Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/08kDW6IC_gauZt-rNcbkCXV4D9U.roa
File: 08kDW6IC_gauZt-rNcbkCXV4D9U.roa (raw, json)
Hash identifier: l4y5nDIm2jyJozEyzOBth8PA1Ghdiip0GRUoBuYYCJY=
Subject key identifier: D3:C9:03:5B:A2:02:FE:06:AE:66:DF:AB:35:C6:E4:09:75:78:0F:D5
Certificate issuer: /CN=bdff3d96e8aa141d22c4242aeff78af71ef8b244
Certificate serial: 01856F8B9C4C4A77495C80C29437840DE097
Authority key identifier: BD:FF:3D:96:E8:AA:14:1D:22:C4:24:2A:EF:F7:8A:F7:1E:F8:B2:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vf89luiqFB0ixCQq7_eK9x74skQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/08kDW6IC_gauZt-rNcbkCXV4D9U.roa
Signing time: Sun 01 Jan 2023 22:54:58 +0000
ROA not before: Sun 01 Jan 2023 22:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12843
IP address blocks: 194.59.18.0/23 maxlen: 23
194.59.20.0/22 maxlen: 22
2001:67c:12f0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:9c:4c:4a:77:49:5c:80:c2:94:37:84:0d:e0:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdff3d96e8aa141d22c4242aeff78af71ef8b244
Validity
Not Before: Jan 1 22:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c9035ba202fe06ae66dfab35c6e40975780fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:98:f2:c1:0c:a0:7a:12:07:e5:95:4e:42:ae:
4e:f2:52:a0:94:58:ea:30:37:bc:2d:41:10:a1:a9:
71:5b:5f:bc:bf:43:e9:35:c8:c5:57:42:75:ed:3e:
be:62:3a:90:60:54:9f:97:65:d7:e2:5c:72:fc:a6:
6c:b7:42:4a:34:b1:6e:6f:a2:ff:57:d7:ee:31:fc:
9f:72:4e:06:54:dc:c6:28:78:77:70:d8:26:72:ed:
2f:10:79:f9:ea:5f:29:27:7e:64:43:2b:b7:ec:cf:
4c:6b:e3:d4:2b:59:3f:78:37:ac:30:af:5b:ea:34:
2b:94:da:0f:a7:88:03:dc:4b:ae:49:7f:cb:1c:68:
79:8e:61:4b:72:7c:79:43:73:39:42:0f:de:50:50:
92:35:6e:64:ba:a1:87:39:24:d6:b5:a6:4d:50:95:
30:3c:91:6f:12:8b:41:3e:0c:ef:df:27:e5:b8:44:
3d:a6:a8:df:a4:a8:37:cd:60:0f:ec:1c:03:e8:51:
c9:9a:e6:e9:41:e1:75:e5:36:92:86:62:15:28:e5:
e8:3f:7d:30:13:ba:29:7a:07:04:f4:7e:6b:66:f6:
02:7d:52:3c:f4:56:4f:03:5b:7e:6c:99:67:1b:6c:
e9:4e:1e:64:f9:2b:13:de:0d:60:a5:cd:3c:91:1a:
51:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C9:03:5B:A2:02:FE:06:AE:66:DF:AB:35:C6:E4:09:75:78:0F:D5
X509v3 Authority Key Identifier:
keyid:BD:FF:3D:96:E8:AA:14:1D:22:C4:24:2A:EF:F7:8A:F7:1E:F8:B2:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vf89luiqFB0ixCQq7_eK9x74skQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/08kDW6IC_gauZt-rNcbkCXV4D9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/611c7f-b125-4712-9ef7-3c7987c42c16/1/vf89luiqFB0ixCQq7_eK9x74skQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.18.0-194.59.23.255
IPv6:
2001:67c:12f0::/48
