Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/DbmjNpQsX9skFQCUxarSU8ZOjFs.roa
File: DbmjNpQsX9skFQCUxarSU8ZOjFs.roa (raw, json)
Hash identifier: ScOUrihSSW12yU5EF382N2SwDuMuMFPoVZDjoayz/8M=
Subject key identifier: 0D:B9:A3:36:94:2C:5F:DB:24:15:00:94:C5:AA:D2:53:C6:4E:8C:5B
Certificate issuer: /CN=78d636c505d56af42a414c167d52407d356b3d0b
Certificate serial: 018B94EA7822B04745C29342C2034B827386
Authority key identifier: 78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/DbmjNpQsX9skFQCUxarSU8ZOjFs.roa
Signing time: Fri 03 Nov 2023 11:21:15 +0000
ROA not before: Fri 03 Nov 2023 11:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209480
IP address blocks: 188.65.144.0/21 maxlen: 21
91.204.168.0/22 maxlen: 22
2a00:1aa0::/32 maxlen: 32
2a00:1aa0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:ea:78:22:b0:47:45:c2:93:42:c2:03:4b:82:73:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78d636c505d56af42a414c167d52407d356b3d0b
Validity
Not Before: Nov 3 11:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0db9a336942c5fdb24150094c5aad253c64e8c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:93:20:e8:59:ba:04:cc:83:f8:6b:24:46:c8:
a1:4a:78:a1:74:3a:24:2c:ea:c8:a1:d7:f1:e2:ca:
7e:6f:6c:14:5d:8e:b0:0b:6c:f3:f9:3b:37:c3:57:
82:5c:e6:ff:9f:30:a0:f8:c8:7a:1d:ff:60:42:5a:
92:6b:ed:38:89:7a:84:44:64:9c:ff:1a:1a:45:ba:
58:4f:1b:88:59:df:5a:7c:e7:18:31:f5:49:ad:79:
62:dc:fc:a7:2c:57:e2:41:d9:b5:71:69:ee:16:7a:
35:ed:a0:e5:4f:fc:31:53:83:85:83:69:0f:d1:4c:
7f:c4:b8:d2:a3:48:1f:60:fa:16:db:03:84:f3:3a:
ad:f5:23:3b:2f:a1:15:fc:fd:83:ad:7b:2e:1e:3a:
cb:45:5c:6a:1e:58:71:9b:60:96:68:38:08:fa:2f:
72:e2:6c:c8:5d:d9:25:14:af:97:a3:3f:48:59:79:
13:bf:75:d7:c3:4d:1e:ce:f5:cc:11:74:d3:d6:20:
3c:b3:2f:51:ac:c3:8e:93:ca:9b:3c:d5:65:de:82:
a1:4d:cb:9b:e7:c2:20:27:5d:78:b4:46:a8:40:dd:
05:62:e3:18:f6:ae:26:49:a2:b5:e9:f3:1b:1c:05:
7b:4b:47:ef:65:77:52:33:6d:57:29:f1:fe:cd:6c:
66:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:B9:A3:36:94:2C:5F:DB:24:15:00:94:C5:AA:D2:53:C6:4E:8C:5B
X509v3 Authority Key Identifier:
keyid:78:D6:36:C5:05:D5:6A:F4:2A:41:4C:16:7D:52:40:7D:35:6B:3D:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eNY2xQXVavQqQUwWfVJAfTVrPQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/DbmjNpQsX9skFQCUxarSU8ZOjFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1fa945-50e7-479a-9d92-ddcd4d935030/1/eNY2xQXVavQqQUwWfVJAfTVrPQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.168.0/22
188.65.144.0/21
IPv6:
