Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/1-DJSRol5cypsW0waHsHia1XJbZI.roa
File: 1-DJSRol5cypsW0waHsHia1XJbZI.roa (raw, json)
Hash identifier: U4Rsp0WEX9kNTFmWYJEM3NrqSCk4a1Un3XnUcGxeoRY=
Subject key identifier: F8:32:52:46:89:79:73:2A:6C:5B:4C:1A:1E:C1:E2:6B:55:C9:6D:92
Certificate issuer: /CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Certificate serial: 0186EEFDF8CE95AF345FB92100BDB2FCA16B
Authority key identifier: 00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/1-DJSRol5cypsW0waHsHia1XJbZI.roa
Signing time: Fri 17 Mar 2023 09:54:27 +0000
ROA not before: Fri 17 Mar 2023 09:54:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49477
IP address blocks: 193.169.66.0/23 maxlen: 23
185.22.116.0/22 maxlen: 22
2a04:1f40::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ee:fd:f8:ce:95:af:34:5f:b9:21:00:bd:b2:fc:a1:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=006b06b5d0ff1000e10c4276eea0880af209d7a2
Validity
Not Before: Mar 17 09:54:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f83252468979732a6c5b4c1a1ec1e26b55c96d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:aa:f3:a2:d3:81:01:dd:aa:4d:85:33:57:4c:
d1:ba:95:cc:60:0a:36:8c:fe:80:10:a5:76:9a:45:
3a:94:6c:32:62:54:74:7c:e1:99:20:7e:b7:2e:a1:
6a:94:f2:4e:4d:3c:f1:93:39:9f:6b:d8:e7:4e:d2:
3b:d9:a3:21:4c:a8:50:43:c9:9f:24:34:f3:a4:53:
84:05:9d:3f:6a:d5:98:b7:2d:de:e0:a8:d9:cf:71:
2f:c4:b1:03:a2:84:fd:53:5f:36:6d:97:62:07:38:
95:fb:2a:4e:e4:54:a8:6b:e6:3d:ed:8a:c2:1d:09:
23:f4:d8:f9:37:98:9d:02:9d:3c:b4:f7:fe:48:86:
55:0c:d0:17:22:1b:a7:08:0a:58:f0:6c:68:ca:22:
24:c8:30:9e:fe:bc:df:22:6b:f1:4a:96:6c:e4:ca:
9a:d5:b3:c1:7b:9b:58:0e:4c:4d:3c:2f:64:f8:20:
24:84:5d:8a:9a:ac:dd:8e:ab:f1:c8:4f:6a:99:b4:
dd:b6:4e:04:53:e3:d4:af:b1:73:cb:aa:af:0b:52:
d2:2a:de:a3:e6:36:d5:b3:1c:b4:78:60:76:44:bc:
84:16:d2:7c:5b:2d:57:c7:82:e1:a9:95:1b:60:fe:
60:b6:0f:78:50:b9:c8:95:51:c7:ed:f6:6f:3d:ee:
15:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:32:52:46:89:79:73:2A:6C:5B:4C:1A:1E:C1:E2:6B:55:C9:6D:92
X509v3 Authority Key Identifier:
keyid:00:6B:06:B5:D0:FF:10:00:E1:0C:42:76:EE:A0:88:0A:F2:09:D7:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGsGtdD_EADhDEJ27qCICvIJ16I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/1-DJSRol5cypsW0waHsHia1XJbZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/4737c9-e263-44e7-8fed-57c955c9c85d/1/AGsGtdD_EADhDEJ27qCICvIJ16I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.116.0/22
193.169.66.0/23
IPv6:
2a04:1f40::/29
Signature Algorithm: sha256WithRSAEncryption
