Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/Ds0U0DGNyxftpnhcYTgZ71-jrrk.roa
File: Ds0U0DGNyxftpnhcYTgZ71-jrrk.roa (raw, json)
Hash identifier: 9dneUAyhbNmJu3o57yQlhB3Noy/fnOlktjyEKOvm2Kg=
Subject key identifier: 0E:CD:14:D0:31:8D:CB:17:ED:A6:78:5C:61:38:19:EF:5F:A3:AE:B9
Certificate issuer: /CN=508a9a08abef74dcc51004f4fae0266d620395e3
Certificate serial: 01856D81AD7EC94A9DC6CA91F02E4D7337AA
Authority key identifier: 50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/Ds0U0DGNyxftpnhcYTgZ71-jrrk.roa
Signing time: Sun 01 Jan 2023 13:24:53 +0000
ROA not before: Sun 01 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211197
IP address blocks: 185.7.213.0/24 maxlen: 24
193.223.109.0/24 maxlen: 24
2a03:b680::/29 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ad:7e:c9:4a:9d:c6:ca:91:f0:2e:4d:73:37:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=508a9a08abef74dcc51004f4fae0266d620395e3
Validity
Not Before: Jan 1 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ecd14d0318dcb17eda6785c613819ef5fa3aeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:51:65:23:02:5b:20:22:2c:ec:e4:4f:b4:db:
71:28:9d:dc:23:9e:1a:58:d3:bf:ce:3d:55:28:fa:
c1:e8:b7:fb:42:db:2c:23:0c:4e:4b:30:56:e3:e0:
29:b8:dc:22:af:ef:df:1b:ea:79:e3:d7:10:54:81:
1d:06:5e:20:1a:ef:e8:40:07:70:ce:58:a5:f4:69:
6b:80:83:19:10:56:d3:0a:d5:a8:ad:8e:10:3d:c4:
54:26:eb:c8:77:b5:ba:bb:13:1b:c1:e7:99:38:2e:
fe:66:6d:fe:d1:02:e8:e9:ed:f6:71:da:f3:7c:1c:
98:09:48:47:82:5e:57:f4:35:ef:c6:2c:40:ed:3c:
23:03:6c:0e:d5:10:dd:1e:51:0a:1a:6e:75:c3:3f:
07:3f:35:d2:ca:c8:af:2d:43:2c:fb:d6:11:cd:e4:
a5:f7:17:74:e0:df:80:38:3f:57:07:ab:4b:5a:75:
73:29:7a:c2:9b:36:6e:3b:69:dc:c5:d6:31:19:98:
1e:51:65:f1:36:aa:58:6f:94:ce:38:04:7a:1b:4e:
ba:d0:a0:a4:59:8a:e4:7b:16:90:d5:39:dd:18:51:
8c:9d:c2:e0:10:d2:fc:56:9e:0b:a9:bf:39:d1:b4:
10:38:bf:44:33:d4:bc:b9:90:38:f5:88:44:d5:55:
b9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CD:14:D0:31:8D:CB:17:ED:A6:78:5C:61:38:19:EF:5F:A3:AE:B9
X509v3 Authority Key Identifier:
keyid:50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/Ds0U0DGNyxftpnhcYTgZ71-jrrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.213.0/24
193.223.109.0/24
IPv6:
2a03:b680::/29
Signature Algorithm: sha256WithRSAEncryption
0b:29:2d:b3:60:2c:8d:09:0a:87:f2:eb:c0:b4:49:56:2f:b7:
51:23:a9:b7:be:79:93:10:d1:07:3a:10:c3:b6:ba:8f:51:e0:
7b:03:87:8e:3d:02:70:5e:82:20:de:b7:b4:2b:2c:a8:f4:63:
72:ed:ca:8f:4c:c3:cc:aa:24:04:d1:73:66:02:18:1b:a4:70:
dd:74:45:fd:cf:e1:fd:a8:a4:f2:66:9f:25:24:ff:7c:dd:12:
12:62:ac:9c:d3:73:e8:70:53:8b:dc:25:fc:02:a5:cd:ec:81:
9d:cb:09:4f:9e:60:dd:30:28:15:1b:ef:ac:46:21:79:a4:99:
7f:12:35:5d:80:bf:4b:48:91:51:b6:36:09:33:08:1d:ae:1c:
d6:e0:8f:8b:81:c2:e4:d3:62:56:d7:6d:7f:64:66:00:d4:67:
9c:4a:e6:58:bc:63:4f:9c:83:5a:9d:af:79:2f:df:11:cc:f8:
30:57:91:96:bb:18:d9:fb:7d:af:7c:2d:6b:34:41:2e:f2:f5:
b5:55:6b:4a:70:1a:8f:bf:6b:b6:2a:af:57:15:da:73:a7:8d:
94:7f:72:f3:55:34:4e:7c:b7:af:a2:1e:23:cf:d6:e9:9c:4e:
77:eb:49:e9:c3:12:4e:c8:24:0e:e5:89:09:84:65:95:24:be:
2d:a8:a0:e3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtga1+yUqdxsqR8C5NczeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOGE5YTA4YWJlZjc0ZGNjNTEwMDRmNGZhZTAyNjZkNjIw
Mzk1ZTMwHhcNMjMwMTAxMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWNkMTRkMDMxOGRjYjE3ZWRhNjc4NWM2MTM4MTllZjVmYTNhZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVFlIwJbICIs7ORPtNtxKJ3cI54a
WNO/zj1VKPrB6Lf7QtssIwxOSzBW4+ApuNwir+/fG+p549cQVIEdBl4gGu/oQAdw
zlil9GlrgIMZEFbTCtWorY4QPcRUJuvId7W6uxMbweeZOC7+Zm3+0QLo6e32cdrz
fByYCUhHgl5X9DXvxixA7TwjA2wO1RDdHlEKGm51wz8HPzXSysivLUMs+9YRzeSl
9xd04N+AOD9XB6tLWnVzKXrCmzZuO2ncxdYxGZgeUWXxNqpYb5TOOAR6G0660KCk
WYrkexaQ1TndGFGMncLgENL8Vp4Lqb850bQQOL9EM9S8uZA49YhE1VW5fQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA7NFNAxjcsX7aZ4XGE4Ge9fo665MB8GA1UdIwQY
MBaAFFCKmgir73TcxRAE9PrgJm1iA5XjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzct
MDVkYmUzZGY5OGY2LzEvRHMwVTBER055eGZ0cG5oY1lUZ1o3MS1qcnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzctMDVkYmUzZGY5OGY2
LzEvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQfVAwQA
wd9tMA0EAgACMAcDBQMqA7aAMA0GCSqGSIb3DQEBCwUAA4IBAQALKS2zYCyNCQqH
8uvAtElWL7dRI6m3vnmTENEHOhDDtrqPUeB7A4eOPQJwXoIg3re0Kyyo9GNy7cqP
TMPMqiQE0XNmAhgbpHDddEX9z+H9qKTyZp8lJP983RISYqyc03PocFOL3CX8AqXN
7IGdywlPnmDdMCgVG++sRiF5pJl/EjVdgL9LSJFRtjYJMwgdrhzW4I+LgcLk02JW
121/ZGYA1GecSuZYvGNPnINana95L98RzPgwV5GWuxjZ+32vfC1rNEEu8vW1VWtK
cBqPv2u2Kq9XFdpzp42Uf3LzVTROfLevoh4jz9bpnE5360npwxJOyCQO5YkJhGWV
JL4tqKDj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:52 2024 by rpki-client on console-fra.rpki-client.org