2a00:1aa0::/29
Signature Algorithm: sha256WithRSAEncryption
3c:5d:94:24:7c:34:07:ba:bb:e5:4b:02:2d:12:93:69:83:6a:
35:d2:3b:94:c5:3a:d3:17:f5:2f:68:c4:cf:e6:21:de:7b:86:
2c:bb:11:c6:a5:f0:00:2b:81:f6:11:14:27:30:ae:fd:8a:2c:
30:c4:ec:ff:0c:5a:0a:25:a2:6a:59:d1:1b:ef:4a:ae:7f:5c:
5e:2c:f8:d2:f4:a7:c6:7a:f6:78:5b:2f:7c:e0:35:8e:79:91:
12:5f:cc:33:98:24:85:16:fd:3c:c9:74:d8:4a:d2:58:97:98:
6c:1d:e9:38:6b:f2:63:90:d9:fe:1b:6a:93:3c:1b:0e:93:81:
d9:1e:b1:4a:b9:2a:ed:0f:cf:a3:00:b0:34:d7:0b:15:c5:b0:
e3:2f:dc:85:a0:e7:c1:2d:25:b8:eb:ea:ef:b4:0f:49:68:53:
2a:13:28:b6:f5:ab:58:1b:9d:86:5d:cd:9c:f1:9f:54:0d:22:
10:8e:21:56:d0:c1:04:8f:3a:89:13:d6:d0:06:27:a7:ac:d0:
bf:ae:7b:bf:8a:e3:c1:de:9a:de:3d:ee:ce:42:6e:66:67:df:
69:7b:3e:1f:ce:90:3c:7e:64:66:65:01:8c:d9:c0:f6:91:52:
f2:20:29:66:0a:f0:e0:8f:3f:9f:d9:74:fa:50:64:7a:fc:6a:
22:bb:7c:2a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYuU6ngisEdFwpNCwgNLgnOGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4ZDYzNmM1MDVkNTZhZjQyYTQxNGMxNjdkNTI0MDdkMzU2
YjNkMGIwHhcNMjMxMTAzMTEyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGI5YTMzNjk0MmM1ZmRiMjQxNTAwOTRjNWFhZDI1M2M2NGU4YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZMg6Fm6BMyD+GskRsihSnihdDok
LOrIodfx4sp+b2wUXY6wC2zz+Ts3w1eCXOb/nzCg+Mh6Hf9gQlqSa+04iXqERGSc
/xoaRbpYTxuIWd9afOcYMfVJrXli3PynLFfiQdm1cWnuFno17aDlT/wxU4OFg2kP
0Ux/xLjSo0gfYPoW2wOE8zqt9SM7L6EV/P2DrXsuHjrLRVxqHlhxm2CWaDgI+i9y
4mzIXdklFK+Xoz9IWXkTv3XXw00ezvXMEXTT1iA8sy9RrMOOk8qbPNVl3oKhTcub
58IgJ114tEaoQN0FYuMY9q4mSaK16fMbHAV7S0fvZXdSM21XKfH+zWxmMwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA25ozaULF/bJBUAlMWq0lPGToxbMB8GA1UdIwQY
MBaAFHjWNsUF1Wr0KkFMFn1SQH01az0LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTIt
ZGRjZDRkOTM1MDMwLzEvRGJtak5wUXNYOXNrRlFDVXhhclNVOFpPakZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xZmE5NDUtNTBlNy00NzlhLTlkOTItZGRjZDRkOTM1MDMw
LzEvZU5ZMnhRWFZhdlFxUVV3V2ZWSkFmVFZyUFFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8yoAwQD
vEGQMA0EAgACMAcDBQMqABqgMA0GCSqGSIb3DQEBCwUAA4IBAQA8XZQkfDQHurvl
SwItEpNpg2o10juUxTrTF/UvaMTP5iHee4YsuxHGpfAAK4H2ERQnMK79iiwwxOz/
DFoKJaJqWdEb70quf1xeLPjS9KfGevZ4Wy984DWOeZESX8wzmCSFFv08yXTYStJY
l5hsHek4a/JjkNn+G2qTPBsOk4HZHrFKuSrtD8+jALA01wsVxbDjL9yFoOfBLSW4
6+rvtA9JaFMqEyi29atYG52GXc2c8Z9UDSIQjiFW0MEEjzqJE9bQBienrNC/rnu/
iuPB3prePe7OQm5mZ99pez4fzpA8fmRmZQGM2cD2kVLyIClmCvDgjz+f2XT6UGR6
/Goiu3wq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:44 2024 by rpki-client on console-ams.rpki-client.org