Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/dux8aCyeNQGtpCfm0Cb4h74761I.roa
File: dux8aCyeNQGtpCfm0Cb4h74761I.roa (raw, json)
Hash identifier: n3SiKSg8Hw6HmvSVzwjRZozj2i34vE1ySJRiZluhYOI=
Subject key identifier: 76:EC:7C:68:2C:9E:35:01:AD:A4:27:E6:D0:26:F8:87:BE:3B:EB:52
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018573438DC8C158C54E5BE426F4F9F601E0
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/dux8aCyeNQGtpCfm0Cb4h74761I.roa
Signing time: Mon 02 Jan 2023 16:14:45 +0000
ROA not before: Mon 02 Jan 2023 16:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205727
IP address blocks: 176.107.128.0/20 maxlen: 24
80.211.240.0/20 maxlen: 24
2a00:6d47::/36 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8d:c8:c1:58:c5:4e:5b:e4:26:f4:f9:f6:01:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 2 16:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76ec7c682c9e3501ada427e6d026f887be3beb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ad:5c:9d:e0:32:fe:c7:66:04:b1:1b:c1:50:
84:06:43:98:8a:4d:e0:9a:b8:84:fd:07:0f:c6:9a:
6f:59:9e:72:7c:04:80:db:16:e4:4a:7b:51:6a:6f:
8d:34:05:66:22:83:c5:b4:5b:0b:9e:b7:c4:8b:f0:
c0:bc:ba:e9:ac:ba:2c:2a:1f:b1:c7:5f:eb:c9:11:
4d:a4:7c:be:d4:36:f7:a6:72:3e:f2:b2:3b:aa:f8:
48:ce:00:30:dc:3d:7d:91:e2:ac:08:89:24:df:7e:
4e:53:2e:21:1d:f0:9f:51:46:e9:99:fc:e0:5d:06:
e0:10:e0:86:42:e9:d2:c2:1d:dc:bc:65:62:33:25:
db:05:24:2b:12:5b:8d:4d:1a:22:32:30:cb:e7:33:
37:a6:62:46:39:27:ac:5a:77:ce:eb:03:43:8b:ea:
e2:54:f1:62:cf:d6:93:5e:db:e4:94:53:1e:b7:c7:
da:2a:6b:42:d5:94:aa:f7:f3:23:a3:30:ba:bc:8b:
7f:b9:8e:e6:4a:0e:ab:71:d9:8d:eb:26:b1:89:b3:
2c:0e:0c:28:59:c4:d9:c3:a7:71:b8:1c:38:0f:fe:
7a:e5:84:5a:21:c9:b1:d5:2d:88:84:4d:9c:88:28:
67:9a:eb:34:7d:d2:1c:23:ce:b5:2b:6e:fa:5c:fd:
47:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:EC:7C:68:2C:9E:35:01:AD:A4:27:E6:D0:26:F8:87:BE:3B:EB:52
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/dux8aCyeNQGtpCfm0Cb4h74761I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.211.240.0/20
176.107.128.0/20
IPv6:
2a00:6d47::/36
Signature Algorithm: sha256WithRSAEncryption
95:cf:e3:70:12:63:28:0c:f6:2a:4f:c0:9c:89:3d:fc:64:18:
e3:fe:41:4f:f9:cd:5f:b1:00:94:b9:9b:95:64:6b:d9:47:0d:
f9:64:df:e7:d6:b2:04:8a:11:0b:12:aa:81:5a:11:40:ac:a9:
c4:1d:07:34:c4:1a:64:06:7b:87:73:3a:27:82:66:19:2d:0a:
4e:f1:73:ad:97:7f:3f:8d:25:c1:32:4b:14:8a:54:4a:a2:08:
00:a6:bb:34:1d:f9:10:76:38:a2:e0:5c:2c:88:86:85:b6:77:
a8:df:bf:c4:f6:7e:2a:18:dd:1d:30:af:4b:06:e2:96:03:c0:
d8:30:b7:7f:c0:60:a7:f8:59:e4:a2:07:63:8e:71:1c:be:cd:
e2:0b:2c:73:b4:49:3c:b6:b0:af:15:20:f5:f0:91:30:06:ec:
18:6c:c5:ca:65:0b:6b:21:ea:82:fe:8c:2a:1f:16:bc:c6:e6:
39:15:ee:53:44:a7:19:3d:14:1e:84:7d:4e:d1:66:1d:f6:90:
0a:53:3d:3c:4b:bf:8e:e4:6a:31:5c:97:25:fc:08:67:98:07:
e1:19:63:a9:d2:cf:f2:52:c7:52:0f:1f:f3:1f:58:96:74:7d:
18:57:91:a5:29:0c:df:85:1b:53:1f:bf:3e:b3:b8:98:1e:f1:
31:aa:e6:ce
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVzQ43IwVjFTlvkJvT59gHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTAyMTYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmVjN2M2ODJjOWUzNTAxYWRhNDI3ZTZkMDI2Zjg4N2JlM2JlYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn61cneAy/sdmBLEbwVCEBkOYik3g
mriE/QcPxppvWZ5yfASA2xbkSntRam+NNAVmIoPFtFsLnrfEi/DAvLrprLosKh+x
x1/ryRFNpHy+1Db3pnI+8rI7qvhIzgAw3D19keKsCIkk335OUy4hHfCfUUbpmfzg
XQbgEOCGQunSwh3cvGViMyXbBSQrEluNTRoiMjDL5zM3pmJGOSesWnfO6wNDi+ri
VPFiz9aTXtvklFMet8faKmtC1ZSq9/MjozC6vIt/uY7mSg6rcdmN6yaxibMsDgwo
WcTZw6dxuBw4D/565YRaIcmx1S2IhE2ciChnmus0fdIcI861K276XP1HmQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFHbsfGgsnjUBraQn5tAm+Ie+O+tSMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvZHV4OGFDeWVOUUd0cENmbTBDYjRoNzQ3NjFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQEUNPwAwQE
sGuAMA4EAgACMAgDBgQqAG1HADANBgkqhkiG9w0BAQsFAAOCAQEAlc/jcBJjKAz2
Kk/AnIk9/GQY4/5BT/nNX7EAlLmblWRr2UcN+WTf59ayBIoRCxKqgVoRQKypxB0H
NMQaZAZ7h3M6J4JmGS0KTvFzrZd/P40lwTJLFIpUSqIIAKa7NB35EHY4ouBcLIiG
hbZ3qN+/xPZ+KhjdHTCvSwbilgPA2DC3f8Bgp/hZ5KIHY45xHL7N4gssc7RJPLaw
rxUg9fCRMAbsGGzFymULayHqgv6MKh8WvMbmORXuU0SnGT0UHoR9TtFmHfaQClM9
PEu/juRqMVyXJfwIZ5gH4RljqdLP8lLHUg8f8x9YlnR9GFeRpSkM34UbUx+/PrO4
mB7xMarmzg==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:40:07 2024 by rpki-client on console-fra.rpki-client.org