:c9:ba:5e:b9:6d:3b:6f:8b:9c:29:af:a3:db:
9c:a1:f8:12:f9:f3:87:1c:33:d0:55:64:44:9c:be:
47:f0:2f:53:82:a5:0c:41:32:a8:dc:b9:f2:c9:05:
8a:61:8e:fb:38:cc:73:65:58:ef:2d:2e:2a:f3:8d:
ea:5f:32:3b:31:87:f6:35:54:2e:eb:0d:53:a5:e3:
db:d3:f2:6b:35:67:5d:f5:09:3d:bf:6e:37:eb:d5:
bf:34:59:66:da:4f:6a:29:83:92:b7:fa:59:75:4d:
52:ed:cd:8b:dd:6a:c3:cc:7c:f1:75:43:eb:d5:01:
0c:73:8b:46:50:93:4a:45:d3:4d:25:86:60:61:d3:
b2:5f:5b:48:f8:64:62:87:3f:a6:8e:b3:36:53:0a:
95:2c:9d:cc:eb:12:e8:5f:d4:0d:70:28:2c:dd:7e:
cf:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D4:91:2A:41:E7:A0:E5:F1:DF:20:4B:F7:47:A5:2C:15:9E:6C:C8
X509v3 Authority Key Identifier:
keyid:AE:B6:6E:C5:E8:F2:40:5F:6F:8D:48:6E:73:FB:82:B8:DE:0D:EE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rrZuxejyQF9vjUhuc_uCuN4N7g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/DdSRKkHnoOXx3yBL90elLBWebMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/153788-14b7-4551-9ade-6aea9057c800/1/rrZuxejyQF9vjUhuc_uCuN4N7g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.94.218.0/23
81.94.222.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f8:2c:2e:65:53:dd:99:e4:9d:e1:28:7b:67:1f:57:90:1d:
29:86:32:0c:43:5e:5c:e7:f4:3c:fe:54:38:f1:69:99:3e:a1:
f2:1a:b4:27:fe:af:de:eb:6f:ab:5a:a3:77:ca:bf:3f:d9:6b:
01:bb:05:a5:22:48:69:ba:92:7c:ad:a5:60:c6:66:89:1c:29:
a3:28:a5:a3:4c:69:e3:cc:1a:1a:a4:bd:f9:cc:a8:aa:8b:34:
30:5e:ad:d4:e4:a3:6f:6f:e0:bb:9a:a4:31:92:e2:3a:36:60:
12:a4:ea:62:c7:16:00:48:ab:26:d8:7e:48:c5:33:12:93:71:
5b:3e:c9:bf:ae:1f:a8:27:8d:8c:69:38:71:4e:18:d4:d1:a0:
ee:a2:14:22:7d:6f:cb:6d:62:61:63:12:d8:da:46:b8:99:e7:
fc:3e:60:0c:fd:bc:06:7f:e2:67:5e:5f:5a:b6:0e:7c:68:b9:
fa:b8:6a:e2:67:d4:c1:f0:4c:a8:d7:1d:15:2a:84:4f:34:18:
e8:80:60:ce:9d:85:e2:78:c8:4f:f7:3a:61:9a:00:7c:88:5d:
a5:4a:02:50:a8:39:c4:6d:b4:f3:c0:7e:c4:0f:46:ab:49:91:
c4:49:b2:cd:d0:eb:ee:2d:23:18:3f:e2:e8:80:48:d3:b9:26:
15:b7:a7:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw1RVHIdEBluWmqp0wgZczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYjY2ZWM1ZThmMjQwNWY2ZjhkNDg2ZTczZmI4MmI4ZGUw
ZGVlMGYwHhcNMjMwMTAyMDQ1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ0OTEyYTQxZTdhMGU1ZjFkZjIwNGJmNzQ3YTUyYzE1OWU2Y2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivyJd7rjw3nDglPPClcNYU3+VSPr
SpB2MkJ5pdqXoLq6YxmH0Xq2u0uskt4QonTRgJqaCTv29CNWM7GUXLdZG70hlNZR
TEBITEzBPNmsQIaMX4tRNrKhEl2Mysm6XrltO2+LnCmvo9ucofgS+fOHHDPQVWRE
nL5H8C9TgqUMQTKo3LnyyQWKYY77OMxzZVjvLS4q843qXzI7MYf2NVQu6w1TpePb
0/JrNWdd9Qk9v24369W/NFlm2k9qKYOSt/pZdU1S7c2L3WrDzHzxdUPr1QEMc4tG
UJNKRdNNJYZgYdOyX1tI+GRihz+mjrM2UwqVLJ3M6xLoX9QNcCgs3X7PGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA3UkSpB56Dl8d8gS/dHpSwVnmzIMB8GA1UdIwQY
MBaAFK62bsXo8kBfb41IbnP7grjeDe4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUt
NmFlYTkwNTdjODAwLzEvRGRTUktrSG5vT1h4M3lCTDkwZWxMQldlYk1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi8xNTM3ODgtMTRiNy00NTUxLTlhZGUtNmFlYTkwNTdjODAw
LzEvcnJadXhlanlRRjl2alVodWNfdUN1TjRON2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUV7aAwQA
UV7eMA0GCSqGSIb3DQEBCwUAA4IBAQBS+CwuZVPdmeSd4Sh7Zx9XkB0phjIMQ15c
5/Q8/lQ48WmZPqHyGrQn/q/e62+rWqN3yr8/2WsBuwWlIkhpupJ8raVgxmaJHCmj
KKWjTGnjzBoapL35zKiqizQwXq3U5KNvb+C7mqQxkuI6NmASpOpixxYASKsm2H5I
xTMSk3FbPsm/rh+oJ42MaThxThjU0aDuohQifW/LbWJhYxLY2ka4mef8PmAM/bwG
f+JnXl9atg58aLn6uGriZ9TB8Eyo1x0VKoRPNBjogGDOnYXieMhP9zphmgB8iF2l
SgJQqDnEbbTzwH7ED0arSZHESbLN0OvuLSMYP+LogEjTuSYVt6dE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:53 2024 by rpki-client on console-ams.rpki-client.org