Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DG4OPnOtH2K5owQff10VCNvlGUM.roa
File: DG4OPnOtH2K5owQff10VCNvlGUM.roa (raw, json)
Hash identifier: bZGubU96Z6idPTIoezTQqATOQqPvm5/kOkKurrhJe4s=
Subject key identifier: 0C:6E:0E:3E:73:AD:1F:62:B9:A3:04:1F:7F:5D:15:08:DB:E5:19:43
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 0189FD1C6665389F9D994439E06DF39E8E9B
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DG4OPnOtH2K5owQff10VCNvlGUM.roa
Signing time: Wed 16 Aug 2023 06:50:44 +0000
ROA not before: Wed 16 Aug 2023 06:50:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57097
IP address blocks: 213.209.146.0/24 maxlen: 24
185.230.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:1c:66:65:38:9f:9d:99:44:39:e0:6d:f3:9e:8e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Aug 16 06:50:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c6e0e3e73ad1f62b9a3041f7f5d1508dbe51943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:01:73:64:75:1a:87:74:84:63:1a:7a:b6:a8:
dc:cf:5b:90:4c:51:93:3e:fd:09:66:74:5c:db:c1:
2f:53:c8:ff:31:5a:0d:0a:38:51:1b:f7:02:71:55:
37:c3:01:a9:06:b8:c9:81:2f:f3:40:e5:29:a5:b4:
e6:31:7f:b2:21:c2:43:a4:23:d6:e1:96:e5:43:ad:
0b:3f:6d:e2:bb:fc:ac:db:f6:b1:72:6a:84:75:3a:
0c:b9:44:77:22:2e:fc:38:38:6d:a8:c8:50:f4:51:
9e:a6:ce:cc:33:84:b4:ef:46:68:ac:fb:f0:5d:a7:
6b:c9:8e:b1:d7:0e:3c:76:8a:03:cc:e2:18:68:a7:
3b:dd:10:97:ca:5a:50:47:db:7c:2c:42:2f:5c:cc:
13:a1:23:38:b5:db:4e:2a:b9:3b:ed:8a:1d:c4:df:
16:91:ec:77:94:87:85:b4:fa:c2:fe:f9:2e:16:21:
4b:7a:75:14:a7:a3:8f:c4:8f:82:89:78:2a:a6:32:
58:e8:31:c4:91:39:5d:b3:60:80:c5:22:e0:5f:05:
b3:31:8d:41:da:f4:95:76:ee:11:70:b9:9a:52:93:
a9:f5:42:23:5a:7e:13:e8:77:e1:3f:ba:d7:59:57:
1f:09:e8:76:b6:ff:95:52:21:fd:ec:9d:a1:1e:fe:
1c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:6E:0E:3E:73:AD:1F:62:B9:A3:04:1F:7F:5D:15:08:DB:E5:19:43
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/DG4OPnOtH2K5owQff10VCNvlGUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.15.0/24
213.209.146.0/24
Signature Algorithm: sha256WithRSAEncryption
77:b0:1e:d6:e5:52:e6:69:0c:ad:37:47:67:40:31:6f:0a:cf:
c1:db:e7:23:4a:3d:7e:40:1c:90:69:58:f0:a9:c3:a6:c2:68:
00:6e:3a:86:16:9b:55:a2:2f:34:84:31:c0:ba:f5:5c:1d:30:
4d:a8:05:5f:55:86:93:2d:cd:41:fb:00:78:97:f0:55:7e:51:
5a:e1:35:d7:25:e3:98:52:72:cc:8e:d0:26:c2:bf:7c:03:8e:
9e:cf:ad:cc:6c:7f:4d:23:9d:3b:26:8e:c7:7e:37:b4:3b:1e:
f9:28:b6:0c:ad:e7:cb:c0:54:74:10:ea:1e:94:c6:31:6e:72:
65:fc:22:8d:dd:67:01:5b:37:6c:59:08:3d:03:6d:b6:4b:59:
a2:ee:08:31:78:82:fd:36:8d:34:8b:07:3e:fb:3f:69:a7:63:
ac:dc:7d:4e:cf:b1:a6:51:da:bf:43:72:8b:fb:f8:6c:2d:6e:
39:5b:d9:34:9d:a0:8f:53:86:5f:fa:10:59:2d:dc:ea:d6:e8:
a7:c0:95:15:54:5b:39:94:c0:e1:9b:04:dc:c0:77:6b:8d:41:
bd:55:bf:84:6c:95:f2:85:6c:72:95:da:f3:fb:85:89:be:f0:
d7:6e:a0:0d:70:91:54:4d:f8:41:28:e9:23:88:f3:e6:90:5f:
2f:b0:a1:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYn9HGZlOJ+dmUQ54G3zno6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjMwODE2MDY1MDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzZlMGUzZTczYWQxZjYyYjlhMzA0MWY3ZjVkMTUwOGRiZTUxOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgFzZHUah3SEYxp6tqjcz1uQTFGT
Pv0JZnRc28EvU8j/MVoNCjhRG/cCcVU3wwGpBrjJgS/zQOUppbTmMX+yIcJDpCPW
4ZblQ60LP23iu/ys2/axcmqEdToMuUR3Ii78ODhtqMhQ9FGeps7MM4S070ZorPvw
XadryY6x1w48dooDzOIYaKc73RCXylpQR9t8LEIvXMwToSM4tdtOKrk77YodxN8W
kex3lIeFtPrC/vkuFiFLenUUp6OPxI+CiXgqpjJY6DHEkTlds2CAxSLgXwWzMY1B
2vSVdu4RcLmaUpOp9UIjWn4T6HfhP7rXWVcfCeh2tv+VUiH97J2hHv4cUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAxuDj5zrR9iuaMEH39dFQjb5RlDMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvREc0T1BuT3RIMks1b3dRZmYxMFZDTnZsR1VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueYPAwQA
1dGSMA0GCSqGSIb3DQEBCwUAA4IBAQB3sB7W5VLmaQytN0dnQDFvCs/B2+cjSj1+
QByQaVjwqcOmwmgAbjqGFptVoi80hDHAuvVcHTBNqAVfVYaTLc1B+wB4l/BVflFa
4TXXJeOYUnLMjtAmwr98A46ez63MbH9NI507Jo7Hfje0Ox75KLYMrefLwFR0EOoe
lMYxbnJl/CKN3WcBWzdsWQg9A222S1mi7ggxeIL9No00iwc++z9pp2Os3H1Oz7Gm
Udq/Q3KL+/hsLW45W9k0naCPU4Zf+hBZLdzq1uinwJUVVFs5lMDhmwTcwHdrjUG9
Vb+EbJXyhWxyldrz+4WJvvDXbqANcJFUTfhBKOkjiPPmkF8vsKGS
-----END CERTIFICATE-----
Generated at Thu Aug 17 13:32:22 2023 by rpki-client on console-fra.rpki-client.org