Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dpgrvoTCdQfBwESSiFQFD-hbwVA.roa
File: dpgrvoTCdQfBwESSiFQFD-hbwVA.roa (raw, json)
Hash identifier: mo/GrJwRN6wbm6oGsXbFjuW5VsARNom53JM6QrBAlOw=
Subject key identifier: 76:98:2B:BE:84:C2:75:07:C1:C0:44:92:88:54:05:0F:E8:5B:C1:50
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018D5A7344901D89ECBEC3DCA7835AA0BCA0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dpgrvoTCdQfBwESSiFQFD-hbwVA.roa
Signing time: Tue 30 Jan 2024 12:58:40 +0000
ROA not before: Tue 30 Jan 2024 12:58:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395899
IP address blocks: 194.50.111.0/24 maxlen: 24
2a10:ccc0:110::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 01 Mar 2024 12:40:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:73:44:90:1d:89:ec:be:c3:dc:a7:83:5a:a0:bc:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 30 12:58:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76982bbe84c27507c1c044928854050fe85bc150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a9:1e:5f:85:6f:54:02:fb:2c:c6:2d:06:73:
f1:14:3e:a0:00:78:f4:83:15:8f:5f:29:f8:e4:b7:
07:32:a5:8b:14:ea:44:6c:1c:75:da:b7:bb:c2:71:
ae:1e:74:af:af:eb:c1:e1:80:85:0c:41:70:fc:2d:
bf:45:84:ca:f5:69:c0:37:1b:57:34:e6:a1:68:58:
1f:18:c9:6c:51:e8:73:bc:1a:3a:3f:3c:3a:88:83:
06:af:72:a9:21:3f:67:d2:16:c3:80:0c:01:85:0f:
d8:b3:83:ce:f3:6e:3f:0d:b6:f5:66:50:b5:d7:7f:
78:19:96:73:be:59:42:12:b9:f5:f7:62:a8:d7:94:
ab:79:76:69:1c:f3:cc:b1:22:3b:09:98:0f:06:f3:
85:20:cb:79:85:9e:41:f1:b9:0a:98:78:48:1d:d3:
7b:d1:b4:f0:52:6c:8b:91:a3:29:88:eb:80:c5:b6:
5d:15:2f:ee:2a:7d:93:67:cc:8f:24:b1:c5:10:a1:
42:2c:4c:7c:0b:3f:49:5d:76:21:00:29:d2:58:43:
a0:a1:4b:74:09:73:c5:62:a2:f6:75:61:d6:92:aa:
1e:52:1d:5f:36:ac:03:8e:c3:6a:57:0c:ce:65:7e:
f1:d7:cd:f0:a0:c3:5b:26:9f:ae:99:e0:a8:78:5b:
35:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:98:2B:BE:84:C2:75:07:C1:C0:44:92:88:54:05:0F:E8:5B:C1:50
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/dpgrvoTCdQfBwESSiFQFD-hbwVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a10:ccc0:110::/48
Signature Algorithm: sha256WithRSAEncryption
b3:12:87:25:a8:f6:7a:66:42:eb:63:66:a8:a9:4e:b9:f3:32:
14:c6:44:52:77:ff:96:5e:3c:f5:b4:4b:f4:7d:c2:e6:1c:83:
3d:ac:bb:5d:9b:24:61:52:28:99:33:53:0f:27:7d:31:4a:f9:
08:59:dd:07:c0:5d:69:7f:33:0c:ff:a4:f1:d4:8d:15:1c:14:
56:01:9b:cf:21:70:61:af:ff:97:45:f4:fc:f9:62:da:cb:be:
49:81:24:af:82:38:99:4e:f2:39:13:fd:a5:ad:f7:13:50:66:
cc:92:b9:a7:21:bd:0e:da:07:5e:20:95:09:ac:cd:e7:48:0e:
d3:57:7a:a1:8f:67:f9:db:a5:11:0c:60:df:f9:11:07:41:f7:
85:53:fb:f6:79:c5:6f:1a:41:75:72:0e:86:7f:fa:15:37:02:
e5:40:95:e7:ae:11:f9:52:76:91:f6:99:43:5d:87:de:4e:5a:
3a:ee:d3:49:08:c1:2c:e1:15:47:a3:1b:6e:f3:98:f2:ed:bd:
ff:fd:c3:aa:1a:73:a7:71:ea:28:c0:c1:cb:18:d1:b2:4b:1a:
68:1c:51:3a:05:1e:f0:cb:10:55:7d:cf:d7:77:6e:59:db:04:
eb:1e:bc:92:a0:4d:3c:3f:29:b3:5a:3a:4e:e3:4d:b0:8d:30:
b9:3c:7b:70
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY1ac0SQHYnsvsPcp4NaoLygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjQwMTMwMTI1ODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Njk4MmJiZTg0YzI3NTA3YzFjMDQ0OTI4ODU0MDUwZmU4NWJjMTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKkeX4VvVAL7LMYtBnPxFD6gAHj0
gxWPXyn45LcHMqWLFOpEbBx12re7wnGuHnSvr+vB4YCFDEFw/C2/RYTK9WnANxtX
NOahaFgfGMlsUehzvBo6Pzw6iIMGr3KpIT9n0hbDgAwBhQ/Ys4PO824/Dbb1ZlC1
1394GZZzvllCErn192Ko15SreXZpHPPMsSI7CZgPBvOFIMt5hZ5B8bkKmHhIHdN7
0bTwUmyLkaMpiOuAxbZdFS/uKn2TZ8yPJLHFEKFCLEx8Cz9JXXYhACnSWEOgoUt0
CXPFYqL2dWHWkqoeUh1fNqwDjsNqVwzOZX7x183woMNbJp+umeCoeFs1kQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHaYK76EwnUHwcBEkohUBQ/oW8FQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZHBncnZvVENkUWZCd0VTU2lGUUZELWhid1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwjJvMA8E
AgACMAkDBwAqEMzAARAwDQYJKoZIhvcNAQELBQADggEBALMShyWo9npmQutjZqip
TrnzMhTGRFJ3/5ZePPW0S/R9wuYcgz2su12bJGFSKJkzUw8nfTFK+QhZ3QfAXWl/
Mwz/pPHUjRUcFFYBm88hcGGv/5dF9Pz5YtrLvkmBJK+COJlO8jkT/aWt9xNQZsyS
uachvQ7aB14glQmszedIDtNXeqGPZ/nbpREMYN/5EQdB94VT+/Z5xW8aQXVyDoZ/
+hU3AuVAleeuEflSdpH2mUNdh95OWjru00kIwSzhFUejG27zmPLtvf/9w6oac6dx
6ijAwcsY0bJLGmgcUToFHvDLEFV9z9d3blnbBOsevJKgTTw/KbNaOk7jTbCNMLk8
e3A=
-----END CERTIFICATE-----
Generated at Fri Mar 1 16:07:44 2024 by rpki-client on console-ams.rpki-client.org