Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DXdxtUBd7HPrNMkqgLBbxmYpSBk.roa
File: DXdxtUBd7HPrNMkqgLBbxmYpSBk.roa (raw, json)
Hash identifier: x91GpGwQJIke2K/fDGY5ZmQyshpC2NkuN8vzC3jQWpk=
Subject key identifier: 0D:77:71:B5:40:5D:EC:73:EB:34:C9:2A:80:B0:5B:C6:66:29:48:19
Certificate issuer: /CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Certificate serial: 0188ED78CDC3F12D0E65FE9E8D340FB46B36
Authority key identifier: DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DXdxtUBd7HPrNMkqgLBbxmYpSBk.roa
Signing time: Sat 24 Jun 2023 12:54:57 +0000
ROA not before: Sat 24 Jun 2023 12:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2914
IP address blocks: 217.67.74.0/23 maxlen: 24
217.67.72.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Jul 2023 09:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ed:78:cd:c3:f1:2d:0e:65:fe:9e:8d:34:0f:b4:6b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddf8b45254e5470d1d4cce6fb7dfd4d0d83b5d59
Validity
Not Before: Jun 24 12:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d7771b5405dec73eb34c92a80b05bc666294819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:de:84:5a:83:cd:10:d3:11:90:ec:d9:65:
7a:30:f2:b0:1a:89:13:cf:d8:2e:b0:84:c1:09:dd:
5a:7b:15:52:41:f1:cf:70:25:47:a6:d1:27:90:bf:
45:c2:7a:36:2a:3b:c2:a3:b0:21:4d:9e:9b:8e:59:
94:54:46:cc:2f:3e:21:1e:13:85:bb:c6:c2:fd:66:
9c:8e:fa:54:c7:88:5e:27:b8:bf:11:1b:87:f9:79:
65:61:eb:65:08:e6:10:e9:25:4a:92:a2:f2:3b:96:
93:67:a7:9e:f6:8f:7d:3a:ff:f2:07:dc:59:51:0e:
de:26:1b:65:61:9d:86:cc:2b:bf:47:c3:cb:79:9b:
16:dc:63:26:b4:3c:b9:e2:75:6d:bd:ae:2d:5e:e9:
4d:2f:e6:42:99:59:d9:bd:d4:98:2d:e5:a8:ae:d4:
01:a3:c8:35:2e:84:b0:90:68:ac:27:2f:4c:7d:52:
45:04:4c:ab:2f:c1:0a:54:a4:1a:fb:c4:fe:47:8c:
4a:3c:c3:42:50:da:69:0f:00:44:d5:76:96:94:d7:
9d:a6:12:68:1b:b1:ae:1f:3b:21:e1:4f:ce:0f:3c:
4b:c5:20:a4:94:fa:1c:15:a3:10:63:bc:91:e1:4d:
09:15:3a:4d:2e:23:13:b1:40:fe:1b:31:95:33:91:
e6:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:77:71:B5:40:5D:EC:73:EB:34:C9:2A:80:B0:5B:C6:66:29:48:19
X509v3 Authority Key Identifier:
keyid:DD:F8:B4:52:54:E5:47:0D:1D:4C:CE:6F:B7:DF:D4:D0:D8:3B:5D:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/DXdxtUBd7HPrNMkqgLBbxmYpSBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8fc746-fc08-4211-ba3b-893906fb7858/1/3fi0UlTlRw0dTM5vt9_U0Ng7XVk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.67.72.0/22
