Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/DSIs3d2evObCoIkdwUwsVq3vCkA.roa
File: DSIs3d2evObCoIkdwUwsVq3vCkA.roa (raw, json)
Hash identifier: 3WYIshhLq/fKIIs6WI3d7UUxKzHxyS9lUgwvF6lyLcw=
Subject key identifier: 0D:22:2C:DD:DD:9E:BC:E6:C2:A0:89:1D:C1:4C:2C:56:AD:EF:0A:40
Certificate issuer: /CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab
Certificate serial: 01894962B1B7B9B42B34F1B7CB9DF6BC6287
Authority key identifier: B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/DSIs3d2evObCoIkdwUwsVq3vCkA.roa
Signing time: Wed 12 Jul 2023 09:15:52 +0000
ROA not before: Wed 12 Jul 2023 09:15:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 195.38.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:62:b1:b7:b9:b4:2b:34:f1:b7:cb:9d:f6:bc:62:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0701346bad55df7f5dc818bbbbcfbb7db1070ab
Validity
Not Before: Jul 12 09:15:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d222cdddd9ebce6c2a0891dc14c2c56adef0a40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b5:47:01:8a:17:72:eb:29:49:25:da:7b:fb:
f2:74:55:27:76:12:a7:09:d4:89:0b:21:9f:15:19:
26:af:15:3a:45:ec:93:94:54:35:22:40:5a:58:8e:
39:7c:71:42:87:6b:ef:0d:9c:61:92:8f:e6:b2:99:
1c:c9:a8:8c:77:04:30:3c:e6:86:73:7e:7e:42:27:
2a:9f:7b:21:24:e3:b3:1e:ad:2a:98:9d:ec:5c:f1:
26:7e:33:c1:b1:47:a7:38:9f:34:f4:16:ff:06:b4:
67:0e:5b:a2:f5:94:8f:86:7b:b5:17:86:45:a4:3f:
50:c7:67:60:e4:a2:1c:6c:89:5f:2c:c4:55:a1:ed:
4a:8d:55:11:81:e9:3d:fb:e6:aa:58:88:57:e8:e1:
1f:61:e5:84:41:45:7a:cc:8e:e5:98:36:ea:e6:1c:
46:e0:1b:b5:12:87:d1:28:f0:0f:96:68:6e:56:d3:
a6:c8:ed:41:31:15:53:00:c0:45:e3:74:22:f1:6f:
9c:b3:10:b9:17:5e:47:a0:84:b0:7e:cd:c5:af:7b:
4b:21:e0:7f:23:36:00:0c:d9:23:74:5d:ca:a7:fa:
20:61:a3:e0:06:a0:ad:04:7b:d0:4d:66:41:18:fa:
b9:3f:ea:e1:ae:3e:ba:a7:0b:ab:b5:ea:1c:57:b7:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:22:2C:DD:DD:9E:BC:E6:C2:A0:89:1D:C1:4C:2C:56:AD:EF:0A:40
X509v3 Authority Key Identifier:
keyid:B0:70:13:46:BA:D5:5D:F7:F5:DC:81:8B:BB:BC:FB:B7:DB:10:70:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHATRrrVXff13IGLu7z7t9sQcKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/DSIs3d2evObCoIkdwUwsVq3vCkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/2f5f22-7439-4208-8b39-7d11fcf17123/1/sHATRrrVXff13IGLu7z7t9sQcKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.38.19.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:05:df:55:20:4e:b4:ac:89:ea:c3:c3:6c:65:3f:75:16:01:
