Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgTxyxdFzskoYpV452r3SHmbjY0.roa
File: dgTxyxdFzskoYpV452r3SHmbjY0.roa (raw, json)
Hash identifier: K2YUORuv/qrpb/DHU/z4d4tVTxT7c84SMoWQfQ6EtG0=
Subject key identifier: 76:04:F1:CB:17:45:CE:C9:28:62:95:78:E7:6A:F7:48:79:9B:8D:8D
Certificate issuer: /CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Certificate serial: 018CC49309FF65395F81197FFF6FAA72F536
Authority key identifier: 2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgTxyxdFzskoYpV452r3SHmbjY0.roa
Signing time: Mon 01 Jan 2024 10:30:19 +0000
ROA not before: Mon 01 Jan 2024 10:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.93.228.0/24 maxlen: 24
193.19.224.0/22 maxlen: 24
2a02:fe80:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 14 Feb 2024 17:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:09:ff:65:39:5f:81:19:7f:ff:6f:aa:72:f5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e4bd4edca29d4e72be86ced0b7ad652c7d261c9
Validity
Not Before: Jan 1 10:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7604f1cb1745cec928629578e76af748799b8d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7a:e2:c2:a9:ae:c6:37:e3:00:25:80:0e:85:
5d:bd:8b:85:f9:b8:3b:4d:ce:a4:ff:30:f4:1e:9a:
48:50:64:43:34:60:03:58:87:43:b3:bd:71:50:c1:
50:53:77:23:1f:ec:74:4e:b9:de:7a:9e:04:02:16:
60:d5:ba:57:89:3e:c6:82:65:e1:aa:17:0b:fc:7b:
34:43:8c:1b:0c:5d:2a:e4:54:c9:1d:7f:92:dd:0e:
72:90:45:2e:bd:da:2c:d6:81:13:6f:be:eb:d0:05:
72:13:06:5e:01:48:8f:e1:27:97:34:89:f6:e0:96:
b0:fc:da:1f:0c:46:95:16:ac:9b:dc:29:68:2f:4b:
f5:4e:81:0d:dd:69:79:a3:1c:e6:fb:f7:83:85:ef:
53:2f:5a:54:61:62:5d:c2:0c:52:d4:81:2f:f8:90:
fa:6d:b4:db:23:58:63:3b:74:7e:3b:e9:e4:48:3c:
19:99:dd:3b:0e:c9:22:d5:5c:09:7c:67:1c:e3:6f:
f9:f8:50:c4:65:b8:9e:3a:9e:8d:a3:21:72:e7:9d:
3a:44:e3:32:29:f9:1b:0e:d8:bf:cd:13:9f:49:bf:
9d:49:db:31:08:b4:38:f7:d3:d8:e3:cc:08:1c:28:
75:12:94:73:c5:fd:dd:6c:55:4e:74:b1:63:65:2f:
be:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:04:F1:CB:17:45:CE:C9:28:62:95:78:E7:6A:F7:48:79:9B:8D:8D
X509v3 Authority Key Identifier:
keyid:2E:4B:D4:ED:CA:29:D4:E7:2B:E8:6C:ED:0B:7A:D6:52:C7:D2:61:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkvU7cop1Ocr6GztC3rWUsfSYck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/dgTxyxdFzskoYpV452r3SHmbjY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/a53bb6-66c0-4861-b288-2a6372e054d2/1/LkvU7cop1Ocr6GztC3rWUsfSYck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.228.0/24
193.19.224.0/22
