Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/dD9_UvL6H9A49VEFM7t9kDfmhFI.roa
File: dD9_UvL6H9A49VEFM7t9kDfmhFI.roa (raw, json)
Hash identifier: 1Nb3FtqoKUyI7O8knlDMwYT7Cn7DvpfzzQkuqP7rGfU=
Subject key identifier: 74:3F:7F:52:F2:FA:1F:D0:38:F5:51:05:33:BB:7D:90:37:E6:84:52
Certificate issuer: /CN=68da206c83d505e254b3ef3c7650f9fb93453435
Certificate serial: 01888AC862586DD9A34C4F3E1AB4C416676A
Authority key identifier: 68:DA:20:6C:83:D5:05:E2:54:B3:EF:3C:76:50:F9:FB:93:45:34:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNogbIPVBeJUs-88dlD5-5NFNDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/dD9_UvL6H9A49VEFM7t9kDfmhFI.roa
Signing time: Mon 05 Jun 2023 08:59:28 +0000
ROA not before: Mon 05 Jun 2023 08:59:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60781
IP address blocks: 185.73.34.0/24 maxlen: 24
185.73.33.0/24 maxlen: 24
185.73.32.0/23 maxlen: 23
2a05:3f40::/30 maxlen: 30
2a05:3f44::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8a:c8:62:58:6d:d9:a3:4c:4f:3e:1a:b4:c4:16:67:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68da206c83d505e254b3ef3c7650f9fb93453435
Validity
Not Before: Jun 5 08:59:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=743f7f52f2fa1fd038f5510533bb7d9037e68452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3a:c1:56:34:94:2c:ca:03:b8:4f:e3:85:42:
ad:57:58:1c:8c:a0:a2:05:1b:17:c5:2b:0b:83:40:
ca:63:db:8f:d4:89:7b:8d:87:39:be:63:b0:ed:2a:
f9:26:34:48:c6:c4:61:f9:5f:a2:a4:6e:6f:82:36:
fd:2a:16:0d:ea:c5:ef:d7:cb:64:88:ad:67:44:97:
b6:81:da:b0:52:fb:09:ef:34:ac:f5:97:c5:47:90:
fa:9f:21:37:75:f5:32:ad:e7:36:d4:90:54:2d:6f:
44:77:f5:58:dd:9e:b9:4c:b4:a8:e4:a6:25:90:84:
87:1d:f8:fc:db:fd:95:e6:13:26:9f:9d:4c:4e:f9:
76:b7:24:30:11:3c:da:8f:9d:6b:e7:9d:69:db:55:
e2:fc:de:27:98:ab:1b:80:b8:1c:9f:3f:e5:06:57:
87:96:29:fb:4e:1c:27:2d:5e:c9:cd:c5:68:3f:63:
39:89:ec:67:fd:e7:29:01:6d:28:53:19:38:85:cf:
1a:6f:e1:9d:3a:0e:a4:d7:50:af:d7:d7:14:ec:4b:
90:e8:42:7d:93:7e:ce:62:4c:27:7b:f4:fb:d4:7e:
f3:25:dd:ec:7f:25:22:bc:3b:7a:fb:a7:dc:da:02:
19:63:e8:aa:f9:28:9f:8e:a2:c4:67:89:b7:82:3a:
ea:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:3F:7F:52:F2:FA:1F:D0:38:F5:51:05:33:BB:7D:90:37:E6:84:52
X509v3 Authority Key Identifier:
keyid:68:DA:20:6C:83:D5:05:E2:54:B3:EF:3C:76:50:F9:FB:93:45:34:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNogbIPVBeJUs-88dlD5-5NFNDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/dD9_UvL6H9A49VEFM7t9kDfmhFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/bb298b-3c39-49b2-abb1-11d636b56dab/1/aNogbIPVBeJUs-88dlD5-5NFNDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.32.0-185.73.34.255