Signature Algorithm: sha256WithRSAEncryption
13:06:53:50:a1:2e:1a:15:a2:f9:12:60:4a:86:20:0e:03:ad:
ac:aa:b7:2a:b5:c1:32:0f:b3:e3:2c:ee:7a:50:dd:4d:08:50:
66:8a:00:76:a4:26:38:22:47:a1:b7:bd:5b:5b:d0:52:e3:3b:
88:5e:ca:33:56:16:f7:05:17:fa:15:05:fe:63:1a:7b:c7:72:
f5:ba:48:43:34:74:b9:39:67:2a:58:8e:d8:22:bd:b9:06:ac:
a7:20:e2:88:a3:d0:04:6b:9b:dc:99:e0:38:68:ca:eb:74:2a:
69:bf:fb:50:b9:1d:e2:6c:52:7d:17:24:e3:91:01:81:dd:1a:
bb:75:8a:be:b9:f6:1f:3a:d9:6a:a4:c4:18:1a:d3:b4:cc:52:
20:71:48:76:55:7a:b8:3d:47:67:17:d1:a0:7c:d5:05:97:4f:
08:81:ad:32:9f:ec:43:b2:a3:01:f3:21:80:01:fe:82:b7:d6:
5b:e5:76:4c:1e:a0:56:62:f0:ea:bb:af:92:80:43:6f:13:c3:
fd:3f:b0:dd:c9:fa:74:7f:9d:22:32:4f:c6:11:cf:67:b2:83:
3c:2e:7c:fa:2b:e9:d9:59:e0:51:2e:16:0b:aa:65:75:d0:1b:
80:f2:f7:6b:31:c6:bf:49:eb:03:75:ad:c3:48:61:b4:24:6c:
93:af:c3:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVvi5xMSndJXIDClDeEDeCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmYzZDk2ZThhYTE0MWQyMmM0MjQyYWVmZjc4YWY3MWVm
OGIyNDQwHhcNMjMwMTAxMjI1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2M5MDM1YmEyMDJmZTA2YWU2NmRmYWIzNWM2ZTQwOTc1NzgwZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JjywQygehIH5ZVOQq5O8lKglFjq
MDe8LUEQoalxW1+8v0PpNcjFV0J17T6+YjqQYFSfl2XX4lxy/KZst0JKNLFub6L/
V9fuMfyfck4GVNzGKHh3cNgmcu0vEHn56l8pJ35kQyu37M9Ma+PUK1k/eDesMK9b
6jQrlNoPp4gD3EuuSX/LHGh5jmFLcnx5Q3M5Qg/eUFCSNW5kuqGHOSTWtaZNUJUw
PJFvEotBPgzv3yfluEQ9pqjfpKg3zWAP7BwD6FHJmubpQeF15TaShmIVKOXoP30w
E7opegcE9H5rZvYCfVI89FZPA1t+bJlnG2zpTh5k+SsT3g1gpc08kRpRwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNPJA1uiAv4GrmbfqzXG5Al1eA/VMB8GA1UdIwQY
MBaAFL3/PZboqhQdIsQkKu/3ivce+LJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmY4OWx1aXFGQjBpeENRcTdfZUs5eDc0c2tRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82MTFjN2YtYjEyNS00NzEyLTllZjct
M2M3OTg3YzQyYzE2LzEvMDhrRFc2SUNfZ2F1WnQtck5jYmtDWFY0RDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82MTFjN2YtYjEyNS00NzEyLTllZjctM2M3OTg3YzQyYzE2
LzEvdmY4OWx1aXFGQjBpeENRcTdfZUs5eDc0c2tRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAHCOxID
BAPCOxAwDwQCAAIwCQMHACABBnwS8DANBgkqhkiG9w0BAQsFAAOCAQEAEwZTUKEu
GhWi+RJgSoYgDgOtrKq3KrXBMg+z4yzuelDdTQhQZooAdqQmOCJHobe9W1vQUuM7
iF7KM1YW9wUX+hUF/mMae8dy9bpIQzR0uTlnKliO2CK9uQaspyDiiKPQBGub3Jng
OGjK63Qqab/7ULkd4mxSfRck45EBgd0au3WKvrn2HzrZaqTEGBrTtMxSIHFIdlV6
uD1HZxfRoHzVBZdPCIGtMp/sQ7KjAfMhgAH+grfWW+V2TB6gVmLw6ruvkoBDbxPD
/T+w3cn6dH+dIjJPxhHPZ7KDPC58+ivp2VngUS4WC6plddAbgPL3azHGv0nrA3Wt
w0hhtCRsk6/DVg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:02 2024 by rpki-client on console-ams.rpki-client.org