Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/DGbcMu3W3NlBfc-SAOFwRxqxnj0.roa
File: DGbcMu3W3NlBfc-SAOFwRxqxnj0.roa (raw, json)
Hash identifier: lD1dsSbS1zth/j/rEEJmFtg8dXlYh9W+uZ5xXoRHFZs=
Subject key identifier: 0C:66:DC:32:ED:D6:DC:D9:41:7D:CF:92:00:E1:70:47:1A:B1:9E:3D
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 018E2EED917F9F19CE19B786C94E50065185
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/DGbcMu3W3NlBfc-SAOFwRxqxnj0.roa
Signing time: Mon 11 Mar 2024 19:11:44 +0000
ROA not before: Mon 11 Mar 2024 19:11:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.243.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 10:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:ed:91:7f:9f:19:ce:19:b7:86:c9:4e:50:06:51:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Mar 11 19:11:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0c66dc32edd6dcd9417dcf9200e170471ab19e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3c:dd:28:9b:28:b4:4b:97:ce:3a:96:8b:e9:
cd:a2:c9:6c:bd:38:8b:f2:8e:6d:58:c3:e4:61:14:
bf:4a:25:b8:3d:a2:e1:6a:91:b4:f0:57:ea:9e:a2:
95:7b:53:10:ab:e9:8d:60:b2:b6:c6:b3:bd:01:91:
c4:71:44:58:92:e1:dc:6f:3c:91:a1:c0:d2:64:77:
7c:cd:a2:6a:0b:de:88:0b:5e:57:60:95:21:e1:26:
05:83:18:79:bb:d9:c9:0f:35:9c:64:47:59:75:fe:
6f:79:5d:05:db:96:21:1e:71:1f:2e:d6:1d:87:9c:
84:44:cc:c2:d2:38:77:37:6b:a1:b1:e4:5b:1e:24:
db:ae:da:28:d2:77:b8:bd:5a:19:7c:ac:78:a5:37:
7c:79:1e:f2:90:d3:0a:78:33:00:5e:e0:b0:cc:4f:
37:d5:ff:5b:92:97:6c:f3:ef:77:c5:58:f3:fc:4d:
d8:8f:c5:1b:f8:96:b1:32:c4:f1:84:47:8a:fd:e2:
ee:29:67:4a:bc:35:16:29:ce:90:57:8e:96:69:de:
72:2a:72:f8:79:6d:d8:ad:6e:9f:fc:13:98:26:77:
63:25:41:cf:65:dd:0d:b1:4c:c0:b5:2f:fd:2d:62:
66:70:11:e0:6d:58:f0:0d:85:b7:d7:52:26:e6:45:
44:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:66:DC:32:ED:D6:DC:D9:41:7D:CF:92:00:E1:70:47:1A:B1:9E:3D
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/DGbcMu3W3NlBfc-SAOFwRxqxnj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:b2:3a:14:dd:a1:ec:85:1d:9f:e6:02:03:58:67:d0:05:a8:
83:ae:ab:e3:0b:19:d8:3f:ca:b3:b2:88:a4:d0:fa:b7:8a:52:
46:e7:1d:b1:c1:a5:ad:91:63:b9:99:5f:47:49:02:5a:ce:28:
c2:be:b7:36:c9:94:83:01:cf:50:b4:5c:56:b6:d1:80:84:b2:
54:76:87:23:9d:23:66:cd:a2:a0:3f:2e:73:a3:a0:88:80:a7:
40:be:31:4b:7a:45:16:d9:d2:ff:12:3f:ed:90:ec:68:5d:96:
fd:77:1e:3c:30:c9:fa:50:32:f5:ff:28:05:1b:c2:7e:f6:e3:
6c:1a:89:d3:ce:04:74:5d:15:7d:4a:d7:d1:49:52:6a:d6:ae:
f9:37:af:79:2d:c5:36:0b:79:eb:46:bf:ae:95:97:4e:38:e9:
be:bf:22:ca:97:53:1d:9a:ce:69:68:08:65:a7:b4:2e:05:80:
93:ad:55:55:b1:15:4c:ab:23:dd:c1:bb:2c:17:37:e8:f5:c2:
d2:0d:78:0a:15:fb:8b:2c:f9:7e:45:c3:18:47:90:9e:c9:7c:
21:13:61:1c:29:38:78:1b:0b:04:aa:21:32:3c:70:0f:52:2d:
92:c5:2c:de:81:d8:a1:76:9d:d4:07:e6:3b:d5:36:c2:39:47:
84:32:4c:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4u7ZF/nxnOGbeGyU5QBlGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjQwMzExMTkxMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY2ZGMzMmVkZDZkY2Q5NDE3ZGNmOTIwMGUxNzA0NzFhYjE5ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjzdKJsotEuXzjqWi+nNoslsvTiL
8o5tWMPkYRS/SiW4PaLhapG08FfqnqKVe1MQq+mNYLK2xrO9AZHEcURYkuHcbzyR
ocDSZHd8zaJqC96IC15XYJUh4SYFgxh5u9nJDzWcZEdZdf5veV0F25YhHnEfLtYd
h5yERMzC0jh3N2uhseRbHiTbrtoo0ne4vVoZfKx4pTd8eR7ykNMKeDMAXuCwzE83
1f9bkpds8+93xVjz/E3Yj8Ub+JaxMsTxhEeK/eLuKWdKvDUWKc6QV46Wad5yKnL4
eW3YrW6f/BOYJndjJUHPZd0NsUzAtS/9LWJmcBHgbVjwDYW311Im5kVEcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxm3DLt1tzZQX3PkgDhcEcasZ49MB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvREdiY011M1czTmxCZmMtU0FPRndSeHF4bmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufOZMA0G
CSqGSIb3DQEBCwUAA4IBAQAMsjoU3aHshR2f5gIDWGfQBaiDrqvjCxnYP8qzsoik
0Pq3ilJG5x2xwaWtkWO5mV9HSQJazijCvrc2yZSDAc9QtFxWttGAhLJUdocjnSNm
zaKgPy5zo6CIgKdAvjFLekUW2dL/Ej/tkOxoXZb9dx48MMn6UDL1/ygFG8J+9uNs
GonTzgR0XRV9StfRSVJq1q75N695LcU2C3nrRr+ulZdOOOm+vyLKl1Mdms5paAhl
p7QuBYCTrVVVsRVMqyPdwbssFzfo9cLSDXgKFfuLLPl+RcMYR5CeyXwhE2EcKTh4
GwsEqiEyPHAPUi2SxSzegdihdp3UB+Y71TbCOUeEMky1
-----END CERTIFICATE-----
Generated at Wed Mar 13 13:51:13 2024 by rpki-client on console-fra.rpki-client.org