Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/DOK_DtwkCdrumSr1tvoDy3Unbl8.roa
File: DOK_DtwkCdrumSr1tvoDy3Unbl8.roa (raw, json)
Hash identifier: 1rosYEssI0+yf0UuuZGRW0ej8JBna63VdRRPsAEPTO4=
Subject key identifier: 0C:E2:BF:0E:DC:24:09:DA:EE:99:2A:F5:B6:FA:03:CB:75:27:6E:5F
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 01856F4B78CB40E0256BFF8623A054C1EC2C
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/DOK_DtwkCdrumSr1tvoDy3Unbl8.roa
Signing time: Sun 01 Jan 2023 21:44:55 +0000
ROA not before: Sun 01 Jan 2023 21:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42093
IP address blocks: 217.170.4.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:78:cb:40:e0:25:6b:ff:86:23:a0:54:c1:ec:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 21:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ce2bf0edc2409daee992af5b6fa03cb75276e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:18:ef:57:73:40:09:41:3b:68:5c:66:57:ac:
e0:5e:fc:8e:55:5b:01:57:d4:bd:08:9f:0e:b2:84:
5d:28:ba:df:65:0f:3a:98:b6:db:fa:a2:91:2b:4b:
f8:f7:d0:a8:aa:ce:bc:36:4a:11:b7:db:9f:34:4f:
77:14:35:72:fa:9b:d1:a2:71:81:4b:26:25:a6:6f:
b2:ea:e5:e9:76:ed:94:a0:16:b9:fb:b4:96:28:9f:
73:a7:16:ed:b8:39:dc:07:27:6f:c3:85:bb:bb:4d:
ed:ae:27:a9:ef:91:ce:0b:5c:b0:b8:00:36:9c:d7:
4f:b9:68:1c:9e:b2:b0:d5:8e:55:98:68:7f:2b:fe:
86:5a:8f:02:1b:97:e8:38:71:84:19:3c:92:39:39:
8e:5c:2e:15:ed:7d:ce:82:0f:8b:8e:7c:a6:2b:ac:
32:ea:b1:70:3e:53:0a:7c:2b:11:aa:29:54:19:4b:
4d:45:39:7c:a3:95:c6:c1:af:37:7c:47:36:61:07:
19:2a:31:de:14:47:2f:24:12:53:24:e5:ad:04:8b:
ea:d7:4d:24:ae:3e:1e:e7:4a:bc:5f:53:a6:a9:42:
73:0b:2f:e1:c2:44:e9:08:a9:ea:40:2c:52:14:2e:
c1:a2:27:37:3a:b2:b9:81:9e:4e:76:60:b0:d8:06:
0a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E2:BF:0E:DC:24:09:DA:EE:99:2A:F5:B6:FA:03:CB:75:27:6E:5F
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/DOK_DtwkCdrumSr1tvoDy3Unbl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.170.4.0/22
Signature Algorithm: sha256WithRSAEncryption
79:42:17:62:85:f8:8a:5f:85:0e:f5:3f:06:f3:0c:9d:09:a7:
e3:44:2b:b6:e4:24:26:1d:c0:56:47:9d:6d:48:36:6a:ea:eb:
9b:a5:67:12:39:14:70:62:ad:be:cc:49:82:46:13:47:19:1f:
4b:66:03:ec:69:ee:de:81:56:a8:bf:c9:76:43:63:d2:ef:04:
97:9e:e7:33:5b:fa:fa:58:ec:a8:68:96:6d:47:6f:fc:b6:d9:
c0:38:6a:74:b1:de:bb:99:e5:ec:9c:cf:04:8b:65:c6:31:3d:
f4:04:ff:ae:a8:30:a4:a2:58:ca:62:69:6f:a9:d4:da:b3:5e:
f4:8e:d5:66:63:4c:ec:83:0b:f3:14:3a:cf:72:9f:f9:81:22:
92:bf:6b:2a:92:d1:5b:52:08:99:82:8d:b6:cf:e7:0b:dd:ff:
3b:33:68:c2:7b:2a:df:9a:19:50:cc:47:a7:f0:df:61:a1:74:
1b:d2:11:88:d2:37:bc:85:ba:e5:ec:35:4a:17:ae:db:e0:88:
1a:95:73:cb:09:e5:ac:c6:2a:c2:ec:55:9f:56:f5:70:e8:b5:
a7:4b:43:e5:ab:9f:6f:cc:ea:24:a1:f9:4f:8c:51:1c:9a:42:
78:65:3c:96:2e:d4:1e:cd:59:42:e1:de:57:6f:7b:05:8c:7c:
58:dd:70:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3jLQOAla/+GI6BUwewsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjMwMTAxMjE0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UyYmYwZWRjMjQwOWRhZWU5OTJhZjViNmZhMDNjYjc1Mjc2ZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRjvV3NACUE7aFxmV6zgXvyOVVsB
V9S9CJ8OsoRdKLrfZQ86mLbb+qKRK0v499Coqs68NkoRt9ufNE93FDVy+pvRonGB
SyYlpm+y6uXpdu2UoBa5+7SWKJ9zpxbtuDncBydvw4W7u03triep75HOC1ywuAA2
nNdPuWgcnrKw1Y5VmGh/K/6GWo8CG5foOHGEGTySOTmOXC4V7X3Ogg+LjnymK6wy
6rFwPlMKfCsRqilUGUtNRTl8o5XGwa83fEc2YQcZKjHeFEcvJBJTJOWtBIvq100k
rj4e50q8X1OmqUJzCy/hwkTpCKnqQCxSFC7Boic3OrK5gZ5OdmCw2AYK/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzivw7cJAna7pkq9bb6A8t1J25fMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvRE9LX0R0d2tDZHJ1bVNyMXR2b0R5M1VuYmw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2aoEMA0G
CSqGSIb3DQEBCwUAA4IBAQB5QhdihfiKX4UO9T8G8wydCafjRCu25CQmHcBWR51t
SDZq6uubpWcSORRwYq2+zEmCRhNHGR9LZgPsae7egVaov8l2Q2PS7wSXnuczW/r6
WOyoaJZtR2/8ttnAOGp0sd67meXsnM8Ei2XGMT30BP+uqDCkoljKYmlvqdTas170
jtVmY0zsgwvzFDrPcp/5gSKSv2sqktFbUgiZgo22z+cL3f87M2jCeyrfmhlQzEen
8N9hoXQb0hGI0je8hbrl7DVKF67b4IgalXPLCeWsxirC7FWfVvVw6LWnS0Plq59v
zOokoflPjFEcmkJ4ZTyWLtQezVlC4d5Xb3sFjHxY3XCA
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:00 2024 by rpki-client on console-fra.rpki-client.org