Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/dtu50_VUQBtkczbgGyvj7VCRFNI.roa
File: dtu50_VUQBtkczbgGyvj7VCRFNI.roa (raw, json)
Hash identifier: 6kpd6ITUoEhf/yyUutTrDURcB1chvQ2QuGc5ypnuqpE=
Subject key identifier: 76:DB:B9:D3:F5:54:40:1B:64:73:36:E0:1B:2B:E3:ED:50:91:14:D2
Certificate issuer: /CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Certificate serial: 018DFB2871FB3349BBE910821D3CA936D934
Authority key identifier: 36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/dtu50_VUQBtkczbgGyvj7VCRFNI.roa
Signing time: Fri 01 Mar 2024 17:55:48 +0000
ROA not before: Fri 01 Mar 2024 17:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206924
IP address blocks: 91.198.241.0/24 maxlen: 24
185.230.223.0/24 maxlen: 24
2a0c:2f05:3512::/48 maxlen: 48
2a0c:2f07:d::/48 maxlen: 48
2a0c:2f07:f::/48 maxlen: 48
2a0c:2f07:29::/48 maxlen: 48
2a0c:2f07:384::/48 maxlen: 48
2a0c:2f07:666::/48 maxlen: 48
2a0c:2f07:ac1::/48 maxlen: 48
2a0c:2f07:4663::/48 maxlen: 48
2a0c:2f07:4896::/48 maxlen: 48
2a0c:2f07:9459::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 05 May 2024 11:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fb:28:71:fb:33:49:bb:e9:10:82:1d:3c:a9:36:d9:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3691d2950145dceac00c0ca4eb536d92867b38d3
Validity
Not Before: Mar 1 17:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=76dbb9d3f554401b647336e01b2be3ed509114d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e5:e0:1b:bd:97:c4:77:1a:6d:1f:25:55:cf:
53:d5:7f:69:c5:3d:3a:31:55:d4:74:d6:56:1f:ca:
20:78:2d:95:40:2d:a3:eb:f6:bf:44:c8:36:f0:68:
af:84:0a:90:5f:80:e6:2f:a8:66:71:9d:c4:4d:ce:
ca:aa:2b:14:c3:42:f2:24:cd:e8:39:ea:e9:12:ce:
41:48:e7:58:13:5d:3a:26:a9:c5:e5:be:7e:03:a1:
fc:6d:48:76:ab:d9:c6:c5:64:99:14:0d:87:25:63:
3c:f8:f7:d6:32:ed:5d:44:d4:b8:f5:9a:d9:0b:c5:
3c:b3:44:86:71:42:94:7c:e1:b0:04:f6:40:74:fa:
ae:73:fd:df:7e:6d:44:3f:6e:9f:33:21:42:f6:45:
46:2b:5b:1f:e9:9a:de:28:ff:80:97:dd:fd:dc:da:
1b:3e:76:b6:55:eb:47:36:8a:dc:09:ed:96:bc:12:
f5:18:ce:e1:c8:1a:03:f4:48:9a:e6:74:e9:49:77:
59:45:c8:0a:72:9e:cf:a9:f2:81:a4:49:67:75:9a:
97:59:ca:ac:46:1b:02:95:ab:b9:3b:8b:83:5a:c6:
98:da:40:7f:db:be:3b:ba:0a:35:9f:70:08:6e:f0:
ce:03:0a:a2:cc:ff:48:07:49:3f:dd:93:3c:ba:fb:
58:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DB:B9:D3:F5:54:40:1B:64:73:36:E0:1B:2B:E3:ED:50:91:14:D2
X509v3 Authority Key Identifier:
keyid:36:91:D2:95:01:45:DC:EA:C0:0C:0C:A4:EB:53:6D:92:86:7B:38:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpHSlQFF3OrADAyk61NtkoZ7ONM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/dtu50_VUQBtkczbgGyvj7VCRFNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2a942a-f1bf-43e2-b92a-1dec40584806/1/NpHSlQFF3OrADAyk61NtkoZ7ONM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.241.0/24
185.230.223.0/24
