Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/DmxDgdPSQyOikTABY5n1oNFabC8.roa
File: DmxDgdPSQyOikTABY5n1oNFabC8.roa (raw, json)
Hash identifier: UG+nLkrU/4G+lJuH+2E4+KtRbTqD3wbkYc/3FmsUx64=
Subject key identifier: 0E:6C:43:81:D3:D2:43:23:A2:91:30:01:63:99:F5:A0:D1:5A:6C:2F
Certificate issuer: /CN=9de783e9acd56992f5835fb4882183500ca03c83
Certificate serial: 018D5ABE56A59D36B7B5F4A1A10CE0214061
Authority key identifier: 9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/DmxDgdPSQyOikTABY5n1oNFabC8.roa
Signing time: Tue 30 Jan 2024 14:20:39 +0000
ROA not before: Tue 30 Jan 2024 14:20:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 83.97.96.0/21 maxlen: 21
83.97.96.0/24 maxlen: 24
83.97.97.0/24 maxlen: 24
83.97.98.0/24 maxlen: 24
83.97.99.0/24 maxlen: 24
83.97.100.0/24 maxlen: 24
83.97.101.0/24 maxlen: 24
83.97.102.0/24 maxlen: 24
83.97.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 15:30:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:be:56:a5:9d:36:b7:b5:f4:a1:a1:0c:e0:21:40:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9de783e9acd56992f5835fb4882183500ca03c83
Validity
Not Before: Jan 30 14:20:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e6c4381d3d24323a29130016399f5a0d15a6c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:27:bb:4a:67:b6:33:34:9f:c3:73:30:e6:40:
5b:80:12:53:1a:0a:f4:92:3a:a5:6d:7d:6d:35:e4:
a4:3e:f7:e5:da:ce:b4:59:7f:1d:f9:67:2d:d8:df:
f8:57:9b:60:3e:56:c2:9f:5f:bf:43:ec:04:3e:f4:
ad:9c:ff:30:ff:85:fb:ec:27:6a:b6:bc:e4:8e:46:
76:fa:13:b6:03:f4:b5:74:a5:71:fb:c3:03:b2:75:
de:4a:82:31:fd:c5:32:56:32:39:15:59:86:63:c6:
c9:15:68:a1:db:c0:16:3a:f1:11:e9:54:38:c4:a0:
65:6f:5f:74:a6:1d:91:b0:25:40:a2:77:cd:13:23:
0c:4b:a4:cd:88:d8:11:46:7d:97:6e:b7:e1:ee:7c:
11:76:86:b6:53:bf:2e:d1:e7:07:b8:ad:93:a5:f7:
50:a5:a6:ad:d6:d8:b7:26:00:75:11:9e:8a:9b:8a:
b2:2a:2c:0f:a8:85:d1:d7:64:15:6c:17:b8:5e:80:
ed:b1:fa:36:de:94:f4:a2:29:9b:9a:15:ab:e2:39:
de:8d:50:00:0a:ca:01:6b:43:31:d3:b8:fa:bb:44:
44:5e:17:cc:46:86:5b:aa:9c:ab:e1:c3:65:cc:83:
0a:d0:d6:0c:68:4c:c8:ad:ac:11:dc:3f:5b:78:1b:
6a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6C:43:81:D3:D2:43:23:A2:91:30:01:63:99:F5:A0:D1:5A:6C:2F
X509v3 Authority Key Identifier:
keyid:9D:E7:83:E9:AC:D5:69:92:F5:83:5F:B4:88:21:83:50:0C:A0:3C:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/neeD6azVaZL1g1-0iCGDUAygPIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/DmxDgdPSQyOikTABY5n1oNFabC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4f05ce-a382-49a0-9999-e52f70c06c29/1/neeD6azVaZL1g1-0iCGDUAygPIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.97.96.0/21