6e:a2:35:75:3e:52:83:50:a2:7b:14:51:ec:77:b9:38:aa:0c:
82:16:ec:71:2d:a9:9a:5c:fa:f9:dd:02:85:f9:4f:95:d1:74:
3f:84:7f:30:d4:87:ab:7f:3f:12:1e:54:2c:f5:75:4a:47:8e:
37:00:9a:3e:60:91:26:9c:63:f9:9d:a9:52:ab:10:c4:e3:61:
a4:8d:20:da:79:98:92:06:89:3d:c5:6b:8f:47:df:5c:22:b4:
17:bc:32:c1:4b:4b:83:25:33:a7:a5:5b:27:9a:9d:51:fb:c7:
bd:50:a5:92:5a:4c:f8:8e:4e:a3:96:cc:96:4c:14:dd:9b:50:
68:18:e6:67:f3:c4:55:9b:93:f8:16:ab:98:a8:d8:b6:ba:13:
1c:7c:fb:bd:45:03:9a:8e:c8:c5:47:0f:8b:e7:05:c5:da:aa:
b4:3b:42:10:b4:e2:4a:ae:e4:d3:60:09:c9:d7:74:c0:c0:9e:
23:47:86:97:e6:f6:64:3d:41:23:e0:fa:9d:06:99:54:39:c4:
46:fa:a4:3e:d7:6f:47:d4:3b:bd:93:6e:65:fd:f8:33:71:ae:
60:34:7c:28:9f:1a:3b:74:8e:36:ee:19:b4:12:80:80:7d:e1:
51:cc:4c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlJYrG3ubQrNPG3y532vGKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNzAxMzQ2YmFkNTVkZjdmNWRjODE4YmJiYmNmYmI3ZGIx
MDcwYWIwHhcNMjMwNzEyMDkxNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIyMmNkZGRkOWViY2U2YzJhMDg5MWRjMTRjMmM1NmFkZWYwYTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibVHAYoXcuspSSXae/vydFUndhKn
CdSJCyGfFRkmrxU6ReyTlFQ1IkBaWI45fHFCh2vvDZxhko/mspkcyaiMdwQwPOaG
c35+Qicqn3shJOOzHq0qmJ3sXPEmfjPBsUenOJ809Bb/BrRnDlui9ZSPhnu1F4ZF
pD9Qx2dg5KIcbIlfLMRVoe1KjVURgek9++aqWIhX6OEfYeWEQUV6zI7lmDbq5hxG
4Bu1EofRKPAPlmhuVtOmyO1BMRVTAMBF43Qi8W+csxC5F15HoISwfs3Fr3tLIeB/
IzYADNkjdF3Kp/ogYaPgBqCtBHvQTWZBGPq5P+rhrj66pwurteocV7foFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0iLN3dnrzmwqCJHcFMLFat7wpAMB8GA1UdIwQY
MBaAFLBwE0a61V339dyBi7u8+7fbEHCrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzkt
N2QxMWZjZjE3MTIzLzEvRFNJczNkMmV2T2JDb0lrZHdVd3NWcTN2Q2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8yZjVmMjItNzQzOS00MjA4LThiMzktN2QxMWZjZjE3MTIz
LzEvc0hBVFJyclZYZmYxM0lHTHU3ejd0OXNRY0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyYTMA0G
CSqGSIb3DQEBCwUAA4IBAQBuBd9VIE60rInqw8NsZT91FgFuojV1PlKDUKJ7FFHs
d7k4qgyCFuxxLamaXPr53QKF+U+V0XQ/hH8w1Ierfz8SHlQs9XVKR443AJo+YJEm
nGP5nalSqxDE42GkjSDaeZiSBok9xWuPR99cIrQXvDLBS0uDJTOnpVsnmp1R+8e9
UKWSWkz4jk6jlsyWTBTdm1BoGOZn88RVm5P4FquYqNi2uhMcfPu9RQOajsjFRw+L
5wXF2qq0O0IQtOJKruTTYAnJ13TAwJ4jR4aX5vZkPUEj4PqdBplUOcRG+qQ+129H
1Du9k25l/fgzca5gNHwonxo7dI427hm0EoCAfeFRzExr
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:59 2024 by rpki-client on console-ams.rpki-client.org