IPv6:
2a02:fe80:13::/48
Signature Algorithm: sha256WithRSAEncryption
53:3c:54:db:44:b2:f1:28:d9:26:6f:38:15:cb:22:c9:ff:20:
94:cc:7c:81:9f:84:bd:f4:e8:d3:f2:88:b5:8b:fd:8f:45:5c:
fa:2b:7d:25:a4:9d:11:8e:09:77:da:b3:60:28:d4:cb:46:83:
32:64:9b:62:87:58:25:df:b5:f5:fe:ba:8e:ed:bf:b0:53:c5:
ea:a8:ef:98:80:49:a7:54:e1:c6:bd:45:4c:6b:67:05:e1:e7:
c6:ec:5d:89:ef:39:be:5c:31:5e:00:57:0e:78:9d:0b:73:77:
30:9f:d1:ec:c3:4d:af:68:91:64:c6:13:e8:e5:bd:6b:0c:08:
03:a8:de:01:73:0a:03:44:1e:55:71:ac:43:80:d3:48:5a:36:
c2:c8:12:9f:79:1b:ae:dd:72:ec:28:df:6f:9d:ef:7d:8e:fe:
06:d4:69:6f:c2:01:23:33:72:d1:c3:32:14:79:c8:2e:93:3a:
56:fb:92:df:04:be:3e:4c:15:0e:e8:23:a1:3b:d2:cb:5a:50:
93:ad:91:fb:f5:10:c8:39:45:97:97:88:15:1b:30:b6:03:f5:
86:95:85:9f:30:11:8e:ff:86:6d:82:b4:ba:89:46:bd:76:6d:
f3:24:66:78:92:a2:6b:9e:dc:46:6d:87:2a:d5:ce:ff:19:53:
06:c7:e6:34
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzEkwn/ZTlfgRl//2+qcvU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNGJkNGVkY2EyOWQ0ZTcyYmU4NmNlZDBiN2FkNjUyYzdk
MjYxYzkwHhcNMjQwMTAxMTAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjA0ZjFjYjE3NDVjZWM5Mjg2Mjk1NzhlNzZhZjc0ODc5OWI4ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnriwqmuxjfjACWADoVdvYuF+bg7
Tc6k/zD0HppIUGRDNGADWIdDs71xUMFQU3cjH+x0Trneep4EAhZg1bpXiT7GgmXh
qhcL/Hs0Q4wbDF0q5FTJHX+S3Q5ykEUuvdos1oETb77r0AVyEwZeAUiP4SeXNIn2
4Jaw/NofDEaVFqyb3CloL0v1ToEN3Wl5oxzm+/eDhe9TL1pUYWJdwgxS1IEv+JD6
bbTbI1hjO3R+O+nkSDwZmd07Dski1VwJfGcc42/5+FDEZbieOp6NoyFy5506ROMy
KfkbDti/zROfSb+dSdsxCLQ499PY48wIHCh1EpRzxf3dbFVOdLFjZS++iwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHYE8csXRc7JKGKVeOdq90h5m42NMB8GA1UdIwQY
MBaAFC5L1O3KKdTnK+hs7Qt61lLH0mHJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgt
MmE2MzcyZTA1NGQyLzEvZGdUeHl4ZEZ6c2tvWXBWNDUycjNTSG1ialkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9hNTNiYjYtNjZjMC00ODYxLWIyODgtMmE2MzcyZTA1NGQy
LzEvTGt2VTdjb3AxT2NyNkd6dEMzcldVc2ZTWWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuV3kAwQC
wRPgMA8EAgACMAkDBwAqAv6AABMwDQYJKoZIhvcNAQELBQADggEBAFM8VNtEsvEo
2SZvOBXLIsn/IJTMfIGfhL306NPyiLWL/Y9FXPorfSWknRGOCXfas2Ao1MtGgzJk
m2KHWCXftfX+uo7tv7BTxeqo75iASadU4ca9RUxrZwXh58bsXYnvOb5cMV4AVw54
nQtzdzCf0ezDTa9okWTGE+jlvWsMCAOo3gFzCgNEHlVxrEOA00haNsLIEp95G67d
cuwo32+d732O/gbUaW/CASMzctHDMhR5yC6TOlb7kt8Evj5MFQ7oI6E70staUJOt
kfv1EMg5RZeXiBUbMLYD9YaVhZ8wEY7/hm2CtLqJRr12bfMkZniSomue3EZthyrV
zv8ZUwbH5jQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:29 2024 by rpki-client on console-ams.rpki-client.org