Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/DRehtrm5cBQuEA8ZSIXqDZmAsog.roa
File: DRehtrm5cBQuEA8ZSIXqDZmAsog.roa (raw, json)
Hash identifier: ruUr+nOpU0fwRBumKwQhes2utR5jKCMxe1iySwtk/Ow=
Subject key identifier: 0D:17:A1:B6:B9:B9:70:14:2E:10:0F:19:48:85:EA:0D:99:80:B2:88
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0185720C43DE8256C3198189F96245F2F233
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/DRehtrm5cBQuEA8ZSIXqDZmAsog.roa
Signing time: Mon 02 Jan 2023 10:34:44 +0000
ROA not before: Mon 02 Jan 2023 10:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47950
IP address blocks: 193.41.244.0/24 maxlen: 24
193.41.246.0/24 maxlen: 24
2a0d:f400::/32 maxlen: 32
2a06:e800::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:43:de:82:56:c3:19:81:89:f9:62:45:f2:f2:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jan 2 10:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d17a1b6b9b970142e100f194885ea0d9980b288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:6c:7d:ac:b0:63:b4:ee:b5:ee:e2:9a:97:b2:
6b:15:86:a7:aa:e3:8d:8b:8b:60:94:42:14:a7:14:
95:91:9d:a8:87:cd:6f:85:a4:cf:92:4b:e8:9f:c4:
43:50:24:93:9d:21:d4:3c:a8:26:86:fe:66:05:c5:
44:34:08:59:5a:b5:7b:ec:60:d2:da:7b:81:88:ff:
37:65:8a:50:8e:49:5d:b5:1b:b2:8c:15:61:e9:7d:
4b:08:75:29:8f:c0:27:e3:c2:26:a2:b4:9b:38:d0:
1a:11:f9:01:b9:bf:78:11:8c:c9:43:8a:c5:10:e2:
e8:0b:87:68:96:30:f9:66:04:ed:d4:71:a9:ef:c6:
26:a3:da:81:68:f7:24:a4:aa:8f:d7:51:a1:85:76:
29:9f:24:a1:ef:98:b6:59:90:40:0c:2b:52:45:93:
42:4a:f9:9f:9e:b8:61:22:aa:09:f1:22:ad:e0:bd:
d5:31:c2:27:32:7f:88:50:77:5a:6b:96:25:ec:44:
cf:fa:20:a5:06:07:ba:e3:b4:51:3a:7c:18:e6:df:
09:28:06:a6:d6:48:2b:0c:2f:64:8d:19:ad:81:33:
8b:25:eb:86:98:e1:d7:dd:54:59:46:71:e2:c5:35:
0a:bd:77:eb:60:00:c5:db:ef:88:b1:23:46:49:0e:
36:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:17:A1:B6:B9:B9:70:14:2E:10:0F:19:48:85:EA:0D:99:80:B2:88
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/DRehtrm5cBQuEA8ZSIXqDZmAsog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.244.0/24
193.41.246.0/24
IPv6:
2a06:e800::/32
2a0d:f400::/32
Signature Algorithm: sha256WithRSAEncryption
7f:81:1b:d3:47:87:c2:af:db:5d:0c:78:cb:ad:fc:70:fc:b5:
f6:6f:53:1f:90:a2:17:ae:d7:6f:cb:32:bc:b3:56:fd:d7:d3:
07:ff:00:f2:1f:b2:19:73:f6:b7:5a:46:90:47:28:58:6a:2e:
f3:c3:93:2b:7c:55:29:63:9d:22:37:68:ea:ee:7c:5d:ec:79:
12:70:39:03:45:c6:da:4e:79:ad:17:5b:be:c9:8a:07:21:95:
21:42:2d:2a:ff:4c:0a:51:6a:1c:5c:c0:e2:81:dd:bf:02:60:
9f:77:94:d8:d3:6e:74:c9:55:5b:8b:0f:99:58:6f:0e:ad:75:
a8:b1:3b:09:27:fa:61:2f:11:e1:ff:e2:18:e5:54:69:3a:95:
5b:83:3f:ca:e0:a2:8c:5d:db:a8:ea:21:92:b8:b9:ef:8a:b8:
b9:26:9f:9f:80:0f:b2:e7:21:01:57:0c:d7:d0:47:92:c8:40:
24:3b:f8:1e:8a:d4:49:a7:f2:53:b4:16:bb:7d:82:19:9f:72:
ab:a3:80:9b:ae:7d:b8:18:ac:07:a8:a4:f2:4d:85:00:5b:98:
b9:6b:da:aa:60:30:dc:30:23:3f:38:ec:46:6b:f9:c0:9c:01:
89:fc:8e:a1:b2:0c:2c:be:9c:5b:40:47:9e:46:8a:37:e1:62:
95:37:f1:56
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVyDEPeglbDGYGJ+WJF8vIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjMwMTAyMTAzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDE3YTFiNmI5Yjk3MDE0MmUxMDBmMTk0ODg1ZWEwZDk5ODBiMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWx9rLBjtO617uKal7JrFYanquON
i4tglEIUpxSVkZ2oh81vhaTPkkvon8RDUCSTnSHUPKgmhv5mBcVENAhZWrV77GDS
2nuBiP83ZYpQjkldtRuyjBVh6X1LCHUpj8An48ImorSbONAaEfkBub94EYzJQ4rF
EOLoC4doljD5ZgTt1HGp78Ymo9qBaPckpKqP11GhhXYpnySh75i2WZBADCtSRZNC
SvmfnrhhIqoJ8SKt4L3VMcInMn+IUHdaa5Yl7ETP+iClBge647RROnwY5t8JKAam
1kgrDC9kjRmtgTOLJeuGmOHX3VRZRnHixTUKvXfrYADF2++IsSNGSQ426wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA0Xoba5uXAULhAPGUiF6g2ZgLKIMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvRFJlaHRybTVjQlF1RUE4WlNJWHFEWm1Bc29nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAwSn0AwQA
wSn2MBQEAgACMA4DBQAqBugAAwUAKg30ADANBgkqhkiG9w0BAQsFAAOCAQEAf4Eb
00eHwq/bXQx4y638cPy19m9TH5CiF67Xb8syvLNW/dfTB/8A8h+yGXP2t1pGkEco
WGou88OTK3xVKWOdIjdo6u58Xex5EnA5A0XG2k55rRdbvsmKByGVIUItKv9MClFq
HFzA4oHdvwJgn3eU2NNudMlVW4sPmVhvDq11qLE7CSf6YS8R4f/iGOVUaTqVW4M/
yuCijF3bqOohkri574q4uSafn4APsuchAVcM19BHkshAJDv4HorUSafyU7QWu32C
GZ9yq6OAm659uBisB6ik8k2FAFuYuWvaqmAw3DAjPzjsRmv5wJwBifyOobIMLL6c
W0BHnkaKN+FilTfxVg==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:17 2024 by rpki-client on console-ams.rpki-client.org