Signature Algorithm: sha256WithRSAEncryption
c9:9a:21:69:7f:f7:90:61:4a:99:6e:d5:44:27:b1:f2:7b:34:
77:d1:e1:47:f9:85:64:86:78:2e:34:7c:67:23:98:51:d3:46:
ab:76:ee:22:0e:e5:a8:64:c1:5a:16:9d:e7:35:b1:cb:f3:38:
23:cf:80:f8:c3:ef:24:df:c2:4e:16:5e:75:6b:07:ca:be:75:
84:74:c9:b2:94:26:4a:e8:d0:06:db:ae:f7:78:19:e7:a2:d5:
89:e3:8d:3a:e5:79:78:58:8d:a3:98:ba:b9:f2:f8:71:9c:4a:
ac:e7:eb:29:ca:bc:03:d3:d9:86:18:97:ef:57:61:e1:6a:3c:
6e:3d:b1:81:9d:e3:7c:45:9e:14:2e:2d:3d:76:66:bd:80:c3:
2b:6e:d5:15:53:b8:e4:a6:ad:78:17:2f:61:ce:d6:f3:97:78:
dd:d6:b0:ce:17:4f:8a:b4:af:11:b2:5a:0c:75:bb:9c:d5:ab:
a6:96:0c:81:f1:a0:43:b0:ec:97:c9:99:f5:5e:2b:9d:c4:59:
a7:77:2d:72:46:6a:83:1a:89:4c:e6:90:53:95:d9:35:3e:c7:
a6:6a:1b:40:67:c0:30:b3:c8:f4:ca:9b:7e:65:b5:cb:ae:0b:
07:8d:3f:f3:7f:bb:88:f8:bb:b3:7f:41:02:8d:34:25:b7:ac:
50:12:97:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjteM3D8S0OZf6ejTQPtGs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZjhiNDUyNTRlNTQ3MGQxZDRjY2U2ZmI3ZGZkNGQwZDgz
YjVkNTkwHhcNMjMwNjI0MTI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDc3NzFiNTQwNWRlYzczZWIzNGM5MmE4MGIwNWJjNjY2Mjk0ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqrehFqDzRDTEZDs2WV6MPKwGokT
z9gusITBCd1aexVSQfHPcCVHptEnkL9Fwno2KjvCo7AhTZ6bjlmUVEbMLz4hHhOF
u8bC/WacjvpUx4heJ7i/ERuH+XllYetlCOYQ6SVKkqLyO5aTZ6ee9o99Ov/yB9xZ
UQ7eJhtlYZ2GzCu/R8PLeZsW3GMmtDy54nVtva4tXulNL+ZCmVnZvdSYLeWortQB
o8g1LoSwkGisJy9MfVJFBEyrL8EKVKQa+8T+R4xKPMNCUNppDwBE1XaWlNedphJo
G7GuHzsh4U/ODzxLxSCklPocFaMQY7yR4U0JFTpNLiMTsUD+GzGVM5HmxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA13cbVAXexz6zTJKoCwW8ZmKUgZMB8GA1UdIwQY
MBaAFN34tFJU5UcNHUzOb7ff1NDYO11ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2It
ODkzOTA2ZmI3ODU4LzEvRFhkeHRVQmQ3SFByTk1rcWdMQmJ4bVlwU0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84ZmM3NDYtZmMwOC00MjExLWJhM2ItODkzOTA2ZmI3ODU4
LzEvM2ZpMFVsVGxSdzBkVE01dnQ5X1UwTmc3WFZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UNIMA0G
CSqGSIb3DQEBCwUAA4IBAQDJmiFpf/eQYUqZbtVEJ7HyezR30eFH+YVkhnguNHxn
I5hR00ardu4iDuWoZMFaFp3nNbHL8zgjz4D4w+8k38JOFl51awfKvnWEdMmylCZK
6NAG2673eBnnotWJ44065Xl4WI2jmLq58vhxnEqs5+spyrwD09mGGJfvV2Hhajxu
PbGBneN8RZ4ULi09dma9gMMrbtUVU7jkpq14Fy9hztbzl3jd1rDOF0+KtK8RsloM
dbuc1aumlgyB8aBDsOyXyZn1XiudxFmndy1yRmqDGolM5pBTldk1PsemahtAZ8Aw
s8j0ypt+ZbXLrgsHjT/zf7uI+Luzf0ECjTQlt6xQEpcW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:55 2024 by rpki-client on console-ams.rpki-client.org