IPv6:
2a0c:2f05:3512::/48
2a0c:2f07:d::/48
2a0c:2f07:f::/48
2a0c:2f07:29::/48
2a0c:2f07:384::/48
2a0c:2f07:666::/48
2a0c:2f07:ac1::/48
2a0c:2f07:4663::/48
2a0c:2f07:4896::/48
2a0c:2f07:9459::/48
Signature Algorithm: sha256WithRSAEncryption
5c:1a:af:6c:16:e9:b9:54:a9:c1:d3:65:b3:d2:c7:b4:21:8f:
6c:7d:f6:82:27:d2:07:6a:75:3b:10:c6:6b:e8:52:ac:90:f3:
93:d0:7c:b7:9a:4e:63:ef:42:13:56:95:62:a0:99:6f:ef:74:
ee:15:54:c8:8e:57:26:1b:e0:15:cd:f9:37:49:5f:e8:32:4f:
b4:e9:4e:b7:42:16:f7:f4:75:b2:b5:8f:a4:aa:4c:a5:e5:01:
73:1c:c8:fd:05:94:06:d8:8f:b0:e7:84:d5:e9:5f:b1:ad:98:
14:26:5c:7d:6c:31:b6:58:b8:ef:c6:36:79:15:53:74:b6:85:
cb:7d:5f:e2:ee:9e:2b:55:b3:7e:2c:70:b4:b3:40:e9:de:91:
11:11:7b:48:cc:c4:6c:e7:61:78:b8:33:ec:47:8e:10:2c:16:
cc:cd:91:20:a0:06:82:9c:f4:af:75:3f:2d:7c:b7:d7:44:a8:
ee:7b:7b:fd:25:97:04:b5:3d:f0:64:de:91:e8:37:c7:4e:44:
58:ab:ea:c2:98:f1:fd:19:23:a6:e1:0f:0f:8b:d4:53:41:4b:
f1:ca:b0:d1:3a:72:f2:ac:ed:fb:61:3e:e9:d7:75:85:9c:80:
3c:fa:ae:ee:ed:52:d0:43:ec:30:be:e3:bd:52:63:96:ff:25:
c3:fb:2c:ae
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAY37KHH7M0m76RCCHTypNtk0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTFkMjk1MDE0NWRjZWFjMDBjMGNhNGViNTM2ZDkyODY3
YjM4ZDMwHhcNMjQwMzAxMTc1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRiYjlkM2Y1NTQ0MDFiNjQ3MzM2ZTAxYjJiZTNlZDUwOTExNGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+XgG72XxHcabR8lVc9T1X9pxT06
MVXUdNZWH8ogeC2VQC2j6/a/RMg28GivhAqQX4DmL6hmcZ3ETc7KqisUw0LyJM3o
OerpEs5BSOdYE106JqnF5b5+A6H8bUh2q9nGxWSZFA2HJWM8+PfWMu1dRNS49ZrZ
C8U8s0SGcUKUfOGwBPZAdPquc/3ffm1EP26fMyFC9kVGK1sf6ZreKP+Al9393Nob
Pna2VetHNorcCe2WvBL1GM7hyBoD9Eia5nTpSXdZRcgKcp7PqfKBpElndZqXWcqs
RhsClau5O4uDWsaY2kB/2747ugo1n3AIbvDOAwqizP9IB0k/3ZM8uvtYlQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFHbbudP1VEAbZHM24Bsr4+1QkRTSMB8GA1UdIwQY
MBaAFDaR0pUBRdzqwAwMpOtTbZKGezjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEt
MWRlYzQwNTg0ODA2LzEvZHR1NTBfVlVRQnRrY3piZ0d5dmo3VkNSRk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yYTk0MmEtZjFiZi00M2UyLWI5MmEtMWRlYzQwNTg0ODA2
LzEvTnBIU2xRRkYzT3JBREF5azYxTnRrb1o3T05NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwEgQCAAEwDAMEAFvG8QME
ALnm3zBgBAIAAjBaAwcAKgwvBTUSAwcAKgwvBwANAwcAKgwvBwAPAwcAKgwvBwAp
AwcAKgwvBwOEAwcAKgwvBwZmAwcAKgwvBwrBAwcAKgwvB0ZjAwcAKgwvB0iWAwcA
KgwvB5RZMA0GCSqGSIb3DQEBCwUAA4IBAQBcGq9sFum5VKnB02Wz0se0IY9sffaC
J9IHanU7EMZr6FKskPOT0Hy3mk5j70ITVpVioJlv73TuFVTIjlcmG+AVzfk3SV/o
Mk+06U63Qhb39HWytY+kqkyl5QFzHMj9BZQG2I+w54TV6V+xrZgUJlx9bDG2WLjv
xjZ5FVN0toXLfV/i7p4rVbN+LHC0s0Dp3pEREXtIzMRs52F4uDPsR44QLBbMzZEg
oAaCnPSvdT8tfLfXRKjue3v9JZcEtT3wZN6R6DfHTkRYq+rCmPH9GSOm4Q8Pi9RT
QUvxyrDROnLyrO37YT7p13WFnIA8+q7u7VLQQ+wwvuO9UmOW/yXD+yyu
-----END CERTIFICATE-----
Generated at Sun May 5 14:36:14 2024 by rpki-client on console-fra.rpki-client.org