Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/dd19FfHjoywkvIrzHoyNvJ2-4sU.roa
File: dd19FfHjoywkvIrzHoyNvJ2-4sU.roa (raw, json)
Hash identifier: ITq0heXPRKVAmsOfGNIb6DhfemQOp6LGkUe30rQzpZE=
Subject key identifier: 75:DD:7D:15:F1:E3:A3:2C:24:BC:8A:F3:1E:8C:8D:BC:9D:BE:E2:C5
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53EA36FA21478EAF8EB9B2C80616CF
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/dd19FfHjoywkvIrzHoyNvJ2-4sU.roa
Signing time: Sun 01 Jan 2023 12:34:54 +0000
ROA not before: Sun 01 Jan 2023 12:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3561
IP address blocks: 62.216.64.0/21 maxlen: 21
146.66.220.0/22 maxlen: 22
188.74.136.0/22 maxlen: 22
178.157.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 17 Feb 2023 19:13:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:ea:36:fa:21:47:8e:af:8e:b9:b2:c8:06:16:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75dd7d15f1e3a32c24bc8af31e8c8dbc9dbee2c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:98:9b:83:c6:0d:ed:ea:4b:6f:48:65:a1:
58:3d:05:0d:5c:f8:74:74:a7:15:0a:4f:d4:10:00:
49:66:27:92:e5:54:61:43:bf:39:8d:5b:b8:ce:c6:
50:98:a9:ae:22:a9:f1:6d:56:c6:88:44:b0:6c:84:
2e:73:67:3a:e7:e3:25:25:b0:5c:dc:f3:ab:d1:f2:
de:44:cb:54:91:5b:52:70:a0:33:60:3b:1a:6a:3b:
3d:79:de:36:ec:fa:10:25:96:64:32:6b:c7:ad:de:
c5:29:ef:c2:0f:51:7e:ec:da:d3:25:67:02:de:ac:
fd:59:1e:85:41:3f:9f:62:d4:4f:56:50:86:02:7a:
60:9f:25:9a:1a:93:7b:a3:e0:6a:29:83:c8:ef:20:
d9:eb:f6:6c:aa:ed:5b:e8:26:43:85:b1:a8:2f:8d:
41:a9:b2:0d:f3:50:d9:0e:82:70:3d:4c:9b:c1:ba:
d9:13:4e:b8:c3:b1:dd:6f:43:06:da:b1:4b:d2:a3:
ae:97:fd:b0:2c:30:f6:b1:39:97:21:cf:8f:8b:cd:
14:47:62:a5:df:6e:5b:d2:73:c6:e9:3f:a7:6d:0a:
ec:c9:66:f9:00:17:4d:91:d1:8f:91:7b:73:2d:b4:
f0:a1:27:2f:a8:89:b8:fa:bd:66:03:7d:62:bf:4c:
9c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DD:7D:15:F1:E3:A3:2C:24:BC:8A:F3:1E:8C:8D:BC:9D:BE:E2:C5
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/dd19FfHjoywkvIrzHoyNvJ2-4sU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.216.64.0/21
146.66.220.0/22
178.157.64.0/22
188.74.136.0/22
Signature Algorithm: sha256WithRSAEncryption
22:23:48:4f:5d:20:92:aa:da:c4:5d:96:da:87:c4:15:1e:cb:
01:ed:fd:65:18:7a:27:9a:1a:fb:0f:77:19:42:b2:7e:16:a1:
ae:3e:ad:35:95:fc:65:2e:43:aa:51:a7:15:73:f5:ae:07:e0:
d2:bc:40:f0:66:64:29:2a:40:0e:03:dc:41:41:75:03:c1:27:
28:23:e1:bb:55:1b:f3:5e:76:af:12:a7:14:9b:d0:0a:87:12:
93:9a:d5:90:80:a3:fb:04:95:86:98:11:df:7d:f8:f3:d4:f4:
22:23:f0:37:9b:28:a0:54:5a:44:15:c7:16:b4:11:36:6b:50:
72:b6:89:a4:b2:1e:5f:b8:e0:55:34:d3:44:da:38:7d:6f:8d:
d2:a9:d5:be:e6:a0:cd:a8:04:cc:cc:c9:50:e6:9a:eb:0d:52:
aa:92:85:a6:32:37:20:03:b7:a9:af:e1:6c:7f:a4:a7:f6:2a:
f5:55:91:5b:0c:6e:51:c6:85:64:91:10:e0:92:4f:f7:3a:64:
a1:3b:e6:f6:87:67:0d:52:e8:07:af:21:f4:6d:f3:97:1f:14:
c6:ea:ec:4d:5f:cf:1a:0c:7e:c9:df:e4:f3:cf:3d:bc:ad:04:
5b:70:83:1c:ea:58:83:bc:cf:e6:de:53:6f:17:e3:bc:9d:ea:
cb:6e:e6:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtU+o2+iFHjq+OubLIBhbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRkN2QxNWYxZTNhMzJjMjRiYzhhZjMxZThjOGRiYzlkYmVlMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiKYm4PGDe3qS29IZaFYPQUNXPh0
dKcVCk/UEABJZieS5VRhQ785jVu4zsZQmKmuIqnxbVbGiESwbIQuc2c65+MlJbBc
3POr0fLeRMtUkVtScKAzYDsaajs9ed427PoQJZZkMmvHrd7FKe/CD1F+7NrTJWcC
3qz9WR6FQT+fYtRPVlCGAnpgnyWaGpN7o+BqKYPI7yDZ6/Zsqu1b6CZDhbGoL41B
qbIN81DZDoJwPUybwbrZE064w7Hdb0MG2rFL0qOul/2wLDD2sTmXIc+Pi80UR2Kl
325b0nPG6T+nbQrsyWb5ABdNkdGPkXtzLbTwoScvqIm4+r1mA31iv0ycCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHXdfRXx46MsJLyK8x6MjbydvuLFMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvZGQxOUZmSGpveXdrdklyekhveU52SjItNHNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDPthAAwQC
kkLcAwQCsp1AAwQCvEqIMA0GCSqGSIb3DQEBCwUAA4IBAQAiI0hPXSCSqtrEXZba
h8QVHssB7f1lGHonmhr7D3cZQrJ+FqGuPq01lfxlLkOqUacVc/WuB+DSvEDwZmQp
KkAOA9xBQXUDwScoI+G7VRvzXnavEqcUm9AKhxKTmtWQgKP7BJWGmBHfffjz1PQi
I/A3myigVFpEFccWtBE2a1Bytomksh5fuOBVNNNE2jh9b43SqdW+5qDNqATMzMlQ
5prrDVKqkoWmMjcgA7epr+Fsf6Sn9ir1VZFbDG5RxoVkkRDgkk/3OmShO+b2h2cN
UugHryH0bfOXHxTG6uxNX88aDH7J3+Tzzz28rQRbcIMc6liDvM/m3lNvF+O8nerL
buYV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:16 2024 by rpki-client on console-fra.rpki-client.org