Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DdhF-fnNqfmvrGTJNLvcUbPA5A8.roa
File: DdhF-fnNqfmvrGTJNLvcUbPA5A8.roa (raw, json)
Hash identifier: 2k3sm1KTvBCXcoIs57RbwIZUCkTeVcGHnAPayrQ4bNs=
Subject key identifier: 0D:D8:45:F9:F9:CD:A9:F9:AF:AC:64:C9:34:BB:DC:51:B3:C0:E4:0F
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0A573368624C02410349A7A6267C5
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DdhF-fnNqfmvrGTJNLvcUbPA5A8.roa
Signing time: Mon 02 Jan 2023 05:24:57 +0000
ROA not before: Mon 02 Jan 2023 05:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42877
IP address blocks: 82.177.242.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a5:73:36:86:24:c0:24:10:34:9a:7a:62:67:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd845f9f9cda9f9afac64c934bbdc51b3c0e40f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:89:5b:d4:d1:25:94:2e:26:46:2a:89:73:c6:
21:73:2a:d2:7a:8c:80:05:3e:f0:45:29:ca:84:d5:
79:a5:8d:65:d8:17:63:e2:61:cd:4c:38:c1:1b:ec:
3e:fd:6b:39:05:3d:f5:c6:b1:55:05:3e:a9:0b:c3:
a3:fd:aa:fd:8e:b3:14:cc:08:18:42:67:f9:bb:0a:
74:a4:e3:97:fd:5d:7d:07:17:53:82:be:b1:04:6b:
5d:84:ef:30:3a:ab:18:74:cd:6a:4b:b1:83:29:4f:
92:17:db:cf:2a:8d:2e:cc:2c:02:f6:40:6a:4c:b0:
da:9d:8f:8b:4d:31:78:00:65:55:35:8d:de:6b:52:
8c:e1:0e:4b:16:64:22:4c:59:85:9a:04:06:37:38:
b3:a3:b7:31:d3:cc:46:37:dc:9f:37:a7:5d:98:8f:
dc:70:37:e5:48:96:2e:f2:61:58:94:30:63:69:51:
e9:bb:60:6b:6f:f1:47:e0:34:fe:ff:72:94:51:d6:
cc:59:d0:85:1f:ad:26:18:58:8d:49:19:ca:8d:c8:
f5:5d:43:6b:f9:13:98:7e:44:f6:74:95:73:c0:c9:
72:79:af:be:59:36:2d:61:ce:c1:17:94:49:3b:ce:
ba:ab:3f:b2:79:23:4d:ed:45:ea:06:32:86:bd:11:
0e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D8:45:F9:F9:CD:A9:F9:AF:AC:64:C9:34:BB:DC:51:B3:C0:E4:0F
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/DdhF-fnNqfmvrGTJNLvcUbPA5A8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.177.242.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b6:11:9b:77:e5:fc:08:d2:fd:aa:0f:b7:f7:39:7f:dc:89:
0d:81:b2:be:33:15:13:7a:71:dd:66:06:4f:a6:32:d8:30:ca:
50:7d:68:05:f0:08:70:c1:c4:fe:07:e0:8a:fd:89:58:44:fe:
89:82:47:bf:e9:43:f6:7c:5a:98:77:bc:45:a4:9b:19:d9:77:
2c:7f:a8:7a:ab:4d:e3:90:05:c4:07:7a:39:b2:ae:54:f2:a8:
cb:cb:3d:36:79:e3:d7:61:e3:a0:22:01:40:20:e7:d5:54:ad:
1a:eb:bc:60:89:93:bf:fa:40:eb:41:9f:e6:90:25:57:d1:c6:
7d:e9:0b:c1:1b:f4:02:b8:c3:d9:48:96:a9:55:ca:6f:ad:66:
bf:d6:f9:ff:3f:8c:c0:4b:99:55:af:3c:3f:96:87:4e:ec:15:
fa:c9:84:7e:e9:e4:1f:f3:b9:5e:b6:74:07:d6:22:6b:92:19:
02:7e:c1:b1:11:c5:52:86:3a:22:b3:32:78:e3:55:fb:8e:a3:
bd:7b:9e:c0:bb:8b:ed:da:2c:e6:7d:e7:01:ef:cd:c2:d0:7c:
14:e5:fb:0b:34:e5:53:8f:a6:d5:19:57:c0:30:c3:f9:34:2e:
b6:82:a9:6a:4e:2c:54:e9:82:26:b8:35:6d:5c:7c:7d:05:56:
0c:8c:d4:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw8KVzNoYkwCQQNJp6YmfFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ4NDVmOWY5Y2RhOWY5YWZhYzY0YzkzNGJiZGM1MWIzYzBlNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIlb1NEllC4mRiqJc8YhcyrSeoyA
BT7wRSnKhNV5pY1l2Bdj4mHNTDjBG+w+/Ws5BT31xrFVBT6pC8Oj/ar9jrMUzAgY
Qmf5uwp0pOOX/V19BxdTgr6xBGtdhO8wOqsYdM1qS7GDKU+SF9vPKo0uzCwC9kBq
TLDanY+LTTF4AGVVNY3ea1KM4Q5LFmQiTFmFmgQGNzizo7cx08xGN9yfN6ddmI/c
cDflSJYu8mFYlDBjaVHpu2Brb/FH4DT+/3KUUdbMWdCFH60mGFiNSRnKjcj1XUNr
+ROYfkT2dJVzwMlyea++WTYtYc7BF5RJO866qz+yeSNN7UXqBjKGvREOyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3YRfn5zan5r6xkyTS73FGzwOQPMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvRGRoRi1mbk5xZm12ckdUSk5MdmNVYlBBNUE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUrHyMA0G
CSqGSIb3DQEBCwUAA4IBAQAbthGbd+X8CNL9qg+39zl/3IkNgbK+MxUTenHdZgZP
pjLYMMpQfWgF8AhwwcT+B+CK/YlYRP6Jgke/6UP2fFqYd7xFpJsZ2Xcsf6h6q03j
kAXEB3o5sq5U8qjLyz02eePXYeOgIgFAIOfVVK0a67xgiZO/+kDrQZ/mkCVX0cZ9
6QvBG/QCuMPZSJapVcpvrWa/1vn/P4zAS5lVrzw/lodO7BX6yYR+6eQf87letnQH
1iJrkhkCfsGxEcVShjoiszJ441X7jqO9e57Au4vt2izmfecB783C0HwU5fsLNOVT
j6bVGVfAMMP5NC62gqlqTixU6YImuDVtXHx9BVYMjNSQ
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:20 2024 by rpki-client on console-ams.rpki-client.org