Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/RIcXDR3CuvFjctfTMO3coAogWe8.roa
File: RIcXDR3CuvFjctfTMO3coAogWe8.roa (raw, json)
Hash identifier: UvAbz5SSCzEWC9ZzJj04jLUmOlpe1in7IOmABcAp55g=
Subject key identifier: 44:87:17:0D:1D:C2:BA:F1:63:72:D7:D3:30:ED:DC:A0:0A:20:59:EF
Certificate issuer: /CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Certificate serial: 018631930C0CD052B4C3BCFD1A62756B16A8
Authority key identifier: 09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/RIcXDR3CuvFjctfTMO3coAogWe8.roa
Signing time: Wed 08 Feb 2023 15:09:25 +0000
ROA not before: Wed 08 Feb 2023 15:09:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205984
IP address blocks: 84.246.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:93:0c:0c:d0:52:b4:c3:bc:fd:1a:62:75:6b:16:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09dcf1e897e598ec3f1ab60bd443328726dedae4
Validity
Not Before: Feb 8 15:09:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4487170d1dc2baf16372d7d330eddca00a2059ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:44:f4:18:a6:02:7a:8e:f8:02:92:a4:f2:67:
1f:74:a5:da:6e:c9:73:be:c8:c8:a1:df:18:08:cf:
18:17:29:6a:61:4e:98:57:91:b5:6c:c9:41:89:a4:
b6:48:c4:1c:8d:ca:be:aa:a9:c4:5c:43:31:e2:c5:
88:b0:58:1f:ce:30:f4:05:49:9e:e9:c0:78:be:99:
4b:90:36:6b:3f:a5:14:2b:c2:25:1f:3f:e1:c3:b2:
bc:43:9b:ae:b0:52:fe:0b:7e:9b:f4:ef:22:0b:c6:
fc:0e:43:d3:83:63:e4:1a:ca:d6:62:41:c8:49:98:
95:b0:0a:7f:5c:20:7f:cd:8d:a8:15:f7:df:4f:b5:
0f:a1:f1:c1:2e:28:f2:73:8d:17:75:b1:b4:79:6a:
1c:80:39:b6:1f:30:51:9f:68:f7:d8:37:50:ae:c3:
0b:69:02:b1:ca:c7:15:03:77:18:6e:5e:16:04:45:
67:46:72:53:ec:da:fc:43:2a:b8:d7:2f:0f:7c:90:
c6:5a:00:c7:08:00:22:fc:00:32:e8:c2:4a:5c:ce:
ba:8a:0e:27:4c:39:a7:b9:60:3b:f7:80:12:80:77:
58:09:34:a8:69:2a:51:bc:02:27:c4:16:4e:d1:0a:
7e:1c:ec:63:9e:35:d5:d6:3d:4d:ab:ff:6b:9d:69:
a9:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:87:17:0D:1D:C2:BA:F1:63:72:D7:D3:30:ED:DC:A0:0A:20:59:EF
X509v3 Authority Key Identifier:
keyid:09:DC:F1:E8:97:E5:98:EC:3F:1A:B6:0B:D4:43:32:87:26:DE:DA:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cdzx6JflmOw_GrYL1EMyhybe2uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/RIcXDR3CuvFjctfTMO3coAogWe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9bc4cc-b646-4701-8975-623e199fdbe9/1/Cdzx6JflmOw_GrYL1EMyhybe2uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.243.0/24
Signature Algorithm: sha256WithRSAEncryption
