Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DfPQ87QFOMqYT4xWonJRAhjjutE.roa
File: DfPQ87QFOMqYT4xWonJRAhjjutE.roa (raw, json)
Hash identifier: 6Lbyk9W1atK8MSmd2Se3flgPqPV83wl0rNjQavmx7pw=
Subject key identifier: 0D:F3:D0:F3:B4:05:38:CA:98:4F:8C:56:A2:72:51:02:18:E3:BA:D1
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018843E4BF05B27030EA32D2EE71568A0DFF
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DfPQ87QFOMqYT4xWonJRAhjjutE.roa
Signing time: Mon 22 May 2023 14:37:24 +0000
ROA not before: Mon 22 May 2023 14:37:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30738
IP address blocks: 195.211.53.0/24 maxlen: 24
109.248.220.0/23 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate revoked on Wed 24 May 2023 06:58:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:43:e4:bf:05:b2:70:30:ea:32:d2:ee:71:56:8a:0d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: May 22 14:37:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0df3d0f3b40538ca984f8c56a272510218e3bad1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f5:b5:18:1f:d4:92:c8:50:af:a8:83:d5:3f:
c5:5c:33:e7:0e:4b:bc:2a:f6:f6:03:6e:03:b3:3b:
b5:15:16:ab:a4:18:a2:3a:5e:7b:30:3d:ff:84:12:
81:a4:ff:81:c6:49:bb:63:c1:16:87:70:f4:a2:a3:
30:25:ed:31:6e:de:ce:d6:57:ac:44:ac:8e:5e:9f:
13:56:74:86:b2:cf:b3:09:f8:6f:d6:a7:aa:52:8b:
ff:cd:e3:09:9c:32:7d:07:70:6d:a2:2b:d0:af:9a:
b2:fa:5a:97:e6:d2:77:c7:a7:eb:12:2a:fa:0b:51:
35:ac:bb:2b:57:59:b4:ff:b4:fa:3c:1e:b5:ed:4e:
05:c2:65:87:29:ba:58:67:fd:4f:08:0d:2a:2a:68:
75:f9:02:12:98:53:2f:df:96:b4:d2:6a:4a:57:bc:
f6:69:ea:78:e4:56:8e:c3:de:e0:be:1c:d2:80:01:
7f:37:e8:79:f7:86:76:ea:88:a7:fb:cf:5f:30:20:
12:ea:98:5d:fc:14:67:c5:f5:b7:b1:f4:b8:6d:61:
e4:7c:4f:1c:db:8e:6d:8f:50:ba:59:74:bc:38:c0:
b9:13:f8:21:59:df:9a:87:ab:89:81:07:fe:de:76:
46:5f:06:8e:4f:30:38:04:c0:de:68:0d:6b:2d:b5:
15:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F3:D0:F3:B4:05:38:CA:98:4F:8C:56:A2:72:51:02:18:E3:BA:D1
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/DfPQ87QFOMqYT4xWonJRAhjjutE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.220.0/23
188.130.182.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
7c:92:c9:9a:f0:db:e6:9f:37:a7:be:12:ae:07:cb:6d:2a:4c:
30:ad:be:21:98:17:87:94:bd:b2:07:c8:bc:c3:4a:65:c3:9d:
36:9d:19:cb:46:6d:35:06:22:b9:65:2d:fd:76:ea:c1:fa:97:
14:23:b4:ba:72:b3:84:19:7d:37:d3:54:9c:a6:ac:fc:e8:04:
40:49:91:bf:a1:cf:7c:0a:22:8f:40:bd:ac:54:67:c9:06:c4:
4d:39:6e:82:ae:bb:f7:20:79:53:02:ad:bd:48:b3:91:b5:83:
4f:2b:3e:45:5c:81:04:b2:fd:91:53:f5:2f:5c:05:18:ed:99:
f4:c5:84:59:11:6a:be:17:4b:33:53:cc:be:db:c1:cb:fc:38:
9c:6b:5f:ed:d2:24:46:89:fb:25:3e:05:9a:57:c9:35:0a:e0:
ed:d4:ae:c6:4e:0e:07:9f:2e:1d:0d:af:0b:84:b8:e6:9e:f8:
12:98:53:2f:98:40:29:78:c4:f4:5c:82:2e:84:01:df:9d:15:
2d:46:aa:59:ef:cc:5f:3e:ac:9f:1f:d8:b0:6b:53:71:20:2b:
63:76:9d:97:79:cf:9b:a9:e2:e9:48:a9:64:b8:60:af:f8:96:
50:07:c0:b5:df:34:78:55:91:23:47:c3:bc:66:3d:a4:e0:c5:
1c:2e:4f:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYhD5L8FsnAw6jLS7nFWig3/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjMwNTIyMTQzNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGYzZDBmM2I0MDUzOGNhOTg0ZjhjNTZhMjcyNTEwMjE4ZTNiYWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/W1GB/UkshQr6iD1T/FXDPnDku8
Kvb2A24Dszu1FRarpBiiOl57MD3/hBKBpP+Bxkm7Y8EWh3D0oqMwJe0xbt7O1les
RKyOXp8TVnSGss+zCfhv1qeqUov/zeMJnDJ9B3BtoivQr5qy+lqX5tJ3x6frEir6
C1E1rLsrV1m0/7T6PB617U4FwmWHKbpYZ/1PCA0qKmh1+QISmFMv35a00mpKV7z2
aep45FaOw97gvhzSgAF/N+h594Z26oin+89fMCAS6phd/BRnxfW3sfS4bWHkfE8c
245tj1C6WXS8OMC5E/ghWd+ah6uJgQf+3nZGXwaOTzA4BMDeaA1rLbUVcwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA3z0PO0BTjKmE+MVqJyUQIY47rRMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvRGZQUTg3UUZPTXFZVDR4V29uSlJBaGpqdXRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBbfjcAwQA
vIK2AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQB8ksma
8NvmnzenvhKuB8ttKkwwrb4hmBeHlL2yB8i8w0plw502nRnLRm01BiK5ZS39durB
+pcUI7S6crOEGX0301Scpqz86ARASZG/oc98CiKPQL2sVGfJBsRNOW6Crrv3IHlT
Aq29SLORtYNPKz5FXIEEsv2RU/UvXAUY7Zn0xYRZEWq+F0szU8y+28HL/Dica1/t
0iRGifslPgWaV8k1CuDt1K7GTg4Hny4dDa8LhLjmnvgSmFMvmEApeMT0XIIuhAHf
nRUtRqpZ78xfPqyfH9iwa1NxICtjdp2Xec+bqeLpSKlkuGCv+JZQB8C13zR4VZEj
R8O8Zj2k4MUcLk9K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org