Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/5c22c6-7dc3-4c8c-82ac-936175ad2eb0/1/drKdv2ctAfX3y38bobpnV6Zefgc.roa
File: drKdv2ctAfX3y38bobpnV6Zefgc.roa (raw, json)
Hash identifier: yhWGusmyZtdWK64Z6MJvmJ+3bDiWq7PwZVVlZC0p93o=
Subject key identifier: 76:B2:9D:BF:67:2D:01:F5:F7:CB:7F:1B:A1:BA:67:57:A6:5E:7E:07
Certificate issuer: /CN=db25d03fc18f2f42cda503869de194fd8cc21aa9
Certificate serial: 01856FC272B12F87B52E7F50168FD63E2083
Authority key identifier: DB:25:D0:3F:C1:8F:2F:42:CD:A5:03:86:9D:E1:94:FD:8C:C2:1A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yXQP8GPL0LNpQOGneGU_YzCGqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/5c22c6-7dc3-4c8c-82ac-936175ad2eb0/1/drKdv2ctAfX3y38bobpnV6Zefgc.roa
Signing time: Sun 01 Jan 2023 23:54:52 +0000
ROA not before: Sun 01 Jan 2023 23:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197192
IP address blocks: 195.226.213.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:72:b1:2f:87:b5:2e:7f:50:16:8f:d6:3e:20:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db25d03fc18f2f42cda503869de194fd8cc21aa9
Validity
Not Before: Jan 1 23:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76b29dbf672d01f5f7cb7f1ba1ba6757a65e7e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f2:65:5d:7c:69:46:22:ae:d1:67:8b:ad:db:
76:ba:9a:ee:d6:65:26:98:73:c8:3b:60:9e:63:5f:
a6:9d:f9:1e:33:95:58:22:ae:bc:6c:5d:d1:35:47:
19:cc:74:00:0e:d1:5c:7e:9f:2f:aa:9c:c1:46:e0:
17:1b:ee:f2:11:bb:31:bd:2d:a4:85:60:62:6c:35:
ef:97:6c:4a:a2:16:46:ab:18:65:d0:16:28:c5:cf:
40:a0:9d:3a:60:26:c8:f8:99:e8:48:9a:8e:7d:61:
75:d5:62:6e:54:26:8d:5c:72:69:1b:43:58:d2:1b:
17:30:f8:61:dc:18:20:03:ea:82:40:ec:56:d3:1a:
aa:a2:e8:34:11:b1:55:df:d6:a7:cc:0c:8a:3e:da:
a6:60:40:14:16:0b:57:97:00:d7:f5:0e:d4:28:a6:
a2:66:5b:5e:42:d7:4c:be:01:c0:33:1a:38:2e:84:
c3:da:52:30:5e:b4:7f:db:34:f6:4e:de:39:59:61:
81:aa:0e:db:91:80:f8:6b:0a:89:de:44:ba:3b:b2:
40:02:fe:c5:4e:c0:00:53:a2:58:da:69:b7:57:e5:
ff:3d:18:d6:34:0e:cb:3f:86:78:2c:ae:37:f9:ea:
cf:85:22:9f:3d:aa:af:db:d1:79:d5:a8:cb:28:83:
87:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B2:9D:BF:67:2D:01:F5:F7:CB:7F:1B:A1:BA:67:57:A6:5E:7E:07
X509v3 Authority Key Identifier:
keyid:DB:25:D0:3F:C1:8F:2F:42:CD:A5:03:86:9D:E1:94:FD:8C:C2:1A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yXQP8GPL0LNpQOGneGU_YzCGqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/5c22c6-7dc3-4c8c-82ac-936175ad2eb0/1/drKdv2ctAfX3y38bobpnV6Zefgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/5c22c6-7dc3-4c8c-82ac-936175ad2eb0/1/2yXQP8GPL0LNpQOGneGU_YzCGqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.213.0/24
