Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DUBMtLqp1GSdpdyGKRekmFazbEI.roa
File: DUBMtLqp1GSdpdyGKRekmFazbEI.roa (raw, json)
Hash identifier: FGUzhopiO2pBSSyXcsaCCscu6Ch5KJ7jrqevs9Wva0s=
Subject key identifier: 0D:40:4C:B4:BA:A9:D4:64:9D:A5:DC:86:29:17:A4:98:56:B3:6C:42
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 018ECC506DE42C6AAE2067F24EF0D7E82F76
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DUBMtLqp1GSdpdyGKRekmFazbEI.roa
Signing time: Thu 11 Apr 2024 08:40:06 +0000
ROA not before: Thu 11 Apr 2024 08:40:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 185.194.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 16 Apr 2024 07:52:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:50:6d:e4:2c:6a:ae:20:67:f2:4e:f0:d7:e8:2f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Apr 11 08:40:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d404cb4baa9d4649da5dc862917a49856b36c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:51:d5:8d:76:e7:8a:d5:5b:21:95:73:58:c9:
5f:ef:dc:11:d7:18:7e:6d:c9:98:7d:dd:b9:ae:69:
21:2a:e1:ac:4a:0c:c3:db:d8:ba:64:82:fc:75:28:
b8:67:f0:40:89:b0:74:af:e6:0f:b5:22:94:b4:47:
2f:4f:f6:a5:ee:4e:c4:dc:77:25:c9:74:4a:06:b1:
40:80:33:63:2d:ce:95:2e:e8:49:42:36:0d:5b:0b:
40:87:4d:56:53:2a:c5:c3:75:50:89:b7:cb:4f:cd:
4b:46:e3:6c:6e:50:5c:97:1a:41:b8:3d:00:be:0c:
6b:4a:fa:8b:ed:d5:13:90:21:3f:6d:f9:57:a9:ce:
41:72:c3:bd:ec:46:d7:0e:91:ea:ec:b2:b3:b1:36:
7b:1a:67:fa:b2:11:d9:2b:e9:43:de:51:05:eb:65:
31:16:62:d2:21:72:a9:c7:19:9e:43:ed:93:00:af:
8d:3e:19:e8:38:c7:0c:04:c1:a7:60:86:64:23:53:
e0:62:ef:de:4d:14:5c:71:de:9c:07:80:92:0e:b2:
d8:47:62:47:3a:a6:a0:5f:34:85:9a:8e:2e:bb:88:
85:cc:98:15:f3:34:41:8a:aa:96:84:96:bf:02:b1:
f7:65:fe:c2:05:d0:a4:36:9b:31:8d:2c:4e:80:5b:
e0:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:40:4C:B4:BA:A9:D4:64:9D:A5:DC:86:29:17:A4:98:56:B3:6C:42
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/DUBMtLqp1GSdpdyGKRekmFazbEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.204.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:90:fa:29:82:0b:33:ab:4f:cf:6f:6c:55:cf:eb:5e:62:0f:
f8:bb:b4:1f:f2:36:ba:f0:95:d8:94:91:ba:8e:c4:0e:a2:54:
f3:bd:b9:75:ea:9b:6a:12:8c:03:65:9c:94:e0:60:d2:13:93:
64:57:02:cb:e3:85:31:4b:e4:7f:36:29:12:62:98:b4:a2:e0:
61:a2:fa:bf:47:f3:f8:72:46:ec:08:3c:ae:c4:d2:17:46:ea:
88:bd:b8:dc:aa:e7:b9:f9:30:e6:73:7f:d9:5d:06:31:a2:95:
49:7a:38:08:20:fd:34:b7:63:03:76:ce:cf:24:65:78:a8:88:
28:6a:a5:26:e0:78:90:f2:c7:40:85:fd:50:86:e5:f2:ae:d4:
06:be:7e:f7:a6:aa:43:b2:13:4b:98:5f:30:ac:55:b4:ef:f0:
0c:20:ea:a8:6e:15:ff:95:61:a7:4b:4c:c8:88:d5:eb:a5:5e:
ab:f7:d9:34:e1:de:36:8d:e8:0c:eb:76:d2:10:a7:cd:2f:19:
d9:e2:c0:ed:84:2d:13:10:ad:69:89:0e:f4:e0:ce:19:c6:58:
70:4a:f1:56:68:bb:59:d2:3c:81:47:5a:ef:42:f2:d9:af:38:
45:5c:8f:98:a5:48:7b:6d:6c:f8:c1:44:9e:3c:38:3d:24:5a:
53:65:cf:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7MUG3kLGquIGfyTvDX6C92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OTRmY2M2YmY2YTg3NDBmYTc4MTQ2NDFmZDlkNmVjOGQ4
NjJlNWYwHhcNMjQwNDExMDg0MDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQwNGNiNGJhYTlkNDY0OWRhNWRjODYyOTE3YTQ5ODU2YjM2YzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlHVjXbnitVbIZVzWMlf79wR1xh+
bcmYfd25rmkhKuGsSgzD29i6ZIL8dSi4Z/BAibB0r+YPtSKUtEcvT/al7k7E3Hcl
yXRKBrFAgDNjLc6VLuhJQjYNWwtAh01WUyrFw3VQibfLT81LRuNsblBclxpBuD0A
vgxrSvqL7dUTkCE/bflXqc5BcsO97EbXDpHq7LKzsTZ7Gmf6shHZK+lD3lEF62Ux
FmLSIXKpxxmeQ+2TAK+NPhnoOMcMBMGnYIZkI1PgYu/eTRRccd6cB4CSDrLYR2JH
OqagXzSFmo4uu4iFzJgV8zRBiqqWhJa/ArH3Zf7CBdCkNpsxjSxOgFvg0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1ATLS6qdRknaXchikXpJhWs2xCMB8GA1UdIwQY
MBaAFDaU/Ma/aodA+ngUZB/Z1uyNhi5fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUt
MGQzZmNlNDI5YmRlLzEvRFVCTXRMcXAxR1NkcGR5R0tSZWttRmF6YkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9hOGRkOWUtNzFmMi00Zjc3LWI1NzUtMGQzZmNlNDI5YmRl
LzEvTnBUOHhyOXFoMEQ2ZUJSa0g5blc3STJHTGw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBucLMMA0G
CSqGSIb3DQEBCwUAA4IBAQA9kPopggszq0/Pb2xVz+teYg/4u7Qf8ja68JXYlJG6
jsQOolTzvbl16ptqEowDZZyU4GDSE5NkVwLL44UxS+R/NikSYpi0ouBhovq/R/P4
ckbsCDyuxNIXRuqIvbjcque5+TDmc3/ZXQYxopVJejgIIP00t2MDds7PJGV4qIgo
aqUm4HiQ8sdAhf1QhuXyrtQGvn73pqpDshNLmF8wrFW07/AMIOqobhX/lWGnS0zI
iNXrpV6r99k04d42jegM63bSEKfNLxnZ4sDthC0TEK1piQ704M4ZxlhwSvFWaLtZ
0jyBR1rvQvLZrzhFXI+YpUh7bWz4wUSePDg9JFpTZc+g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:50 2024 by rpki-client on console-fra.rpki-client.org