Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/cDdbOztV52Dj_9w6kxxoH6noqFs.roa
File: cDdbOztV52Dj_9w6kxxoH6noqFs.roa (raw, json)
Hash identifier: xBEZaQe8eehT/X3Oyu9aLkGIZsyNKeLwO+GSeC9iT6U=
Subject key identifier: 70:37:5B:3B:3B:55:E7:60:E3:FF:DC:3A:93:1C:68:1F:A9:E8:A8:5B
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01870DA198101BDAEDAC0BFDB5B9A7AB55A7
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/cDdbOztV52Dj_9w6kxxoH6noqFs.roa
Signing time: Thu 23 Mar 2023 08:41:46 +0000
ROA not before: Thu 23 Mar 2023 08:41:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204654
IP address blocks: 195.235.42.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:a1:98:10:1b:da:ed:ac:0b:fd:b5:b9:a7:ab:55:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 23 08:41:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70375b3b3b55e760e3ffdc3a931c681fa9e8a85b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:ab:be:3e:61:ce:66:7b:f4:4f:5c:51:4e:
b2:7a:97:97:ce:0c:9c:aa:be:11:5d:03:8a:f5:e0:
72:92:e9:1b:03:28:83:48:18:4b:3e:36:5e:97:e8:
2e:4e:b9:35:f1:a6:71:47:fa:75:88:e0:40:29:e9:
d1:70:20:22:57:5e:25:3f:e4:be:64:6f:28:57:12:
56:5e:f0:26:1c:07:70:af:b4:23:63:dc:73:f5:7c:
67:9d:8c:08:9e:6c:2e:aa:a6:17:bf:5a:16:a8:ea:
25:62:5e:37:24:0b:62:e2:41:e6:14:47:5f:9a:90:
63:b7:20:91:45:38:04:20:7b:c5:b2:79:81:34:12:
b0:62:eb:e5:a1:f6:11:bf:b9:5a:70:b3:ab:45:fa:
99:14:c3:b1:27:30:c2:4e:64:54:bf:4d:76:f5:a6:
c6:fe:bd:db:33:5d:8a:03:39:6a:2b:c6:a8:af:6f:
a1:82:fa:52:a2:eb:98:8b:74:e2:d4:a5:42:f2:8c:
7a:4f:ad:ba:8e:59:a7:13:b0:c6:c7:33:78:a9:e6:
0a:e3:e5:02:98:61:13:83:56:27:6f:cb:78:90:84:
19:48:6a:35:b2:35:16:72:b0:58:d1:0c:1c:1a:8b:
c7:3c:4c:7b:79:c6:07:22:8b:53:f6:b2:f3:d4:80:
14:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:37:5B:3B:3B:55:E7:60:E3:FF:DC:3A:93:1C:68:1F:A9:E8:A8:5B
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/cDdbOztV52Dj_9w6kxxoH6noqFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.235.42.0/24
Signature Algorithm: sha256WithRSAEncryption
be:38:40:38:4d:40:4f:d9:a5:5e:bd:a5:39:f6:aa:96:8a:36:
1a:ab:8d:2f:31:45:4a:55:7e:3b:ed:4a:e4:95:d6:09:6a:dc:
58:7f:e8:b5:87:49:d0:33:1c:1f:00:e1:c0:a0:4f:10:5b:eb:
9c:69:b2:bb:50:86:f0:16:0b:4b:6f:68:f1:dd:b2:e2:c5:56:
8b:5e:de:4b:96:ae:e9:38:dc:e0:06:be:16:27:96:91:9c:bb:
dc:e1:d3:c9:f5:0e:6f:45:dc:c5:95:8f:86:c0:37:51:d5:ef:
f2:04:9d:97:57:45:e0:9b:25:e8:26:fd:13:86:45:d4:73:b3:
42:23:ff:db:d9:c7:1d:66:17:13:e1:5d:80:2b:6b:c8:b3:e3:
4f:2d:e3:1f:d1:7a:93:0b:e3:e9:72:17:33:1e:c6:2f:1e:e1:
1a:e7:98:f6:6d:00:d6:e5:3c:80:5e:db:ca:08:47:6a:0a:a0:
b0:2e:87:77:da:46:03:f5:10:b9:45:b3:99:ae:c9:1b:58:d5:
29:c3:0a:ec:6f:01:28:01:2c:c4:f7:e5:2d:42:7c:a8:65:f9:
a1:b8:94:17:46:0a:54:40:d8:68:45:63:e1:79:0d:0f:90:a5:
01:16:c0:05:63:59:5f:14:49:10:fb:70:6c:f7:b8:7b:7c:7a:
c2:c5:f0:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcNoZgQG9rtrAv9tbmnq1WnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzIzMDg0MTQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDM3NWIzYjNiNTVlNzYwZTNmZmRjM2E5MzFjNjgxZmE5ZThhODViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL+rvj5hzmZ79E9cUU6yepeXzgyc
qr4RXQOK9eBykukbAyiDSBhLPjZel+guTrk18aZxR/p1iOBAKenRcCAiV14lP+S+
ZG8oVxJWXvAmHAdwr7QjY9xz9XxnnYwInmwuqqYXv1oWqOolYl43JAti4kHmFEdf
mpBjtyCRRTgEIHvFsnmBNBKwYuvlofYRv7lacLOrRfqZFMOxJzDCTmRUv0129abG
/r3bM12KAzlqK8aor2+hgvpSouuYi3Ti1KVC8ox6T626jlmnE7DGxzN4qeYK4+UC
mGETg1Ynb8t4kIQZSGo1sjUWcrBY0QwcGovHPEx7ecYHIotT9rLz1IAUOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHA3Wzs7Vedg4//cOpMcaB+p6KhbMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvY0RkYk96dFY1MkRqXzl3Nmt4eG9INm5vcUZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+sqMA0G
CSqGSIb3DQEBCwUAA4IBAQC+OEA4TUBP2aVevaU59qqWijYaq40vMUVKVX477Urk
ldYJatxYf+i1h0nQMxwfAOHAoE8QW+ucabK7UIbwFgtLb2jx3bLixVaLXt5Llq7p
ONzgBr4WJ5aRnLvc4dPJ9Q5vRdzFlY+GwDdR1e/yBJ2XV0XgmyXoJv0ThkXUc7NC
I//b2ccdZhcT4V2AK2vIs+NPLeMf0XqTC+PpchczHsYvHuEa55j2bQDW5TyAXtvK
CEdqCqCwLod32kYD9RC5RbOZrskbWNUpwwrsbwEoASzE9+UtQnyoZfmhuJQXRgpU
QNhoRWPheQ0PkKUBFsAFY1lfFEkQ+3Bs97h7fHrCxfDv
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:27 2024 by rpki-client on console-fra.rpki-client.org