Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/O_dqtiVU-hDxCveGBsgYOQFZQaQ.roa
File: O_dqtiVU-hDxCveGBsgYOQFZQaQ.roa (raw, json)
Hash identifier: 7S/d7TMnTQg9okTocacaP6HxeX3gyGhcX+NiB8tJ6Xg=
Subject key identifier: 3B:F7:6A:B6:25:54:FA:10:F1:0A:F7:86:06:C8:18:39:01:59:41:A4
Certificate issuer: /CN=df3b796c3fc559bfaf4b76550894cff4d30b9b7e
Certificate serial: 01856F0B737476CC0BBC1219DCA08402F6D4
Authority key identifier: DF:3B:79:6C:3F:C5:59:BF:AF:4B:76:55:08:94:CF:F4:D3:0B:9B:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zt5bD_FWb-vS3ZVCJTP9NMLm34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/O_dqtiVU-hDxCveGBsgYOQFZQaQ.roa
Signing time: Sun 01 Jan 2023 20:34:59 +0000
ROA not before: Sun 01 Jan 2023 20:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24603
IP address blocks: 195.42.100.0/23 maxlen: 24
2001:67c:12e8::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:73:74:76:cc:0b:bc:12:19:dc:a0:84:02:f6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b796c3fc559bfaf4b76550894cff4d30b9b7e
Validity
Not Before: Jan 1 20:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bf76ab62554fa10f10af78606c81839015941a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3a:5f:bf:9e:bb:1a:6c:02:7b:33:50:8f:47:
22:90:99:d4:6f:6d:3f:c7:0a:89:df:fe:93:c9:ac:
b5:a1:36:a6:c9:5d:00:7d:f7:32:29:c9:2f:c4:60:
c5:f9:f2:ed:aa:a2:2d:87:ab:2d:87:6b:d9:f7:41:
d3:cc:4c:02:52:5a:06:a0:9b:91:52:4c:86:2a:da:
c5:50:f4:cb:ec:ea:8e:bb:6c:12:db:a6:0d:21:fe:
46:c2:12:81:ba:d6:b6:f7:85:0f:4c:72:15:2b:4a:
b4:5d:00:5e:6a:b3:05:0b:60:df:22:54:f1:2f:84:
a7:4d:d9:dd:d5:56:ec:39:9b:81:86:37:17:46:0f:
98:55:48:89:f1:d1:e1:e1:de:d4:fc:a3:69:9a:bc:
e8:c4:3d:f1:ec:fc:86:e2:53:fe:82:b7:1e:70:5c:
89:75:32:d9:28:7f:04:f5:fd:ed:49:36:32:b8:61:
b3:15:a8:94:39:6c:f0:b2:65:df:14:ba:9c:f0:f3:
c3:66:29:d6:32:89:0d:75:b3:6c:3e:56:17:68:5b:
4b:7b:f4:41:2c:71:99:02:26:d6:ae:27:e5:99:06:
9e:2a:97:81:9e:3f:9d:38:f3:73:1d:cd:4c:b3:d8:
e2:87:e0:c2:2e:7b:e2:ec:16:18:2c:02:94:a5:ea:
f3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F7:6A:B6:25:54:FA:10:F1:0A:F7:86:06:C8:18:39:01:59:41:A4
X509v3 Authority Key Identifier:
keyid:DF:3B:79:6C:3F:C5:59:BF:AF:4B:76:55:08:94:CF:F4:D3:0B:9B:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zt5bD_FWb-vS3ZVCJTP9NMLm34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/O_dqtiVU-hDxCveGBsgYOQFZQaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/c7fdc8-caeb-4741-be4e-28e44f2ee90a/1/3zt5bD_FWb-vS3ZVCJTP9NMLm34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.100.0/23
IPv6:
2001:67c:12e8::/47