IPv6:
2a05:3f40::/29
Signature Algorithm: sha256WithRSAEncryption
46:06:ae:ff:bf:15:76:ff:a8:b1:c7:24:a7:99:93:a5:22:0d:
a8:fe:0e:b3:4b:02:48:c2:c4:5f:f9:fb:c1:b4:53:14:9a:23:
15:16:04:b5:d1:1d:a1:57:fc:98:d9:6e:29:8c:54:74:ee:db:
7c:3a:68:5b:7c:0a:11:86:90:9f:81:d8:13:ba:66:31:ed:b1:
25:48:b8:65:5b:86:32:2c:9e:05:3e:0f:38:9a:82:dc:ca:07:
51:b6:37:3d:bd:f7:9e:7a:d8:e9:eb:d5:52:9f:c5:6c:fd:fe:
41:93:6d:b0:fa:63:19:61:22:27:09:6c:28:99:4b:5f:37:17:
6d:37:31:9a:85:9b:60:a1:9e:35:5d:29:bf:d7:28:b9:0b:dc:
fd:03:87:bb:31:2f:5a:79:8d:ca:f1:d6:d5:8f:f6:ba:82:08:
eb:97:1f:80:b9:e2:fc:d6:81:16:3f:6d:54:0b:aa:c8:77:77:
e1:78:34:e8:b1:11:33:97:88:61:31:b1:78:db:9b:65:b4:ff:
9c:48:14:29:47:a9:d7:76:69:22:e0:dd:ae:dc:bb:64:04:8f:
da:94:10:ca:29:e7:2e:53:2f:40:23:4a:58:31:87:68:ae:1e:
9a:2d:24:3e:4a:07:d1:3b:1f:c1:de:0b:9a:68:ab:cc:05:e6:
94:cd:a1:9b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYiKyGJYbdmjTE8+GrTEFmdqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZGEyMDZjODNkNTA1ZTI1NGIzZWYzYzc2NTBmOWZiOTM0
NTM0MzUwHhcNMjMwNjA1MDg1OTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDNmN2Y1MmYyZmExZmQwMzhmNTUxMDUzM2JiN2Q5MDM3ZTY4NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjrBVjSULMoDuE/jhUKtV1gcjKCi
BRsXxSsLg0DKY9uP1Il7jYc5vmOw7Sr5JjRIxsRh+V+ipG5vgjb9KhYN6sXv18tk
iK1nRJe2gdqwUvsJ7zSs9ZfFR5D6nyE3dfUyrec21JBULW9Ed/VY3Z65TLSo5KYl
kISHHfj82/2V5hMmn51MTvl2tyQwETzaj51r551p21Xi/N4nmKsbgLgcnz/lBleH
lin7ThwnLV7JzcVoP2M5iexn/ecpAW0oUxk4hc8ab+GdOg6k11Cv19cU7EuQ6EJ9
k37OYkwne/T71H7zJd3sfyUivDt6+6fc2gIZY+iq+SifjqLEZ4m3gjrq5wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHQ/f1Ly+h/QOPVRBTO7fZA35oRSMB8GA1UdIwQY
MBaAFGjaIGyD1QXiVLPvPHZQ+fuTRTQ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5vZ2JJUFZCZUpVcy04OGRsRDUtNU5GTkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9iYjI5OGItM2MzOS00OWIyLWFiYjEt
MTFkNjM2YjU2ZGFiLzEvZEQ5X1V2TDZIOUE0OVZFRk03dDlrRGZtaEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9iYjI5OGItM2MzOS00OWIyLWFiYjEtMTFkNjM2YjU2ZGFi
LzEvYU5vZ2JJUFZCZUpVcy04OGRsRDUtNU5GTkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAW5SSAD
BAC5SSIwDQQCAAIwBwMFAyoFP0AwDQYJKoZIhvcNAQELBQADggEBAEYGrv+/FXb/
qLHHJKeZk6UiDaj+DrNLAkjCxF/5+8G0UxSaIxUWBLXRHaFX/JjZbimMVHTu23w6
aFt8ChGGkJ+B2BO6ZjHtsSVIuGVbhjIsngU+DziagtzKB1G2Nz2995562Onr1VKf
xWz9/kGTbbD6YxlhIicJbCiZS183F203MZqFm2ChnjVdKb/XKLkL3P0Dh7sxL1p5
jcrx1tWP9rqCCOuXH4C54vzWgRY/bVQLqsh3d+F4NOixETOXiGExsXjbm2W0/5xI
FClHqdd2aSLg3a7cu2QEj9qUEMop5y5TL0AjSlgxh2iuHpotJD5KB9E7H8HeC5po
q8wF5pTNoZs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:44 2024 by rpki-client on console-fra.rpki-client.org