Signature Algorithm: sha256WithRSAEncryption
6c:99:29:a4:cd:67:16:f4:4d:53:25:13:1b:6c:05:64:26:5e:
81:ed:fd:df:1d:f0:46:d0:2a:67:4d:a0:17:0b:2b:12:fb:1a:
43:da:69:0b:fe:c4:4d:7b:4f:06:6a:3b:e2:81:75:c8:9d:d2:
65:f9:7e:bc:ce:82:ac:e1:34:7b:11:0e:f0:76:07:e2:31:fe:
2a:f6:1e:bf:24:f3:96:90:fa:81:15:3c:21:40:19:13:e2:2f:
32:ef:10:2e:4f:e9:44:c2:45:1c:38:9a:d1:44:48:22:8a:63:
31:01:c0:b6:04:8d:06:0e:73:79:28:08:4f:24:96:0f:8a:0d:
39:46:62:7d:f9:fd:04:6b:27:a8:b9:b6:28:d0:e6:39:4b:fd:
5b:f0:0f:20:9e:8a:ba:e5:23:d9:62:88:bc:78:a6:11:15:7a:
f8:bb:73:f6:5e:18:93:9a:e5:04:d8:50:4d:6e:d6:b6:2c:20:
53:60:ef:78:df:90:ad:e8:1a:37:f6:dc:94:4e:98:bf:7d:79:
0c:56:7d:b3:92:6c:0f:e6:23:13:6a:9e:00:74:c2:3e:2e:e2:
95:94:f8:33:5d:c3:2a:51:a7:7f:f2:57:9a:84:52:d1:49:1d:
7f:2a:f0:74:3a:4d:b1:f0:06:66:23:20:38:a9:25:08:6a:bc:
ca:4f:39:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1avlalnTa3tfShoQzgIUBhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZTc4M2U5YWNkNTY5OTJmNTgzNWZiNDg4MjE4MzUwMGNh
MDNjODMwHhcNMjQwMTMwMTQyMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZjNDM4MWQzZDI0MzIzYTI5MTMwMDE2Mzk5ZjVhMGQxNWE2YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSe7Sme2MzSfw3Mw5kBbgBJTGgr0
kjqlbX1tNeSkPvfl2s60WX8d+Wct2N/4V5tgPlbCn1+/Q+wEPvStnP8w/4X77Cdq
trzkjkZ2+hO2A/S1dKVx+8MDsnXeSoIx/cUyVjI5FVmGY8bJFWih28AWOvER6VQ4
xKBlb190ph2RsCVAonfNEyMMS6TNiNgRRn2Xbrfh7nwRdoa2U78u0ecHuK2TpfdQ
paat1ti3JgB1EZ6Km4qyKiwPqIXR12QVbBe4XoDtsfo23pT0oimbmhWr4jnejVAA
CsoBa0Mx07j6u0REXhfMRoZbqpyr4cNlzIMK0NYMaEzIrawR3D9beBtqLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA5sQ4HT0kMjopEwAWOZ9aDRWmwvMB8GA1UdIwQY
MBaAFJ3ng+ms1WmS9YNftIghg1AMoDyDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTkt
ZTUyZjcwYzA2YzI5LzEvRG14RGdkUFNReU9pa1RBQlk1bjFvTkZhYkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80ZjA1Y2UtYTM4Mi00OWEwLTk5OTktZTUyZjcwYzA2YzI5
LzEvbmVlRDZhelZhWkwxZzEtMGlDR0RVQXlnUElNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDU2FgMA0G
CSqGSIb3DQEBCwUAA4IBAQBsmSmkzWcW9E1TJRMbbAVkJl6B7f3fHfBG0CpnTaAX
CysS+xpD2mkL/sRNe08GajvigXXIndJl+X68zoKs4TR7EQ7wdgfiMf4q9h6/JPOW
kPqBFTwhQBkT4i8y7xAuT+lEwkUcOJrRREgiimMxAcC2BI0GDnN5KAhPJJYPig05
RmJ9+f0EayeoubYo0OY5S/1b8A8gnoq65SPZYoi8eKYRFXr4u3P2XhiTmuUE2FBN
bta2LCBTYO9435Ct6Bo39tyUTpi/fXkMVn2zkmwP5iMTap4AdMI+LuKVlPgzXcMq
Uad/8leahFLRSR1/KvB0Ok2x8AZmIyA4qSUIarzKTzmJ
-----END CERTIFICATE-----
Generated at Tue Jan 30 20:09:06 2024 by rpki-client on console-ams.rpki-client.org