Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ddxg9RwXwvv28uXbbsF_eXHIeAw.roa
File: ddxg9RwXwvv28uXbbsF_eXHIeAw.roa (raw, json)
Hash identifier: tzdhowA8JGDyU99+sjQsv4x+Iwh4bcIZXwrQkTe/aLo=
Subject key identifier: 75:DC:60:F5:1C:17:C2:FB:F6:F2:E5:DB:6E:C1:7F:79:71:C8:78:0C
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0185AB33FB817F5C42A4295F574EA1705710
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ddxg9RwXwvv28uXbbsF_eXHIeAw.roa
Signing time: Fri 13 Jan 2023 12:56:28 +0000
ROA not before: Fri 13 Jan 2023 12:56:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210546
IP address blocks: 194.113.233.0/24 maxlen: 24
193.37.70.0/24 maxlen: 24
87.251.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jan 2023 13:54:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ab:33:fb:81:7f:5c:42:a4:29:5f:57:4e:a1:70:57:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 13 12:56:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75dc60f51c17c2fbf6f2e5db6ec17f7971c8780c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:96:22:81:e8:e9:60:7e:9a:bc:c1:1f:04:37:
e4:24:44:24:9c:6a:ce:77:a5:65:93:3c:fe:f2:32:
84:00:59:a2:89:ae:19:15:57:87:5d:c7:13:49:77:
6a:6a:3a:99:8c:c7:af:e6:15:ba:82:97:bd:fd:38:
4f:09:49:19:92:21:40:44:44:5a:1f:bc:87:0b:64:
e6:6a:cf:d0:a4:a4:e4:93:6d:59:f5:6c:b5:df:b2:
39:ca:1b:ac:04:58:00:d6:5a:07:0a:7c:85:78:b2:
e8:74:df:6c:8c:1b:77:97:2c:5b:3c:01:a3:a3:17:
81:1a:40:33:04:56:e6:6a:02:c3:53:33:19:53:1c:
91:67:ab:a5:e2:64:a3:ab:dd:47:02:72:c7:dd:79:
0c:05:0e:47:53:ea:72:d3:3c:b3:91:6f:61:df:6e:
d9:53:da:37:35:95:fe:1c:0c:e8:d2:fa:9e:d7:b7:
af:38:3a:42:2a:13:a7:bb:22:8e:28:1b:44:a0:bf:
5d:94:12:f4:6f:73:b9:b5:41:6a:ea:4c:9d:a7:5b:
09:a6:ef:54:e4:28:de:b2:bc:68:9b:9f:5a:bc:39:
f0:9a:47:a8:9b:b0:1f:1c:0b:15:34:c7:a2:c3:a0:
58:35:c3:7e:b4:41:26:0d:f9:23:e4:1e:11:95:87:
c5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DC:60:F5:1C:17:C2:FB:F6:F2:E5:DB:6E:C1:7F:79:71:C8:78:0C
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/ddxg9RwXwvv28uXbbsF_eXHIeAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.78.0/24
193.37.70.0/24
194.113.233.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:f2:c5:3c:b3:7c:83:4e:25:4e:60:09:eb:40:22:2d:96:8e:
95:d8:1f:95:b6:22:8f:8b:a9:ff:64:a7:c5:41:b6:3e:88:23:
43:96:2d:34:28:5d:84:0d:05:6d:dc:99:d7:49:e5:9c:d5:77:
a2:e5:ff:da:65:5d:7f:1a:83:fb:8e:d7:6d:ef:2a:c5:63:9b:
be:eb:90:80:d4:b1:bc:ea:08:37:ec:cd:25:f9:fe:da:f8:26:
41:91:7f:d6:21:45:6e:b0:68:8d:ff:68:fd:7d:70:2f:e6:33:
6e:a2:37:75:18:b7:61:f8:12:98:63:57:6c:0c:13:e4:77:e9:
d0:8d:97:fe:e2:75:13:a0:88:14:71:38:3b:8d:3f:1e:4a:b5:
d2:05:af:a6:8e:9f:69:79:90:8d:f7:fd:b5:7f:9a:38:eb:60:
cb:1e:3a:d1:a7:9c:6d:b2:4a:fc:80:90:0c:59:09:6a:82:6b:
af:bd:c4:53:15:32:cf:0d:74:36:80:5d:d8:25:c8:06:83:96:
99:19:c5:a7:cf:25:56:c1:9b:89:6b:f7:bc:3b:b5:53:92:fc:
cb:51:fe:14:a0:21:fc:89:b6:e7:e4:6f:2e:cc:a4:4b:ad:53:
f7:d5:70:2d:07:b4:90:41:be:ec:93:57:63:06:b3:bb:a7:96:
17:ce:ab:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWrM/uBf1xCpClfV06hcFcQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMTEzMTI1NjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRjNjBmNTFjMTdjMmZiZjZmMmU1ZGI2ZWMxN2Y3OTcxYzg3ODBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJYigejpYH6avMEfBDfkJEQknGrO
d6Vlkzz+8jKEAFmiia4ZFVeHXccTSXdqajqZjMev5hW6gpe9/ThPCUkZkiFARERa
H7yHC2Tmas/QpKTkk21Z9Wy137I5yhusBFgA1loHCnyFeLLodN9sjBt3lyxbPAGj
oxeBGkAzBFbmagLDUzMZUxyRZ6ul4mSjq91HAnLH3XkMBQ5HU+py0zyzkW9h327Z
U9o3NZX+HAzo0vqe17evODpCKhOnuyKOKBtEoL9dlBL0b3O5tUFq6kydp1sJpu9U
5Cjesrxom59avDnwmkeom7AfHAsVNMeiw6BYNcN+tEEmDfkj5B4RlYfFVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHXcYPUcF8L79vLl227Bf3lxyHgMMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvZGR4ZzlSd1h3dnYyOHVYYmJzRl9lWEhJZUF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/tOAwQA
wSVGAwQAwnHpMA0GCSqGSIb3DQEBCwUAA4IBAQAK8sU8s3yDTiVOYAnrQCItlo6V
2B+VtiKPi6n/ZKfFQbY+iCNDli00KF2EDQVt3JnXSeWc1Xei5f/aZV1/GoP7jtdt
7yrFY5u+65CA1LG86gg37M0l+f7a+CZBkX/WIUVusGiN/2j9fXAv5jNuojd1GLdh
+BKYY1dsDBPkd+nQjZf+4nUToIgUcTg7jT8eSrXSBa+mjp9peZCN9/21f5o462DL
HjrRp5xtskr8gJAMWQlqgmuvvcRTFTLPDXQ2gF3YJcgGg5aZGcWnzyVWwZuJa/e8
O7VTkvzLUf4UoCH8ibbn5G8uzKRLrVP31XAtB7SQQb7sk1djBrO7p5YXzquo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org