Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DG-tpgNw223KMVBsCjn2P2jG29s.roa
File: DG-tpgNw223KMVBsCjn2P2jG29s.roa (raw, json)
Hash identifier: YOoWjkfLDQ5C28T2bw/oRVcoW7NM7c38w6k7/uaQF5w=
Subject key identifier: 0C:6F:AD:A6:03:70:DB:6D:CA:31:50:6C:0A:39:F6:3F:68:C6:DB:DB
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018692CABE6075D34B7C64A7982711EC29CF
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DG-tpgNw223KMVBsCjn2P2jG29s.roa
Signing time: Mon 27 Feb 2023 12:13:25 +0000
ROA not before: Mon 27 Feb 2023 12:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 5.34.208.0/20 maxlen: 24
213.173.32.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:92:ca:be:60:75:d3:4b:7c:64:a7:98:27:11:ec:29:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 27 12:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c6fada60370db6dca31506c0a39f63f68c6dbdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:16:e3:c7:b8:bb:c0:51:48:42:bf:75:0d:37:
9e:77:77:4d:3f:93:e6:8f:a6:c4:1d:ff:e1:33:c7:
32:6a:8b:42:c8:97:ea:80:f8:67:da:15:8e:18:5f:
ce:83:b3:b9:c9:9f:3e:64:7f:1c:4a:9c:ca:d7:c6:
cb:3f:f8:6d:23:44:bb:12:80:bb:5b:d1:43:e2:63:
e9:57:4a:9a:95:18:79:aa:8a:49:66:d0:f2:17:4c:
21:1d:1c:44:aa:3c:ae:1f:ca:07:3b:74:a6:75:e0:
e0:54:72:f0:13:d7:ce:5c:37:b9:fb:b8:a0:4a:46:
eb:0c:f7:ed:09:d7:89:48:e7:d8:70:15:1e:0f:3b:
37:8a:dc:f3:47:6d:f4:9a:81:9e:1c:e2:10:4f:d0:
ca:cd:b7:1f:2d:64:97:7b:9c:63:d3:e8:b2:58:c7:
d0:ac:ed:b1:5d:f8:31:45:b6:09:00:31:88:27:39:
b4:ea:0c:d5:8b:fe:c3:97:9f:e9:f3:2e:6e:6c:77:
e9:ef:7a:7b:3f:5f:b5:23:b0:03:d3:6d:9f:95:d1:
dd:04:c1:ee:e8:d8:15:af:7b:0f:e6:53:11:05:43:
7b:06:d3:e4:31:c9:a0:3e:81:e8:76:b1:be:d5:11:
82:d1:21:5c:57:6d:90:eb:8c:7a:53:75:e3:05:21:
6f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:6F:AD:A6:03:70:DB:6D:CA:31:50:6C:0A:39:F6:3F:68:C6:DB:DB
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DG-tpgNw223KMVBsCjn2P2jG29s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
185.36.192.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
16:1e:7a:82:ec:c3:14:8a:80:57:74:b5:2e:15:94:8f:b2:cd:
14:7d:d1:d5:03:03:3b:51:8f:d4:38:5c:dd:da:f8:9b:b2:ab:
d2:2e:74:a6:50:47:e9:86:1d:02:18:56:02:66:f6:b4:b8:a1:
64:2c:c8:92:38:e2:91:29:3f:2a:95:04:d1:b2:36:7f:b3:26:
5a:77:1f:2a:17:fb:4f:00:20:21:28:18:6c:94:47:8d:3a:1a:
84:b6:73:9b:66:6c:13:60:dc:6a:9a:65:72:55:9a:2a:cd:49:
cb:40:4b:3f:7c:76:66:10:13:02:69:82:ab:76:e1:97:80:b4:
53:2b:d8:e0:72:84:3e:bd:5e:3c:ce:8e:b8:e3:cc:62:2d:e3:
5a:a0:00:a5:c4:02:ca:0c:e6:78:00:27:1c:38:c3:0f:33:bd:
a5:9d:66:3a:59:fe:f1:77:db:98:f0:f9:5c:69:c8:7c:95:ea:
27:52:6f:28:1e:45:cf:12:90:4a:be:b4:ce:45:c3:82:60:bf:
fb:6a:20:d3:ec:6f:04:fb:08:e6:de:29:5c:62:ec:1e:27:26:
7e:d3:c6:24:be:55:3d:d4:8c:dd:c5:78:20:21:58:ce:54:0e:
b2:de:6c:f0:cb:bc:84:ad:a6:58:1e:72:27:6d:cf:0f:8e:0e:
34:ea:bc:18
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYaSyr5gddNLfGSnmCcR7CnPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMjI3MTIxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzZmYWRhNjAzNzBkYjZkY2EzMTUwNmMwYTM5ZjYzZjY4YzZkYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhbjx7i7wFFIQr91DTeed3dNP5Pm
j6bEHf/hM8cyaotCyJfqgPhn2hWOGF/Og7O5yZ8+ZH8cSpzK18bLP/htI0S7EoC7
W9FD4mPpV0qalRh5qopJZtDyF0whHRxEqjyuH8oHO3SmdeDgVHLwE9fOXDe5+7ig
SkbrDPftCdeJSOfYcBUeDzs3itzzR230moGeHOIQT9DKzbcfLWSXe5xj0+iyWMfQ
rO2xXfgxRbYJADGIJzm06gzVi/7Dl5/p8y5ubHfp73p7P1+1I7AD022fldHdBMHu
6NgVr3sP5lMRBUN7BtPkMcmgPoHodrG+1RGC0SFcV22Q64x6U3XjBSFvRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAxvraYDcNttyjFQbAo59j9oxtvbMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvREctdHBnTncyMjNLTVZCc0NqbjJQMmpHMjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEBSLQAwQC
uSTAAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQAWHnqC7MMUioBXdLUuFZSPss0U
fdHVAwM7UY/UOFzd2vibsqvSLnSmUEfphh0CGFYCZva0uKFkLMiSOOKRKT8qlQTR
sjZ/syZadx8qF/tPACAhKBhslEeNOhqEtnObZmwTYNxqmmVyVZoqzUnLQEs/fHZm
EBMCaYKrduGXgLRTK9jgcoQ+vV48zo6448xiLeNaoAClxALKDOZ4ACccOMMPM72l
nWY6Wf7xd9uY8Plcach8leonUm8oHkXPEpBKvrTORcOCYL/7aiDT7G8E+wjm3ilc
YuweJyZ+08YkvlU91IzdxXggIVjOVA6y3mzwy7yEraZYHnInbc8Pjg406rwY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org