Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/dAike8Uf1HURXT_c3XnCxvQEoAI.roa
File: dAike8Uf1HURXT_c3XnCxvQEoAI.roa (raw, json)
Hash identifier: qvUhZjB5Ysff6v/weipIaVX/zxGX0q3twvNJRHNSu0w=
Subject key identifier: 74:08:A4:7B:C5:1F:D4:75:11:5D:3F:DC:DD:79:C2:C6:F4:04:A0:02
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018576B17ED8C48E198301CEE1CD780AA644
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/dAike8Uf1HURXT_c3XnCxvQEoAI.roa
Signing time: Tue 03 Jan 2023 08:13:41 +0000
ROA not before: Tue 03 Jan 2023 08:13:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.42.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 16 May 2023 08:55:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:76:b1:7e:d8:c4:8e:19:83:01:ce:e1:cd:78:0a:a6:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: Jan 3 08:13:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7408a47bc51fd475115d3fdcdd79c2c6f404a002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:12:55:a3:09:be:3e:04:69:50:bd:13:36:00:
c5:45:d5:66:f1:8c:82:10:9c:39:c7:77:8d:84:da:
90:a0:ed:9d:9d:f9:5e:52:23:a8:42:e1:23:e6:df:
8b:2d:b4:98:84:dc:43:d9:4b:fd:53:94:02:cc:06:
03:f2:e0:65:01:04:2d:8c:f0:ce:6d:0c:3e:b9:14:
f4:2c:b3:99:d6:54:8e:62:d8:db:1c:0f:d6:ed:04:
6e:ca:a5:1e:b1:fa:60:6d:39:20:fe:4b:d5:38:8a:
75:a3:02:13:28:6c:f2:3e:4e:df:62:03:bf:75:24:
73:5e:79:01:c5:48:f1:fd:64:89:99:16:a1:92:ca:
80:ae:20:99:94:f1:92:ef:d9:68:52:ea:9b:99:0f:
1e:57:11:8d:7e:45:cf:a8:58:6e:40:41:c5:95:56:
01:3e:53:26:95:69:c6:4f:98:28:9c:d0:c1:da:c5:
d2:f4:43:33:5b:69:23:ca:94:d0:1d:ec:ec:10:61:
a4:f8:fc:c0:87:c1:23:eb:ce:90:28:2c:32:87:32:
93:9e:41:0b:d4:28:1b:2c:d1:ed:6c:63:e1:7b:ae:
79:d7:18:bc:f2:ce:09:07:7f:d0:db:2f:72:3b:79:
83:35:4f:0c:c7:c4:f7:d0:9b:81:6a:f6:35:e5:49:
c1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:08:A4:7B:C5:1F:D4:75:11:5D:3F:DC:DD:79:C2:C6:F4:04:A0:02
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/dAike8Uf1HURXT_c3XnCxvQEoAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.40.0-213.244.42.255
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
9d:a5:0f:5e:70:27:d0:27:3e:66:22:fc:fa:f8:24:af:2f:6a:
3b:27:56:52:c3:70:0b:d8:40:5a:e5:0f:a1:37:40:20:23:9b:
f1:63:50:d1:f0:24:47:77:61:8e:b1:74:96:af:1e:6f:46:b3:
db:6f:ba:e4:7b:82:ce:f4:a4:b9:a6:ee:99:d5:1f:4d:19:97:
52:52:ca:d5:d3:c7:26:ed:0a:1c:2f:f9:fb:f7:a4:fb:81:06:
4a:8a:64:e2:6b:97:4d:e0:89:95:79:2d:db:84:f8:15:b7:14:
75:99:b2:a2:51:e5:99:52:9b:ec:5c:5c:1a:da:44:5f:54:fe:
ef:4b:8f:d7:6a:72:a7:4a:ae:7d:a2:ea:71:a5:ec:fc:3b:b0:
bf:b4:5c:7a:4e:fa:40:99:70:5f:b8:40:dc:dc:9a:f0:62:54:
06:1b:7a:cf:17:dc:9c:ea:81:cc:e3:2e:e7:24:63:02:5e:8a:
88:6c:99:00:e6:d8:c1:72:84:6a:12:80:e5:f0:3e:a9:d8:69:
34:81:ea:f5:66:1c:57:93:c7:47:c2:e6:e6:c9:42:cd:c4:a9:
c1:f9:53:a6:00:be:39:a7:f6:61:f5:c3:a8:21:05:ac:d8:0a:
2f:49:89:cc:ba:c9:79:17:8a:b1:a6:ff:06:a0:07:ae:6e:77:
b0:e4:37:d5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYV2sX7YxI4ZgwHO4c14CqZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwMTAzMDgxMzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDA4YTQ3YmM1MWZkNDc1MTE1ZDNmZGNkZDc5YzJjNmY0MDRhMDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhJVowm+PgRpUL0TNgDFRdVm8YyC
EJw5x3eNhNqQoO2dnfleUiOoQuEj5t+LLbSYhNxD2Uv9U5QCzAYD8uBlAQQtjPDO
bQw+uRT0LLOZ1lSOYtjbHA/W7QRuyqUesfpgbTkg/kvVOIp1owITKGzyPk7fYgO/
dSRzXnkBxUjx/WSJmRahksqAriCZlPGS79loUuqbmQ8eVxGNfkXPqFhuQEHFlVYB
PlMmlWnGT5gonNDB2sXS9EMzW2kjypTQHezsEGGk+PzAh8Ej686QKCwyhzKTnkEL
1CgbLNHtbGPhe6551xi88s4JB3/Q2y9yO3mDNU8Mx8T30JuBavY15UnBkQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHQIpHvFH9R1EV0/3N15wsb0BKACMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvZEFpa2U4VWYxSFVSWFRfYzNYbkN4dlFFb0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQAnWGjAwQC
uYH8AwQBwf7KMAwDBAPV9CgDBADV9CowDQQCAAIwBwMFAyoG1oAwDQYJKoZIhvcN
AQELBQADggEBAJ2lD15wJ9AnPmYi/Pr4JK8vajsnVlLDcAvYQFrlD6E3QCAjm/Fj
UNHwJEd3YY6xdJavHm9Gs9tvuuR7gs70pLmm7pnVH00Zl1JSytXTxybtChwv+fv3
pPuBBkqKZOJrl03giZV5LduE+BW3FHWZsqJR5ZlSm+xcXBraRF9U/u9Lj9dqcqdK
rn2i6nGl7Pw7sL+0XHpO+kCZcF+4QNzcmvBiVAYbes8X3JzqgczjLuckYwJeiohs
mQDm2MFyhGoSgOXwPqnYaTSB6vVmHFeTx0fC5ubJQs3EqcH5U6YAvjmn9mH1w6gh
BazYCi9Jicy6yXkXirGm/wagB65ud7DkN9U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:19 2024 by rpki-client on console-ams.rpki-client.org