Signature Algorithm: sha256WithRSAEncryption
36:92:90:30:ed:e8:4a:2e:47:37:d5:af:dd:13:c5:f4:21:7c:
4f:fa:fd:b9:02:da:4f:5c:0d:48:72:41:d0:3e:2a:ff:21:2c:
99:38:27:42:74:fc:31:87:d1:eb:12:3b:df:c7:c2:c0:6c:01:
2b:55:0e:a9:58:50:92:0f:39:6c:77:27:02:78:06:61:b2:0b:
04:2a:fc:d6:92:24:62:7d:7e:1f:52:2a:b1:23:80:33:8f:28:
b9:0b:ba:41:43:db:56:06:52:48:03:34:ef:90:6a:df:04:8e:
a1:08:14:31:99:90:ab:a2:25:67:37:d6:b5:9c:ac:98:52:30:
a5:5c:ac:e4:e0:34:82:e0:8d:63:d4:94:37:f4:56:2a:60:d1:
4b:2c:96:f1:dc:04:e5:6a:71:50:ec:68:c2:83:ed:01:34:9b:
e7:8a:93:5a:b7:dd:58:9f:3d:09:6f:8b:82:a6:24:06:2b:fb:
ed:db:02:6b:57:df:3a:17:8c:2b:34:7e:37:6a:a9:cb:db:74:
eb:cb:92:9a:bf:2c:c5:ca:ac:61:13:11:b3:cf:b9:5b:97:fb:
d7:9b:2f:cc:5a:86:59:df:c9:a8:2b:e6:ab:74:cd:c8:db:8e:
d3:8d:a2:0d:69:f2:b5:a1:28:63:66:64:6d:b6:17:93:e6:35:
0e:11:fe:03
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvwnKxL4e1Ln9QFo/WPiCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjVkMDNmYzE4ZjJmNDJjZGE1MDM4NjlkZTE5NGZkOGNj
MjFhYTkwHhcNMjMwMTAxMjM1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIyOWRiZjY3MmQwMWY1ZjdjYjdmMWJhMWJhNjc1N2E2NWU3ZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvJlXXxpRiKu0WeLrdt2upru1mUm
mHPIO2CeY1+mnfkeM5VYIq68bF3RNUcZzHQADtFcfp8vqpzBRuAXG+7yEbsxvS2k
hWBibDXvl2xKohZGqxhl0BYoxc9AoJ06YCbI+JnoSJqOfWF11WJuVCaNXHJpG0NY
0hsXMPhh3BggA+qCQOxW0xqqoug0EbFV39anzAyKPtqmYEAUFgtXlwDX9Q7UKKai
ZlteQtdMvgHAMxo4LoTD2lIwXrR/2zT2Tt45WWGBqg7bkYD4awqJ3kS6O7JAAv7F
TsAAU6JY2mm3V+X/PRjWNA7LP4Z4LK43+erPhSKfPaqv29F51ajLKIOHlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHaynb9nLQH198t/G6G6Z1emXn4HMB8GA1UdIwQY
MBaAFNsl0D/Bjy9CzaUDhp3hlP2MwhqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlYUVA4R1BMMExOcFFPR25lR1VfWXpDR3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC81YzIyYzYtN2RjMy00YzhjLTgyYWMt
OTM2MTc1YWQyZWIwLzEvZHJLZHYyY3RBZlgzeTM4Ym9icG5WNlplZmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC81YzIyYzYtN2RjMy00YzhjLTgyYWMtOTM2MTc1YWQyZWIw
LzEvMnlYUVA4R1BMMExOcFFPR25lR1VfWXpDR3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LVMA0G
CSqGSIb3DQEBCwUAA4IBAQA2kpAw7ehKLkc31a/dE8X0IXxP+v25AtpPXA1IckHQ
Pir/ISyZOCdCdPwxh9HrEjvfx8LAbAErVQ6pWFCSDzlsdycCeAZhsgsEKvzWkiRi
fX4fUiqxI4Azjyi5C7pBQ9tWBlJIAzTvkGrfBI6hCBQxmZCroiVnN9a1nKyYUjCl
XKzk4DSC4I1j1JQ39FYqYNFLLJbx3ATlanFQ7GjCg+0BNJvnipNat91Ynz0Jb4uC
piQGK/vt2wJrV986F4wrNH43aqnL23Try5KavyzFyqxhExGzz7lbl/vXmy/MWoZZ
38moK+ardM3I247TjaINafK1oShjZmRttheT5jUOEf4D
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:25 2024 by rpki-client on console-fra.rpki-client.org