Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1DU3152jOqL2IsfE5V7ckVHdTno.roa
File: 1DU3152jOqL2IsfE5V7ckVHdTno.roa (raw, json)
Hash identifier: 0FxDMSvXFXpp2rx/EboVjoT6AVapeVBMqtzZ4AQD63w=
Subject key identifier: D4:35:37:D7:9D:A3:3A:A2:F6:22:C7:C4:E5:5E:DC:91:51:DD:4E:7A
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0185719E8F1C2CB89F1E0E13FFD9D81841AA
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1DU3152jOqL2IsfE5V7ckVHdTno.roa
Signing time: Mon 02 Jan 2023 08:34:54 +0000
ROA not before: Mon 02 Jan 2023 08:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210993
IP address blocks: 193.232.65.0/24 maxlen: 24
62.76.141.0/24 maxlen: 24
194.226.42.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 10 Mar 2023 08:39:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:8f:1c:2c:b8:9f:1e:0e:13:ff:d9:d8:18:41:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 2 08:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d43537d79da33aa2f622c7c4e55edc9151dd4e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b8:8a:7d:65:d3:02:8d:46:f3:5c:f2:3d:b7:
77:5e:63:fd:4c:e5:04:fb:b9:fd:06:6d:41:6f:96:
2c:1a:d9:27:46:93:86:ae:72:fd:ce:6d:36:a5:7a:
73:d2:8d:c5:af:59:87:cb:81:67:51:58:15:9d:b4:
33:84:f0:05:49:23:79:55:d0:08:92:25:6f:05:ac:
75:9a:c6:1b:dd:a6:5b:d7:af:8f:59:ea:b7:c5:1b:
a3:05:92:36:13:6c:34:36:e2:8e:70:b0:e8:e4:60:
a3:c8:cf:f0:5f:57:66:7e:d1:d3:7d:03:e7:bc:7a:
05:6b:ff:f2:f7:da:0b:a0:ef:44:79:57:e8:a6:80:
2b:90:50:c4:67:46:17:a6:d2:be:62:a3:b0:fe:f4:
ba:f0:75:c4:be:7b:7c:28:59:7e:f6:40:4c:93:fc:
21:4e:0e:84:2b:44:99:52:58:f9:d2:56:6e:24:20:
a4:66:a1:d6:08:5b:3d:dd:7c:60:99:0b:88:f9:a9:
b8:0c:30:53:a4:21:2d:a1:b8:43:d8:88:c6:ba:a4:
a4:fc:88:6f:1e:4b:60:91:e5:d8:29:c5:da:1d:68:
1f:fe:d2:44:2d:a5:ca:fc:80:8d:a7:38:dd:5b:5a:
d6:b5:d6:15:dc:87:a4:8e:fe:82:1d:a5:a3:b7:7e:
e8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:35:37:D7:9D:A3:3A:A2:F6:22:C7:C4:E5:5E:DC:91:51:DD:4E:7A
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/1DU3152jOqL2IsfE5V7ckVHdTno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.141.0/24
193.232.65.0/24
194.226.42.0/24
Signature Algorithm: sha256WithRSAEncryption
91:17:c9:32:7f:fc:09:b8:3a:91:af:ce:19:b7:53:4f:9e:79:
2e:f2:ca:00:d0:59:92:e7:ed:df:64:4d:f3:69:b8:87:49:d3:
5c:62:98:79:43:1d:2f:00:b5:9b:a8:ca:b2:aa:66:cb:99:4f:
8e:32:9b:79:40:3c:7b:b6:b7:33:b3:f5:12:d1:43:dc:7a:c5:
c5:db:4d:18:ab:21:02:0e:bc:11:74:49:46:7b:1f:f8:47:5d:
99:0c:a9:ee:ad:9c:f8:23:05:81:57:6b:a6:dc:bb:a5:9d:3f:
45:f1:8c:0a:7b:65:09:12:b6:93:b9:eb:ad:86:ca:0b:79:33:
11:83:51:ad:f4:09:11:19:0c:db:b2:32:a0:65:35:8c:57:2e:
a5:c7:8e:f3:a1:09:6f:7b:38:c6:41:fc:d7:3d:02:ff:b8:89:
0d:a9:a6:24:84:70:b6:1d:94:42:8b:57:5b:29:a1:8d:c1:4b:
d4:e0:70:2b:72:c2:5b:e7:e3:f8:a0:e3:b4:87:9e:05:f4:86:
de:19:16:1b:cb:86:af:3c:97:bd:bf:c6:79:22:4d:c8:72:fe:
a2:ee:32:e1:bc:ef:bf:79:eb:b7:fc:06:e4:4c:f4:f6:65:48:
f8:12:ca:b8:f7:c8:a8:af:56:12:f3:36:4c:62:7d:3e:3c:a6:
57:27:49:24
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxno8cLLifHg4T/9nYGEGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjMwMTAyMDgzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDM1MzdkNzlkYTMzYWEyZjYyMmM3YzRlNTVlZGM5MTUxZGQ0ZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjriKfWXTAo1G81zyPbd3XmP9TOUE
+7n9Bm1Bb5YsGtknRpOGrnL9zm02pXpz0o3Fr1mHy4FnUVgVnbQzhPAFSSN5VdAI
kiVvBax1msYb3aZb16+PWeq3xRujBZI2E2w0NuKOcLDo5GCjyM/wX1dmftHTfQPn
vHoFa//y99oLoO9EeVfopoArkFDEZ0YXptK+YqOw/vS68HXEvnt8KFl+9kBMk/wh
Tg6EK0SZUlj50lZuJCCkZqHWCFs93XxgmQuI+am4DDBTpCEtobhD2IjGuqSk/Ihv
HktgkeXYKcXaHWgf/tJELaXK/ICNpzjdW1rWtdYV3Iekjv6CHaWjt37o1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNQ1N9edozqi9iLHxOVe3JFR3U56MB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMURVMzE1MmpPcUwySXNmRTVWN2NrVkhkVG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPkyNAwQA
wehBAwQAwuIqMA0GCSqGSIb3DQEBCwUAA4IBAQCRF8kyf/wJuDqRr84Zt1NPnnku
8soA0FmS5+3fZE3zabiHSdNcYph5Qx0vALWbqMqyqmbLmU+OMpt5QDx7trczs/US
0UPcesXF200YqyECDrwRdElGex/4R12ZDKnurZz4IwWBV2um3LulnT9F8YwKe2UJ
EraTueuthsoLeTMRg1Gt9AkRGQzbsjKgZTWMVy6lx47zoQlvezjGQfzXPQL/uIkN
qaYkhHC2HZRCi1dbKaGNwUvU4HArcsJb5+P4oOO0h54F9IbeGRYby4avPJe9v8Z5
Ik3Icv6i7jLhvO+/eeu3/AbkTPT2ZUj4Esq498ior1YS8zZMYn0+PKZXJ0kk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:58 2024 by rpki-client on console-ams.rpki-client.org