Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/do1QC0dYUr9bAZ9upC3Gh2lvPtI.roa
File: do1QC0dYUr9bAZ9upC3Gh2lvPtI.roa (raw, json)
Hash identifier: PIyacvx+PS6RlnESz9PAKiwTOpZFrrUZ9yvfgHOgnf0=
Subject key identifier: 76:8D:50:0B:47:58:52:BF:5B:01:9F:6E:A4:2D:C6:87:69:6F:3E:D2
Certificate issuer: /CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Certificate serial: 018C3ABB7CBFDE2FA1979BA7F98BCE6AB650
Authority key identifier: D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/do1QC0dYUr9bAZ9upC3Gh2lvPtI.roa
Signing time: Tue 05 Dec 2023 16:06:54 +0000
ROA not before: Tue 05 Dec 2023 16:06:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17
IP address blocks: 81.31.128.0/20 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3a:bb:7c:bf:de:2f:a1:97:9b:a7:f9:8b:ce:6a:b6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d423a5be5e21ca460732ae48f385a3ea150a2be1
Validity
Not Before: Dec 5 16:06:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=768d500b475852bf5b019f6ea42dc687696f3ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:df:16:e4:11:b4:29:f7:06:9a:60:8d:88:0e:
57:64:c4:7b:5b:40:b9:6f:03:44:f8:5f:f0:1d:79:
2f:15:de:68:22:09:d7:c8:9d:d0:0d:76:69:90:2a:
5a:d9:d5:77:f3:4f:b2:84:79:fe:4b:1c:ff:d4:32:
10:b0:76:9e:d4:35:90:4d:bd:9f:fd:b9:e8:45:f7:
bf:00:44:b6:d0:2d:d8:c2:17:dc:92:e2:d5:4e:fb:
db:b5:17:27:d1:81:63:6f:80:9e:33:81:03:61:27:
61:cb:24:2a:e8:80:70:9d:66:c3:d4:b4:d2:82:09:
89:ca:80:df:cb:cb:77:4c:b5:81:58:e8:a7:ca:3d:
4d:61:c5:a3:cb:62:6b:55:8a:10:a6:a7:fc:bc:f3:
94:b2:ba:b1:79:b4:e1:31:a8:e3:ab:cf:c5:95:c4:
84:fc:1c:0c:f5:45:bc:56:fb:e5:d3:77:52:2d:af:
f4:ec:40:1c:27:aa:3b:f2:81:4a:23:69:75:7a:35:
e9:54:d3:69:fa:65:33:f5:7f:c5:f1:8b:c8:f8:20:
f3:87:08:ed:73:60:29:0c:9f:5b:11:4f:ba:67:62:
eb:bf:76:33:fe:c7:da:0a:5a:6c:09:51:8d:cf:09:
72:dc:9c:24:1e:c1:f9:71:68:cf:03:b9:ed:23:75:
40:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8D:50:0B:47:58:52:BF:5B:01:9F:6E:A4:2D:C6:87:69:6F:3E:D2
X509v3 Authority Key Identifier:
keyid:D4:23:A5:BE:5E:21:CA:46:07:32:AE:48:F3:85:A3:EA:15:0A:2B:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1COlvl4hykYHMq5I84Wj6hUKK-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/do1QC0dYUr9bAZ9upC3Gh2lvPtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/a3e3bb-fd9f-4042-b2cb-d9476665755a/1/1COlvl4hykYHMq5I84Wj6hUKK-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.128.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:ae:7c:43:3c:b4:6a:00:e0:cc:2f:fd:67:27:0c:85:66:83:
