Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/D1grGwRVUwp4-MPQCZHJWpfHqAE.roa
File: D1grGwRVUwp4-MPQCZHJWpfHqAE.roa (raw, json)
Hash identifier: /q5WnyZMGgkIXGUU+tYVQGlFb05YKfrd5ZfJqnkJtOM=
Subject key identifier: 0F:58:2B:1B:04:55:53:0A:78:F8:C3:D0:09:91:C9:5A:97:C7:A8:01
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 0185BA41060F876DB416C5B2CC58B2523875
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/D1grGwRVUwp4-MPQCZHJWpfHqAE.roa
Signing time: Mon 16 Jan 2023 11:05:01 +0000
ROA not before: Mon 16 Jan 2023 11:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34309
IP address blocks: 193.56.217.0/24 maxlen: 24
2a05:a880:dc20::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:41:06:0f:87:6d:b4:16:c5:b2:cc:58:b2:52:38:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Jan 16 11:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f582b1b0455530a78f8c3d00991c95a97c7a801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b7:b7:84:50:d8:5f:c5:22:fc:4e:2a:36:7f:
d9:f1:9b:a1:3a:59:7f:9e:ce:62:e7:84:31:06:f9:
45:2d:89:0a:b1:3c:97:7c:fa:dd:f4:af:c3:01:9f:
0a:37:d5:8d:58:ea:c9:c8:6e:97:87:30:0e:d4:44:
bd:76:ba:b4:dd:2b:85:06:85:10:77:29:20:96:85:
0b:c8:d9:69:41:4f:5e:5b:6f:c5:cc:fe:91:14:5d:
a6:00:89:ad:00:6e:48:a2:c4:da:6e:fa:77:ba:48:
9b:af:f9:ac:06:26:08:aa:92:5c:91:3f:aa:1a:15:
8f:e1:79:01:37:7d:f4:5c:57:a5:93:b9:85:30:f1:
6e:2c:f1:26:10:d0:ce:67:ec:da:5e:4f:b9:4d:81:
40:f7:a6:58:62:0d:79:fb:f9:38:29:34:74:e0:ae:
d3:fc:62:67:e0:2c:30:96:d4:50:35:9b:ba:b3:17:
18:fe:bc:f2:e7:bd:7f:a8:75:fd:9d:a7:f5:32:8f:
7d:5f:39:85:6b:63:01:47:79:d2:0e:2c:fe:27:28:
98:89:a3:54:ba:4c:08:8f:e3:a8:7a:a6:f8:cf:89:
57:ed:64:a6:44:62:e4:ba:fd:27:1c:09:6a:94:db:
b7:5b:f7:81:48:ad:e6:31:43:e2:72:a7:36:a0:0f:
36:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:58:2B:1B:04:55:53:0A:78:F8:C3:D0:09:91:C9:5A:97:C7:A8:01
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/D1grGwRVUwp4-MPQCZHJWpfHqAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.217.0/24
IPv6:
2a05:a880:dc20::/48
Signature Algorithm: sha256WithRSAEncryption
7f:a1:8e:93:10:d8:36:27:0b:8c:93:0d:13:55:04:0b:d9:6a:
c7:bf:09:a1:ac:29:e7:29:2f:c3:e6:59:3e:25:26:63:93:55:
fe:0f:03:bc:e7:2b:cf:bc:2b:38:4b:47:35:ac:96:04:07:ff:
cb:43:0d:21:5b:7d:12:d0:e9:9e:2c:ad:13:98:65:75:2d:f6:
79:c1:78:2c:06:d1:df:fa:2c:fb:20:46:00:d7:67:ea:36:e9:
d7:00:ca:6a:d0:23:c1:8a:2d:16:2b:b1:d2:bf:bb:b9:2e:17:
7b:ab:ba:7a:ba:c0:a9:a3:57:d6:e0:e9:0c:ee:e7:59:07:15:
7b:c9:0e:35:33:a8:6b:d1:e9:e5:6a:4e:6d:6b:5b:11:c6:04:
28:dd:c6:73:90:24:c3:c5:53:47:cc:12:75:45:9b:e8:62:c7:
b4:20:3e:9f:2f:fb:3b:bf:74:1c:ac:1c:d0:f2:d8:56:fd:e4:
10:eb:44:86:39:4d:40:e6:5d:d9:78:c9:5a:1f:20:13:03:fe:
85:84:eb:65:bf:ee:00:da:b2:02:db:b5:6d:be:12:1e:fa:94:
66:ab:fb:90:7f:95:88:92:69:c4:ca:53:fa:b0:87:3a:de:b8:
45:cb:e3:ad:56:d2:9a:49:12:e0:0d:b2:f4:0c:f1:a3:57:5d:
9c:d0:84:78
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYW6QQYPh220FsWyzFiyUjh1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjMwMTE2MTEwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjU4MmIxYjA0NTU1MzBhNzhmOGMzZDAwOTkxYzk1YTk3YzdhODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLe3hFDYX8Ui/E4qNn/Z8ZuhOll/
ns5i54QxBvlFLYkKsTyXfPrd9K/DAZ8KN9WNWOrJyG6XhzAO1ES9drq03SuFBoUQ
dykgloULyNlpQU9eW2/FzP6RFF2mAImtAG5IosTabvp3ukibr/msBiYIqpJckT+q
GhWP4XkBN330XFelk7mFMPFuLPEmENDOZ+zaXk+5TYFA96ZYYg15+/k4KTR04K7T
/GJn4CwwltRQNZu6sxcY/rzy571/qHX9naf1Mo99XzmFa2MBR3nSDiz+JyiYiaNU
ukwIj+Ooeqb4z4lX7WSmRGLkuv0nHAlqlNu3W/eBSK3mMUPicqc2oA82oQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFA9YKxsEVVMKePjD0AmRyVqXx6gBMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvRDFnckd3UlZVd3A0LU1QUUNaSEpXcGZIcUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwTjZMA8E
AgACMAkDBwAqBaiA3CAwDQYJKoZIhvcNAQELBQADggEBAH+hjpMQ2DYnC4yTDRNV
BAvZase/CaGsKecpL8PmWT4lJmOTVf4PA7znK8+8KzhLRzWslgQH/8tDDSFbfRLQ
6Z4srROYZXUt9nnBeCwG0d/6LPsgRgDXZ+o26dcAymrQI8GKLRYrsdK/u7kuF3ur
unq6wKmjV9bg6Qzu51kHFXvJDjUzqGvR6eVqTm1rWxHGBCjdxnOQJMPFU0fMEnVF
m+hix7QgPp8v+zu/dBysHNDy2Fb95BDrRIY5TUDmXdl4yVofIBMD/oWE62W/7gDa
sgLbtW2+Eh76lGar+5B/lYiSacTKU/qwhzreuEXL461W0ppJEuANsvQM8aNXXZzQ
hHg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:19 2024 by rpki-client on console-ams.rpki-client.org