06:3b:8d:0a:b7:8b:04:06:5f:73:0b:84:0c:da:7d:30:cf:1e:
1e:72:f9:25:9a:91:72:78:75:9e:fe:0b:30:32:4b:40:20:ee:
65:66:bb:7d:69:45:24:b2:56:9b:42:46:98:64:59:8d:7b:86:
5a:ca:eb:74:1d:76:20:ac:61:2c:5f:1d:1e:14:75:56:f6:5e:
32:f6:64:5a:08:7d:ac:22:18:54:15:84:ec:ed:b0:0c:b6:6b:
3d:61:ff:a6:7f:2d:87:cb:d1:be:86:14:4f:ac:74:8f:80:6b:
15:36:ff:be:70:2d:39:91:b1:0d:8e:ea:ab:04:09:13:62:b1:
88:ac:97:f2:90:09:9b:5f:87:dc:7c:00:72:e1:a5:36:6e:15:
1a:22:aa:1f:e8:76:47:6b:e5:1f:5b:30:81:96:42:92:6e:fa:
a8:c3:dc:b3:59:cd:0d:bc:cd:55:8d:58:7a:87:56:63:25:81:
4f:9d:ea:52:58:0b:8d:94:2f:ca:41:0e:15:02:93:cf:3e:ab:
8b:39:4d:5c:76:0e:41:2e:69:59:31:51:76:93:21:c0:25:6f:
e3:5b:d1:90:3c:8a:63:cc:ac:66:d0:13:05:4f:1d:76:36:95:
c4:23:42:c3:93:98:79:06:96:e3:19:4a:ba:85:ff:d4:08:e5:
1f:4d:00:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYxkwwM0FK0w7z9GmJ1axaoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZGNmMWU4OTdlNTk4ZWMzZjFhYjYwYmQ0NDMzMjg3MjZk
ZWRhZTQwHhcNMjMwMjA4MTUwOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDg3MTcwZDFkYzJiYWYxNjM3MmQ3ZDMzMGVkZGNhMDBhMjA1OWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0T0GKYCeo74ApKk8mcfdKXabslz
vsjIod8YCM8YFylqYU6YV5G1bMlBiaS2SMQcjcq+qqnEXEMx4sWIsFgfzjD0BUme
6cB4vplLkDZrP6UUK8IlHz/hw7K8Q5uusFL+C36b9O8iC8b8DkPTg2PkGsrWYkHI
SZiVsAp/XCB/zY2oFfffT7UPofHBLijyc40XdbG0eWocgDm2HzBRn2j32DdQrsML
aQKxyscVA3cYbl4WBEVnRnJT7Nr8Qyq41y8PfJDGWgDHCAAi/AAy6MJKXM66ig4n
TDmnuWA794ASgHdYCTSoaSpRvAInxBZO0Qp+HOxjnjXV1j1Nq/9rnWmp5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFESHFw0dwrrxY3LX0zDt3KAKIFnvMB8GA1UdIwQY
MBaAFAnc8eiX5ZjsPxq2C9RDMocm3trkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUt
NjIzZTE5OWZkYmU5LzEvUkljWERSM0N1dkZqY3RmVE1PM2NvQW9nV2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC85YmM0Y2MtYjY0Ni00NzAxLTg5NzUtNjIzZTE5OWZkYmU5
LzEvQ2R6eDZKZmxtT3dfR3JZTDFFTXloeWJlMnVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPbzMA0G
CSqGSIb3DQEBCwUAA4IBAQAGO40Kt4sEBl9zC4QM2n0wzx4ecvklmpFyeHWe/gsw
MktAIO5lZrt9aUUkslabQkaYZFmNe4Zayut0HXYgrGEsXx0eFHVW9l4y9mRaCH2s
IhhUFYTs7bAMtms9Yf+mfy2Hy9G+hhRPrHSPgGsVNv++cC05kbENjuqrBAkTYrGI
rJfykAmbX4fcfABy4aU2bhUaIqof6HZHa+UfWzCBlkKSbvqow9yzWc0NvM1VjVh6
h1ZjJYFPnepSWAuNlC/KQQ4VApPPPquLOU1cdg5BLmlZMVF2kyHAJW/jW9GQPIpj
zKxm0BMFTx12NpXEI0LDk5h5BpbjGUq6hf/UCOUfTQBK
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:16 2024 by rpki-client on console-fra.rpki-client.org