20:de:df:e0:96:7a:17:40:45:e1:0a:8a:d3:c1:c5:fd:d9:6b:
37:3e:9d:0e:34:aa:c7:01:84:88:12:62:88:58:be:f1:5c:3a:
74:fe:f7:71:78:33:ee:1f:fe:ce:1b:19:71:18:63:97:27:43:
7c:59:19:00:25:0f:3d:47:c8:ea:4b:78:88:4e:09:d1:ca:5e:
87:05:37:94:df:8a:8f:f1:19:82:9e:fc:19:89:c7:07:5c:ba:
9c:3a:9e:df:fb:9c:7d:6e:64:f8:76:bf:1c:04:7b:da:6e:ae:
5b:16:2e:b6:5c:21:1c:38:07:80:a8:38:e7:9f:a0:3d:3b:4f:
f7:5d:f3:ad:04:0b:d1:67:03:00:92:25:36:a8:fc:aa:fe:b3:
b1:bf:8f:56:6d:9b:d7:31:04:99:22:0c:86:60:ee:c7:42:06:
63:b5:7b:d2:27:6f:a6:d4:6e:73:3f:b2:19:24:de:98:eb:2e:
21:bb:8e:f7:48:39:1b:d0:24:64:ad:89:7f:02:8a:99:94:ac:
f5:25:56:1f:b7:06:7a:11:c6:ae:eb:1a:20:b8:41:96:3a:7b:
d9:8c:00:4f:fd:9b:bf:88:79:82:e1:df:8c:11:72:90:fd:e0:
b6:75:93:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYw6u3y/3i+hl5un+YvOarZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MjNhNWJlNWUyMWNhNDYwNzMyYWU0OGYzODVhM2VhMTUw
YTJiZTEwHhcNMjMxMjA1MTYwNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjhkNTAwYjQ3NTg1MmJmNWIwMTlmNmVhNDJkYzY4NzY5NmYzZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt8W5BG0KfcGmmCNiA5XZMR7W0C5
bwNE+F/wHXkvFd5oIgnXyJ3QDXZpkCpa2dV380+yhHn+Sxz/1DIQsHae1DWQTb2f
/bnoRfe/AES20C3YwhfckuLVTvvbtRcn0YFjb4CeM4EDYSdhyyQq6IBwnWbD1LTS
ggmJyoDfy8t3TLWBWOinyj1NYcWjy2JrVYoQpqf8vPOUsrqxebThMajjq8/FlcSE
/BwM9UW8Vvvl03dSLa/07EAcJ6o78oFKI2l1ejXpVNNp+mUz9X/F8YvI+CDzhwjt
c2ApDJ9bEU+6Z2Lrv3Yz/sfaClpsCVGNzwly3JwkHsH5cWjPA7ntI3VA/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaNUAtHWFK/WwGfbqQtxodpbz7SMB8GA1UdIwQY
MBaAFNQjpb5eIcpGBzKuSPOFo+oVCivhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2It
ZDk0NzY2NjU3NTVhLzEvZG8xUUMwZFlVcjliQVo5dXBDM0doMmx2UHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9hM2UzYmItZmQ5Zi00MDQyLWIyY2ItZDk0NzY2NjU3NTVh
LzEvMUNPbHZsNGh5a1lITXE1STg0V2o2aFVLSy1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUR+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAOrnxDPLRqAODML/1nJwyFZoMg3t/glnoXQEXhCorT
wcX92Ws3Pp0ONKrHAYSIEmKIWL7xXDp0/vdxeDPuH/7OGxlxGGOXJ0N8WRkAJQ89
R8jqS3iITgnRyl6HBTeU34qP8RmCnvwZiccHXLqcOp7f+5x9bmT4dr8cBHvabq5b
Fi62XCEcOAeAqDjnn6A9O0/3XfOtBAvRZwMAkiU2qPyq/rOxv49WbZvXMQSZIgyG
YO7HQgZjtXvSJ2+m1G5zP7IZJN6Y6y4hu473SDkb0CRkrYl/AoqZlKz1JVYftwZ6
Ecau6xoguEGWOnvZjABP/Zu/iHmC4d+MEXKQ/eC2dZMX
-----END CERTIFICATE-----
Generated at Wed Dec 6 08:18:15 2023 by rpki-client on console-ams.rpki-client.org