Signature Algorithm: sha256WithRSAEncryption
68:90:4a:35:0b:91:35:91:d7:b6:4d:e1:30:32:17:59:4a:c2:
46:7b:51:64:59:43:a1:2a:de:20:f6:ad:6f:14:76:46:fd:6e:
31:52:35:5c:42:23:16:7f:e4:8c:df:8c:46:c7:bc:ed:0a:eb:
ef:d1:32:f5:19:21:94:10:86:32:dd:49:72:d7:de:b2:09:9a:
85:1d:dd:3b:25:e1:f0:13:a3:f8:d6:8b:7e:a9:b2:01:cb:78:
3c:3f:3b:b0:13:96:46:61:34:d4:5f:71:0b:87:df:70:e1:69:
12:32:67:a2:62:5c:a7:90:55:73:7e:96:8a:85:bb:92:cc:72:
10:c2:fd:78:da:a9:f6:9b:60:0f:34:11:3a:71:31:50:88:18:
1c:6c:fd:ed:5a:fe:8b:b0:6b:32:7a:33:5b:0f:f4:be:ad:cd:
18:e7:0b:c4:9a:ef:5c:92:c7:d6:6d:8b:85:b3:df:ba:1d:c7:
28:fc:64:78:48:87:dd:b6:23:49:c6:66:8e:0b:0d:76:53:bc:
05:17:bf:cb:fa:ad:50:b8:c7:99:d1:d3:5a:3e:17:b8:2f:9b:
e7:01:57:00:cb:5f:47:4d:29:4c:cb:16:4a:00:a0:5d:60:eb:
98:09:55:7a:28:af:a8:35:0b:72:75:5c:8e:38:c6:6d:81:e7:
5c:a0:52:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvC3N0dswLvBIZ3KCEAvbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2I3OTZjM2ZjNTU5YmZhZjRiNzY1NTA4OTRjZmY0ZDMw
YjliN2UwHhcNMjMwMTAxMjAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY3NmFiNjI1NTRmYTEwZjEwYWY3ODYwNmM4MTgzOTAxNTk0MWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTpfv567GmwCezNQj0cikJnUb20/
xwqJ3/6Tyay1oTamyV0AffcyKckvxGDF+fLtqqIth6sth2vZ90HTzEwCUloGoJuR
UkyGKtrFUPTL7OqOu2wS26YNIf5GwhKButa294UPTHIVK0q0XQBearMFC2DfIlTx
L4SnTdnd1VbsOZuBhjcXRg+YVUiJ8dHh4d7U/KNpmrzoxD3x7PyG4lP+grcecFyJ
dTLZKH8E9f3tSTYyuGGzFaiUOWzwsmXfFLqc8PPDZinWMokNdbNsPlYXaFtLe/RB
LHGZAibWriflmQaeKpeBnj+dOPNzHc1Ms9jih+DCLnvi7BYYLAKUperz/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDv3arYlVPoQ8Qr3hgbIGDkBWUGkMB8GA1UdIwQY
MBaAFN87eWw/xVm/r0t2VQiUz/TTC5t+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3p0NWJEX0ZXYi12UzNaVkNKVFA5Tk1MbTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jN2ZkYzgtY2FlYi00NzQxLWJlNGUt
MjhlNDRmMmVlOTBhLzEvT19kcXRpVlUtaER4Q3ZlR0JzZ1lPUUZaUWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jN2ZkYzgtY2FlYi00NzQxLWJlNGUtMjhlNDRmMmVlOTBh
LzEvM3p0NWJEX0ZXYi12UzNaVkNKVFA5Tk1MbTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwypkMA8E
AgACMAkDBwEgAQZ8EugwDQYJKoZIhvcNAQELBQADggEBAGiQSjULkTWR17ZN4TAy
F1lKwkZ7UWRZQ6Eq3iD2rW8Udkb9bjFSNVxCIxZ/5IzfjEbHvO0K6+/RMvUZIZQQ
hjLdSXLX3rIJmoUd3Tsl4fATo/jWi36psgHLeDw/O7ATlkZhNNRfcQuH33DhaRIy
Z6JiXKeQVXN+loqFu5LMchDC/XjaqfabYA80ETpxMVCIGBxs/e1a/ouwazJ6M1sP
9L6tzRjnC8Sa71ySx9Zti4Wz37odxyj8ZHhIh922I0nGZo4LDXZTvAUXv8v6rVC4
x5nR01o+F7gvm+cBVwDLX0dNKUzLFkoAoF1g65gJVXoor6g1C3J1XI44xm2B51yg
Ukc=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:09 2024 by rpki-client on console-fra.rpki-client.org