Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/djqOJPfCsXIBEGP2HNOm9vDfwoU.roa
File: djqOJPfCsXIBEGP2HNOm9vDfwoU.roa (raw, json)
Hash identifier: NbLb2EG/LC396HjGr0T1VaUz7Jtt6WEyWQfCPTThyjU=
Subject key identifier: 76:3A:8E:24:F7:C2:B1:72:01:10:63:F6:1C:D3:A6:F6:F0:DF:C2:85
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 01856F5DE473F540A474944BEB15F656CAB5
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/djqOJPfCsXIBEGP2HNOm9vDfwoU.roa
Signing time: Sun 01 Jan 2023 22:05:02 +0000
ROA not before: Sun 01 Jan 2023 22:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209250
IP address blocks: 195.168.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:e4:73:f5:40:a4:74:94:4b:eb:15:f6:56:ca:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 22:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=763a8e24f7c2b172011063f61cd3a6f6f0dfc285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:da:15:d0:85:20:26:ea:bd:50:d9:52:c0:
47:a1:ea:c3:2d:2b:cc:1f:1a:e2:eb:9a:8b:01:fa:
35:d9:46:19:f3:eb:a4:14:df:d9:73:b3:b0:11:60:
89:26:b3:06:f0:79:15:13:7e:bc:9d:56:a0:81:be:
45:28:33:19:e9:6b:9d:c8:53:41:61:98:ac:0a:17:
28:2e:d7:b3:fc:32:0c:23:ea:fc:49:19:9a:36:cf:
9f:7c:bb:c5:94:e1:7f:44:cf:30:5c:43:69:44:fa:
50:a6:28:0b:23:11:ce:b3:fd:c7:e9:0d:32:a9:7a:
91:45:71:81:d8:27:24:11:63:36:7a:e5:ae:de:62:
5d:4c:8c:db:57:c1:08:0d:9f:c1:bd:ed:20:ee:5c:
df:be:e5:a2:f2:bd:73:3e:bb:22:d5:38:ca:84:9c:
c4:2e:fc:7c:2b:62:5f:56:26:ac:ae:c0:01:d9:fc:
c6:2d:8e:b4:ae:0f:db:2a:9b:12:d3:bf:c9:bf:ee:
35:a0:13:1c:07:b6:f7:4b:28:0e:e1:da:af:55:e9:
8a:a7:74:08:0e:b0:8b:18:64:aa:2b:8a:35:98:1e:
2a:7c:78:d5:66:8d:5a:2b:da:9f:14:2e:55:bc:1c:
17:28:de:ba:67:66:c6:56:8a:02:9e:ef:6a:64:56:
97:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:3A:8E:24:F7:C2:B1:72:01:10:63:F6:1C:D3:A6:F6:F0:DF:C2:85
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/djqOJPfCsXIBEGP2HNOm9vDfwoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.168.219.0/24
Signature Algorithm: sha256WithRSAEncryption
03:4a:63:36:20:98:b2:68:2c:07:48:79:f5:a2:2d:0c:82:d6:
b4:c6:49:77:13:e9:1c:ce:4c:e0:7d:48:47:ee:cc:98:5e:89:
27:2b:ad:86:37:87:5f:bf:36:e9:e8:06:78:86:70:b8:4d:06:
82:b9:7c:5f:ea:e2:50:1c:9d:cb:99:4a:9d:6a:8b:55:ef:00:
ae:ea:d0:66:3b:30:1d:44:a6:b1:f3:15:1e:06:a1:0f:0d:a7:
4d:ba:12:f0:3b:98:59:45:21:dc:47:e7:85:90:46:d5:65:9f:
38:6a:d4:82:e8:7d:1e:04:9e:7e:56:99:ab:c9:2a:ad:e5:b9:
93:34:e9:d2:16:22:df:af:c0:08:b6:72:7b:de:ca:37:a0:db:
46:64:0f:08:ea:0c:a2:02:2e:8e:ab:8f:c8:39:1e:13:fc:4e:
00:a0:2d:8b:5e:ed:8d:f6:43:11:d8:a1:c1:99:26:7d:1b:64:
cd:02:a4:96:3b:84:a3:86:f8:0c:a7:8c:d6:4c:95:17:b0:5a:
a8:01:46:a6:41:f7:86:8f:fb:f7:f9:3d:98:79:f3:cd:b9:0e:
df:3e:6c:81:a4:af:37:d4:9a:dd:ed:0d:f9:60:d4:5e:50:94:
98:89:30:5a:34:23:0c:0a:39:2d:69:77:a4:17:d5:b5:16:01:
37:60:0f:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvXeRz9UCkdJRL6xX2Vsq1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjMwMTAxMjIwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjNhOGUyNGY3YzJiMTcyMDExMDYzZjYxY2QzYTZmNmYwZGZjMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXnaFdCFICbqvVDZUsBHoerDLSvM
Hxri65qLAfo12UYZ8+ukFN/Zc7OwEWCJJrMG8HkVE368nVaggb5FKDMZ6WudyFNB
YZisChcoLtez/DIMI+r8SRmaNs+ffLvFlOF/RM8wXENpRPpQpigLIxHOs/3H6Q0y
qXqRRXGB2CckEWM2euWu3mJdTIzbV8EIDZ/Bve0g7lzfvuWi8r1zPrsi1TjKhJzE
Lvx8K2JfViasrsAB2fzGLY60rg/bKpsS07/Jv+41oBMcB7b3SygO4dqvVemKp3QI
DrCLGGSqK4o1mB4qfHjVZo1aK9qfFC5VvBwXKN66Z2bGVooCnu9qZFaXFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHY6jiT3wrFyARBj9hzTpvbw38KFMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvZGpxT0pQZkNzWElCRUdQMkhOT205dkRmd29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw6jbMA0G
CSqGSIb3DQEBCwUAA4IBAQADSmM2IJiyaCwHSHn1oi0Mgta0xkl3E+kczkzgfUhH
7syYXoknK62GN4dfvzbp6AZ4hnC4TQaCuXxf6uJQHJ3LmUqdaotV7wCu6tBmOzAd
RKax8xUeBqEPDadNuhLwO5hZRSHcR+eFkEbVZZ84atSC6H0eBJ5+VpmrySqt5bmT
NOnSFiLfr8AItnJ73so3oNtGZA8I6gyiAi6Oq4/IOR4T/E4AoC2LXu2N9kMR2KHB
mSZ9G2TNAqSWO4SjhvgMp4zWTJUXsFqoAUamQfeGj/v3+T2YefPNuQ7fPmyBpK83
1Jrd7Q35YNReUJSYiTBaNCMMCjktaXekF9W1FgE3YA/T
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:44 2024 by rpki-client on console-fra.rpki-client.org