Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Dhph-Ov7MyXaPJ9neWico2c74xk.roa
File: Dhph-Ov7MyXaPJ9neWico2c74xk.roa (raw, json)
Hash identifier: vpbVYtWzmGACHDT9e9GP4c3wLN/KcC0HK3upXTSShTI=
Subject key identifier: 0E:1A:61:F8:EB:FB:33:25:DA:3C:9F:67:79:68:9C:A3:67:3B:E3:19
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018602D830DBC0A4B2EB89BA9D5A6A3156B9
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Dhph-Ov7MyXaPJ9neWico2c74xk.roa
Signing time: Mon 30 Jan 2023 13:22:48 +0000
ROA not before: Mon 30 Jan 2023 13:22:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200::/36 maxlen: 36
2a11:202::/32 maxlen: 32
2a11:201::/32 maxlen: 32
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 15 Mar 2023 12:09:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:02:d8:30:db:c0:a4:b2:eb:89:ba:9d:5a:6a:31:56:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jan 30 13:22:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e1a61f8ebfb3325da3c9f6779689ca3673be319
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f6:96:93:35:77:04:5a:10:04:e7:10:ba:83:
78:63:c0:6b:28:59:5e:d9:50:0d:c3:de:95:86:02:
7a:db:b3:3b:5a:1e:8c:fd:26:d9:ca:64:08:c5:f1:
93:fa:d4:0f:92:e8:84:11:a2:7b:f4:63:96:7b:77:
f9:64:40:15:69:6e:38:4b:e4:64:9b:aa:8e:04:1d:
5d:62:a1:0e:b1:b6:5f:1e:68:1a:60:da:d5:8d:28:
d9:db:ad:39:90:3b:b6:91:4f:60:1c:ff:ea:57:9b:
0d:07:c5:91:95:2f:73:60:46:ff:59:94:b1:c5:78:
d8:af:4f:76:82:35:95:7b:8a:b1:7a:49:60:72:27:
e8:0e:3e:28:7d:55:40:85:e1:25:67:79:ed:3a:71:
15:d8:d5:97:1f:95:31:c9:01:3d:7a:a5:86:90:c9:
fe:fd:90:8d:3b:69:22:71:34:8b:bc:7b:4b:17:7c:
21:84:6f:32:46:03:33:80:e9:3f:9c:c9:69:98:e0:
e0:76:c7:f9:b8:78:56:a4:cf:f0:75:48:de:98:7d:
1c:1f:de:16:e2:cb:85:98:9e:d0:d3:ae:48:31:b0:
14:e6:a7:bf:02:fd:7d:ff:80:4f:b7:cc:df:7a:8c:
5c:d0:cb:5e:fb:df:b9:6f:89:41:08:c5:2b:6b:23:
f7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:1A:61:F8:EB:FB:33:25:DA:3C:9F:67:79:68:9C:A3:67:3B:E3:19
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/Dhph-Ov7MyXaPJ9neWico2c74xk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a10:c0c0::/29
2a11:200::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a8:6a:8e:c7:67:98:b4:be:63:cb:20:bc:7d:6b:79:c6:5d:da:
f0:34:b8:08:19:25:5e:aa:1e:32:1c:09:84:0d:fd:54:25:ad:
76:c9:16:b1:d3:fe:a8:df:f3:64:03:74:c4:a8:3a:21:d1:c0:
66:e9:14:02:af:8c:93:b5:23:dc:15:f6:23:da:2e:65:a2:b4:
9b:ef:9d:d0:5d:6f:0a:25:67:06:5a:18:63:0f:62:a4:be:d0:
ac:3b:ad:3f:2e:93:97:a1:e5:70:ae:a5:72:8d:8b:e3:1e:6e:
74:2e:e5:f6:d8:45:95:11:7c:e7:49:e1:b6:b4:ef:12:79:ab:
6e:43:d4:d4:0b:67:13:39:e8:d4:7a:ad:24:ec:8d:45:f6:26:
24:ce:0e:a8:20:92:da:bb:96:48:92:18:f4:ab:c9:68:98:01:
61:77:41:2f:b8:8a:5c:01:61:2b:0f:c2:83:b8:32:dc:72:a3:
ab:91:aa:b5:07:cf:8a:64:77:a2:73:9c:38:6e:f8:c6:0d:fd:
9f:49:c2:17:0e:38:a6:38:7a:e3:db:74:e8:1f:a7:8e:e5:de:
9a:4a:48:8f:c8:63:3f:e3:24:b3:45:37:a3:1f:45:91:6d:0f:
e2:ea:88:3e:f4:2b:19:21:f5:b3:74:33:b3:3e:80:40:a6:59:
ef:33:fd:5d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYYC2DDbwKSy64m6nVpqMVa5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwMTMwMTMyMjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTFhNjFmOGViZmIzMzI1ZGEzYzlmNjc3OTY4OWNhMzY3M2JlMzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/aWkzV3BFoQBOcQuoN4Y8BrKFle
2VANw96VhgJ627M7Wh6M/SbZymQIxfGT+tQPkuiEEaJ79GOWe3f5ZEAVaW44S+Rk
m6qOBB1dYqEOsbZfHmgaYNrVjSjZ2605kDu2kU9gHP/qV5sNB8WRlS9zYEb/WZSx
xXjYr092gjWVe4qxeklgcifoDj4ofVVAheElZ3ntOnEV2NWXH5UxyQE9eqWGkMn+
/ZCNO2kicTSLvHtLF3whhG8yRgMzgOk/nMlpmODgdsf5uHhWpM/wdUjemH0cH94W
4suFmJ7Q065IMbAU5qe/Av19/4BPt8zfeoxc0Mte+9+5b4lBCMUrayP3kwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFA4aYfjr+zMl2jyfZ3lonKNnO+MZMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvRGhwaC1PdjdNeVhhUEo5bmVXaWNvMmM3NHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAYBAIAATASAwQCU6vwAwQA
VDYkAwQAwnFpMCUEAgACMB8DBQMqEMDAAwYEKhECAAAwDgMFACoRAgEDBQAqEQIC
MA0GCSqGSIb3DQEBCwUAA4IBAQCoao7HZ5i0vmPLILx9a3nGXdrwNLgIGSVeqh4y
HAmEDf1UJa12yRax0/6o3/NkA3TEqDoh0cBm6RQCr4yTtSPcFfYj2i5lorSb753Q
XW8KJWcGWhhjD2KkvtCsO60/LpOXoeVwrqVyjYvjHm50LuX22EWVEXznSeG2tO8S
eatuQ9TUC2cTOejUeq0k7I1F9iYkzg6oIJLau5ZIkhj0q8lomAFhd0EvuIpcAWEr
D8KDuDLccqOrkaq1B8+KZHeic5w4bvjGDf2fScIXDjimOHrj23ToH6eO5d6aSkiP
yGM/4ySzRTejH0WRbQ/i6og+9CsZIfWzdDOzPoBAplnvM/1d
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org