Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dpQPHDDP08vccNj3hwIfr9rMFQI.roa
File: dpQPHDDP08vccNj3hwIfr9rMFQI.roa (raw, json)
Hash identifier: LwgSGQQHP6Nv5OOV28ytnumAjEh8Udpk49qx00CRAt4=
Subject key identifier: 76:94:0F:1C:30:CF:D3:CB:DC:70:D8:F7:87:02:1F:AF:DA:CC:15:02
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018BD1F8113D7ED34ABE6A183EACD6BF1431
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dpQPHDDP08vccNj3hwIfr9rMFQI.roa
Signing time: Wed 15 Nov 2023 07:52:57 +0000
ROA not before: Wed 15 Nov 2023 07:52:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210423
IP address blocks: 217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
84.236.234.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
84.232.35.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d1:f8:11:3d:7e:d3:4a:be:6a:18:3e:ac:d6:bf:14:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Nov 15 07:52:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76940f1c30cfd3cbdc70d8f787021fafdacc1502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:8a:c4:af:b6:6d:ef:43:d0:9a:d8:0e:8a:
7d:d3:3b:a5:99:e6:f4:bf:02:98:5b:84:ae:d0:49:
6a:a1:cb:92:de:42:e9:56:29:8b:a0:7c:44:c3:95:
e5:00:5f:8a:28:3c:db:ad:a8:ef:75:c9:c8:bc:6b:
1f:ae:b3:48:8d:08:99:50:59:85:c4:6c:e1:ed:61:
8d:09:33:2a:0b:83:d6:ce:16:ed:eb:c3:c1:66:d2:
b8:3a:a5:13:45:85:da:49:27:32:07:63:fb:76:5e:
bf:44:59:b1:a8:0d:45:e1:61:5d:56:21:87:3a:f7:
e8:91:03:e3:d5:62:e1:4f:e8:3a:3e:53:61:77:66:
b4:77:9d:02:40:45:e2:7a:fe:c9:c7:56:50:a4:6a:
a2:18:51:20:07:93:5b:00:76:68:1e:11:a4:f7:25:
47:78:ef:09:51:a7:48:35:07:94:a6:70:f0:b9:30:
92:69:e8:e1:94:86:b0:e8:f1:57:f4:8b:28:69:ea:
fa:7b:1f:13:5d:c9:dd:3e:da:7a:16:de:e9:ba:df:
d4:67:ca:aa:9d:35:82:c3:a5:8c:c6:e1:8d:c4:e6:
8e:f7:e6:ed:bd:ff:4f:0d:5e:4d:8f:49:fa:7f:4b:
48:13:99:8b:6c:33:4a:fe:74:c8:8d:37:d8:b4:21:
48:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:94:0F:1C:30:CF:D3:CB:DC:70:D8:F7:87:02:1F:AF:DA:CC:15:02
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dpQPHDDP08vccNj3hwIfr9rMFQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0/24
84.236.234.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0/23
Signature Algorithm: sha256WithRSAEncryption
84:43:98:47:07:68:fc:8d:ec:57:e9:53:b9:37:25:b8:de:0e:
89:a2:38:43:aa:53:92:89:4f:d7:10:03:f4:b9:5d:28:36:4a:
6d:76:d7:02:a1:54:49:df:ad:2b:c7:bc:0a:34:f1:21:5b:4e:
b5:a6:e5:8a:aa:ef:7d:f1:7b:a5:57:e0:12:16:cc:fd:20:3d:
c2:b2:1d:45:14:a6:c6:64:e3:76:ed:9b:ba:f4:6d:fe:29:a6:
61:ff:d3:05:f5:dc:cd:58:d4:3d:74:76:18:f9:8a:8c:31:96:
58:f7:0a:89:7e:5e:4c:3f:4e:21:d6:78:56:db:ef:75:85:49:
4a:65:74:b8:d6:aa:21:df:30:00:1b:f0:98:b2:93:a8:87:18:
c9:41:8e:b8:46:ed:4c:98:fc:ec:da:cf:8f:b7:b3:90:04:15:
1d:f6:dc:f1:48:4f:95:68:48:da:aa:b6:64:5a:75:26:2c:4c:
09:fc:e8:da:d7:06:80:2a:a9:c1:11:4f:a0:66:18:37:4f:47:
fb:0a:71:57:cc:2c:6b:10:bc:6d:7f:71:82:c7:59:83:11:af:
42:4c:37:03:d0:1e:fb:8d:45:b9:c2:c5:8b:6a:60:3a:f2:db:
92:e2:dd:2b:5f:86:22:5b:75:a8:fc:e2:e9:7e:76:e7:f4:92:
32:70:d2:04
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYvR+BE9ftNKvmoYPqzWvxQxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMxMTE1MDc1MjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk0MGYxYzMwY2ZkM2NiZGM3MGQ4Zjc4NzAyMWZhZmRhY2MxNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGCKxK+2be9D0JrYDop90zulmeb0
vwKYW4Su0ElqocuS3kLpVimLoHxEw5XlAF+KKDzbrajvdcnIvGsfrrNIjQiZUFmF
xGzh7WGNCTMqC4PWzhbt68PBZtK4OqUTRYXaSScyB2P7dl6/RFmxqA1F4WFdViGH
OvfokQPj1WLhT+g6PlNhd2a0d50CQEXiev7Jx1ZQpGqiGFEgB5NbAHZoHhGk9yVH
eO8JUadINQeUpnDwuTCSaejhlIaw6PFX9Isoaer6ex8TXcndPtp6Ft7put/UZ8qq
nTWCw6WMxuGNxOaO9+btvf9PDV5Nj0n6f0tIE5mLbDNK/nTIjTfYtCFIEwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHaUDxwwz9PL3HDY94cCH6/azBUCMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZHBRUEhERFAwOHZjY05qM2h3SWZyOXJNRlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVOgjAwQB
VOzqAwQBXhguAwQCX7JwAwQB2T1QMA0GCSqGSIb3DQEBCwUAA4IBAQCEQ5hHB2j8
jexX6VO5NyW43g6JojhDqlOSiU/XEAP0uV0oNkptdtcCoVRJ360rx7wKNPEhW061
puWKqu998XulV+ASFsz9ID3Csh1FFKbGZON27Zu69G3+KaZh/9MF9dzNWNQ9dHYY
+YqMMZZY9wqJfl5MP04h1nhW2+91hUlKZXS41qoh3zAAG/CYspOohxjJQY64Ru1M
mPzs2s+Pt7OQBBUd9tzxSE+VaEjaqrZkWnUmLEwJ/Oja1waAKqnBEU+gZhg3T0f7
CnFXzCxrELxtf3GCx1mDEa9CTDcD0B77jUW5wsWLamA68tuS4t0rX4YiW3Wo/OLp
fnbn9JIycNIE
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:36 2024 by rpki-client on console-fra.rpki-client.org