Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dd1-CtLxoUHSgFQpShjep2rGOTo.roa
File: dd1-CtLxoUHSgFQpShjep2rGOTo.roa (raw, json)
Hash identifier: RUVIacQfHPqUk/j6AcYRPxjFzT//oz4jmzYK7dvOyJ4=
Subject key identifier: 75:DD:7E:0A:D2:F1:A1:41:D2:80:54:29:4A:18:DE:A7:6A:C6:39:3A
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018755A03408908ABDDE1125B2C6EE128B3B
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dd1-CtLxoUHSgFQpShjep2rGOTo.roa
Signing time: Thu 06 Apr 2023 08:12:55 +0000
ROA not before: Thu 06 Apr 2023 08:12:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30058
IP address blocks: 78.142.242.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:a0:34:08:90:8a:bd:de:11:25:b2:c6:ee:12:8b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 08:12:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75dd7e0ad2f1a141d28054294a18dea76ac6393a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:c5:02:60:c4:23:b4:04:cd:52:3d:7a:d5:
a4:55:29:7c:49:7c:e3:96:22:f7:81:b0:21:73:dc:
53:8b:5d:7a:3a:8c:83:c6:23:8c:de:4e:47:6c:01:
5e:b4:0d:4e:4d:dc:de:ef:bd:99:65:72:c3:f9:e2:
f0:82:72:2d:46:f5:cf:1f:78:b7:12:ca:56:8a:0d:
fa:3e:65:f7:44:88:ac:52:92:04:69:63:00:b4:c7:
a9:1b:a5:9d:25:24:19:06:81:6a:4f:5a:02:c9:c8:
0f:cd:1a:05:0a:3a:2d:0c:c5:0d:9c:0d:40:6f:ce:
19:c6:f8:46:fa:d9:2c:43:bd:23:19:79:52:a5:11:
bc:88:b5:8f:2f:8d:99:f9:19:3c:f9:07:27:9a:94:
78:96:5f:19:4f:1b:c3:fd:05:0b:6d:6f:7b:7f:d5:
7c:7e:e2:f1:70:02:da:56:f7:97:90:de:72:09:2a:
32:16:cf:c2:b0:64:52:7f:10:f6:a7:66:8c:f4:79:
e3:fd:c8:e9:5f:70:ec:94:a2:c4:1d:65:6a:b6:09:
7d:3a:c9:9c:99:12:e5:e1:d8:6f:32:ca:97:a2:1c:
91:11:a3:76:47:dd:11:50:46:79:73:c8:e9:67:c4:
2b:8a:ca:1c:40:03:9d:e1:66:46:8e:31:83:cd:b7:
a5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:DD:7E:0A:D2:F1:A1:41:D2:80:54:29:4A:18:DE:A7:6A:C6:39:3A
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/dd1-CtLxoUHSgFQpShjep2rGOTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.242.0/24
Signature Algorithm: sha256WithRSAEncryption
17:df:22:9e:a0:cc:d3:7d:e1:c7:ea:99:44:76:3a:98:a6:d3:
5e:be:19:90:f2:56:c7:ce:ef:76:38:87:21:38:e0:dd:3e:07:
ce:0f:74:d1:8c:01:48:79:c6:33:44:5d:3a:e8:83:f1:0c:88:
22:f1:c1:a4:1c:7a:2d:19:0b:5f:e8:8d:1d:c2:72:92:27:36:
f7:62:8a:28:ba:08:ca:5f:7a:9d:23:e1:01:f5:0d:a6:e2:c7:
09:a5:a7:e4:d2:28:e4:06:16:fc:79:fb:24:50:d3:08:39:00:
04:33:e0:14:7c:bd:e0:5c:ff:62:47:fc:db:20:e2:dd:3a:fa:
a2:bf:f5:2a:3c:13:7a:21:52:c3:af:2e:00:45:0d:34:28:90:
a1:97:9a:59:1a:88:b7:fc:57:d2:0b:eb:1d:76:3d:63:0a:5d:
5b:8b:41:b3:f0:c4:b2:c4:b7:0a:55:84:5d:1d:06:86:f7:a5:
22:57:7e:5f:f9:fb:9e:e9:0f:c7:24:8b:d0:26:3c:f4:d1:ea:
03:7f:52:a5:7d:71:9d:44:b9:6d:08:e7:af:a1:06:10:9a:d0:
8a:51:04:25:17:25:aa:d0:b7:5b:ec:90:02:cd:4d:5a:dc:db:
b8:4e:e7:2c:de:04:ee:e2:c6:c8:47:d3:9e:59:2c:cb:46:ea:
56:7a:3f:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdVoDQIkIq93hElssbuEos7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MDgxMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWRkN2UwYWQyZjFhMTQxZDI4MDU0Mjk0YTE4ZGVhNzZhYzYzOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3vFAmDEI7QEzVI9etWkVSl8SXzj
liL3gbAhc9xTi116OoyDxiOM3k5HbAFetA1OTdze772ZZXLD+eLwgnItRvXPH3i3
EspWig36PmX3RIisUpIEaWMAtMepG6WdJSQZBoFqT1oCycgPzRoFCjotDMUNnA1A
b84ZxvhG+tksQ70jGXlSpRG8iLWPL42Z+Rk8+QcnmpR4ll8ZTxvD/QULbW97f9V8
fuLxcALaVveXkN5yCSoyFs/CsGRSfxD2p2aM9Hnj/cjpX3DslKLEHWVqtgl9Osmc
mRLl4dhvMsqXohyREaN2R90RUEZ5c8jpZ8QrisocQAOd4WZGjjGDzbelBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXdfgrS8aFB0oBUKUoY3qdqxjk6MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZGQxLUN0THhvVUhTZ0ZRcFNoamVwMnJHT1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATo7yMA0G
CSqGSIb3DQEBCwUAA4IBAQAX3yKeoMzTfeHH6plEdjqYptNevhmQ8lbHzu92OIch
OODdPgfOD3TRjAFIecYzRF066IPxDIgi8cGkHHotGQtf6I0dwnKSJzb3YooougjK
X3qdI+EB9Q2m4scJpafk0ijkBhb8efskUNMIOQAEM+AUfL3gXP9iR/zbIOLdOvqi
v/UqPBN6IVLDry4ARQ00KJChl5pZGoi3/FfSC+sddj1jCl1bi0Gz8MSyxLcKVYRd
HQaG96UiV35f+fue6Q/HJIvQJjz00eoDf1KlfXGdRLltCOevoQYQmtCKUQQlFyWq
0Ldb7JACzU1a3Nu4Tucs3gTu4sbIR9OeWSzLRupWej83
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:55 2023 by rpki-client on console-ams.rpki-client.org