93:2b:b2:aa:14:37:4d:d6:60:b9:3d:23:61:c6:e5:0b:c4:6b:
31:f2:de:6b:d2:2b:f9:2f:96:85:60:05:86:a0:87:b7:06:02:
bb:5f:6b:52:e3:8a:c5:ec:4e:00:4f:a4:48:f4:3b:c4:f6:c1:
c7:3b:b6:42:7c:38:aa:9d:93:6e:38:f8:ca:d0:cb:37:5f:5a:
79:93:ed:fc:19:c2:ef:e1:75:e0:4b:cc:8f:ab:80:3d:87:33:
3b:e5:69:40:c3:11:0c:ac:2a:14:ea:64:a7:33:89:88:20:79:
78:82:87:7f:5c:75:be:e2:21:94:2d:1e:3f:63:33:55:69:24:
f9:cf:5c:92:e5:30:16:aa:20:f8:ca:79:6a:64:de:fd:58:b8:
df:92:15:a5:1f:22:a4:1a:08:4e:59:78:5e:13:20:1b:54:79:
81:36:f9:94:69:24:27:63:8d:09:fe:b1:f1:e6:95:3d:3c:43:
22:88:f4:ad:82:18:e6:dd:16:02:33:14:bc:7a:eb:8d:26:77:
cc:0b:8c:65:17:1e:61:9e:cf:2a:e7:fd:e1:84:e0:e8:4e:39:
73:26:d0:8b:0c:e4:55:74:db:b6:4b:6a:94:10:f5:3d:fe:11:
94:8f:dd:39:95:07:9a:7d:0a:f9:7e:8d:46:d1:72:31:c0:9c:
4f:a3:ec:c4
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYbu/fjOla80X7khAL2y/KFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNmIwNmI1ZDBmZjEwMDBlMTBjNDI3NmVlYTA4ODBhZjIw
OWQ3YTIwHhcNMjMwMzE3MDk1NDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODMyNTI0Njg5Nzk3MzJhNmM1YjRjMWExZWMxZTI2YjU1Yzk2ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAparzotOBAd2qTYUzV0zRupXMYAo2
jP6AEKV2mkU6lGwyYlR0fOGZIH63LqFqlPJOTTzxkzmfa9jnTtI72aMhTKhQQ8mf
JDTzpFOEBZ0/atWYty3e4KjZz3EvxLEDooT9U182bZdiBziV+ypO5FSoa+Y97YrC
HQkj9Nj5N5idAp08tPf+SIZVDNAXIhunCApY8GxoyiIkyDCe/rzfImvxSpZs5Mqa
1bPBe5tYDkxNPC9k+CAkhF2KmqzdjqvxyE9qmbTdtk4EU+PUr7Fzy6qvC1LSKt6j
5jbVsxy0eGB2RLyEFtJ8Wy1Xx4LhqZUbYP5gtg94ULnIlVHH7fZvPe4VOwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPgyUkaJeXMqbFtMGh7B4mtVyW2SMB8GA1UdIwQY
MBaAFABrBrXQ/xAA4QxCdu6giAryCdeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdzR3RkRF9FQURoREVKMjdxQ0lDdklKMTZJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80NzM3YzktZTI2My00NGU3LThmZWQt
NTdjOTU1YzljODVkLzEvMS1ESlNSb2w1Y3lwc1cwd2FIc0hpYTFYSmJaSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvNDczN2M5LWUyNjMtNDRlNy04ZmVkLTU3Yzk1NWM5Yzg1
ZC8xL0FHc0d0ZERfRUFEaERFSjI3cUNJQ3ZJSjE2SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkWdAME
AcGpQjANBAIAAjAHAwUDKgQfQDANBgkqhkiG9w0BAQsFAAOCAQEAkyuyqhQ3TdZg
uT0jYcblC8RrMfLea9Ir+S+WhWAFhqCHtwYCu19rUuOKxexOAE+kSPQ7xPbBxzu2
Qnw4qp2Tbjj4ytDLN19aeZPt/BnC7+F14EvMj6uAPYczO+VpQMMRDKwqFOpkpzOJ
iCB5eIKHf1x1vuIhlC0eP2MzVWkk+c9ckuUwFqog+Mp5amTe/Vi435IVpR8ipBoI
Tll4XhMgG1R5gTb5lGkkJ2ONCf6x8eaVPTxDIoj0rYIY5t0WAjMUvHrrjSZ3zAuM
ZRceYZ7PKuf94YTg6E45cybQiwzkVXTbtktqlBD1Pf4RlI/dOZUHmn0K+X6NRtFy
McCcT6PsxA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:35 2024 by rpki-client on console-fra.rpki-client.org