Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/w1VSejvYyN29nw3Xkc27P13vCNw.roa
File: w1VSejvYyN29nw3Xkc27P13vCNw.roa (raw, json)
Hash identifier: FMSBIGARlLndShy4sUIjMzNHTkZiYfch61lofMdrAS4=
Subject key identifier: C3:55:52:7A:3B:D8:C8:DD:BD:9F:0D:D7:91:CD:BB:3F:5D:EF:08:DC
Certificate issuer: /CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Certificate serial: 0185708CC8EFCDCA58EC450646EACCFF8D1D
Authority key identifier: DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/w1VSejvYyN29nw3Xkc27P13vCNw.roa
Signing time: Mon 02 Jan 2023 03:35:52 +0000
ROA not before: Mon 02 Jan 2023 03:35:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43284
IP address blocks: 77.73.240.0/21 maxlen: 21
194.56.219.0/24 maxlen: 24
2a02:2108::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:c8:ef:cd:ca:58:ec:45:06:46:ea:cc:ff:8d:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc6a3742f0f0fb120922b339ef01cecf87f4d1ee
Validity
Not Before: Jan 2 03:35:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c355527a3bd8c8ddbd9f0dd791cdbb3f5def08dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:3f:25:a9:f0:2b:e8:3a:0b:ab:86:22:51:
b5:d4:27:a3:06:b1:ac:74:6e:34:04:fd:d4:7f:3b:
6d:a7:d6:d2:3f:fe:4f:53:d7:1d:18:8b:ee:b1:60:
4a:bf:a8:a6:1a:7e:f6:b7:b9:f7:24:18:66:3f:0f:
e4:7b:ae:ba:f8:00:8f:e9:cc:db:4d:27:d9:de:06:
ad:2e:3f:ff:8e:10:f9:7d:b3:b6:cf:27:04:2e:46:
31:49:93:6f:cc:db:5a:84:f5:41:18:c8:3b:dc:25:
be:90:ae:01:7d:c8:a7:44:5b:55:8d:ad:4f:9f:cc:
11:87:91:57:5a:19:df:33:63:aa:01:ef:20:16:b6:
80:18:b5:e6:8c:7a:b1:40:27:df:9d:ea:06:10:02:
0a:20:bd:dc:1a:fc:da:af:1d:ef:bb:bd:b9:ca:48:
4d:3e:fe:2a:88:aa:d3:58:38:a0:93:d5:df:d0:85:
16:00:be:44:11:29:f1:85:26:a3:39:b4:b0:44:e2:
da:26:94:03:4b:92:f2:21:67:24:8b:a4:c9:45:8f:
12:c4:12:0d:4f:13:65:4c:06:17:2c:33:55:c2:95:
06:93:ef:cb:ca:d3:a9:65:3e:08:8f:81:2b:fc:20:
1c:25:ae:2e:42:36:ab:a2:71:1d:73:de:36:b4:93:
9b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:55:52:7A:3B:D8:C8:DD:BD:9F:0D:D7:91:CD:BB:3F:5D:EF:08:DC
X509v3 Authority Key Identifier:
keyid:DC:6A:37:42:F0:F0:FB:12:09:22:B3:39:EF:01:CE:CF:87:F4:D1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Go3QvDw-xIJIrM57wHOz4f00e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/w1VSejvYyN29nw3Xkc27P13vCNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/47c973-205b-4197-8698-cc1d2c5e1b31/1/3Go3QvDw-xIJIrM57wHOz4f00e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.240.0/21
194.56.219.0/24
IPv6:
2a02:2108::/32
Signature Algorithm: sha256WithRSAEncryption
3e:21:46:87:27:34:23:2b:e2:65:fe:70:74:3f:17:d9:13:06:
a8:cb:de:c2:45:45:f6:47:ae:4b:d7:9b:44:b7:64:32:53:3b:
f2:ca:31:8b:f6:e2:ea:46:a6:a6:d9:69:a9:e8:b2:a0:c4:50:
2d:7d:ff:f8:c8:eb:21:cb:11:b0:5b:36:8f:6d:75:19:41:fc:
81:1e:6c:7c:7d:1b:3a:ab:30:6c:c7:67:02:f6:52:bc:e8:41:
8a:b7:8e:92:03:63:0e:56:aa:f0:bc:d0:2e:fa:b1:c6:93:15:
a7:96:df:13:7c:88:8c:36:21:2d:32:07:e4:52:11:92:5e:88:
86:52:73:03:5c:5e:35:8e:b1:8b:04:50:12:7e:d3:f7:79:88:
11:eb:5e:3c:ac:ec:73:71:ea:41:2c:5b:7c:64:9b:81:6b:f7:
3d:c8:b3:43:95:c9:12:56:c3:a0:25:75:b6:e2:3c:0c:b2:59:
e7:19:3a:d7:0f:fd:fa:dd:11:48:a2:e5:50:dc:72:60:22:61:
f9:43:2d:b5:7c:c9:f9:e2:7a:7e:58:c5:50:fe:2e:d7:4c:ee:
03:68:73:1a:94:3a:35:8d:7c:7c:ea:9e:7d:16:fb:03:5c:d2:
6a:45:86:59:1c:3b:cd:51:7a:b9:0e:8d:7c:1f:3a:2b:cc:c4:
57:1e:f4:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwjMjvzcpY7EUGRurM/40dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNmEzNzQyZjBmMGZiMTIwOTIyYjMzOWVmMDFjZWNmODdm
NGQxZWUwHhcNMjMwMTAyMDMzNTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzU1NTI3YTNiZDhjOGRkYmQ5ZjBkZDc5MWNkYmIzZjVkZWYwOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7Q/JanwK+g6C6uGIlG11CejBrGs
dG40BP3Ufzttp9bSP/5PU9cdGIvusWBKv6imGn72t7n3JBhmPw/ke666+ACP6czb
TSfZ3gatLj//jhD5fbO2zycELkYxSZNvzNtahPVBGMg73CW+kK4BfcinRFtVja1P
n8wRh5FXWhnfM2OqAe8gFraAGLXmjHqxQCffneoGEAIKIL3cGvzarx3vu725ykhN
Pv4qiKrTWDigk9Xf0IUWAL5EESnxhSajObSwROLaJpQDS5LyIWcki6TJRY8SxBIN
TxNlTAYXLDNVwpUGk+/LytOpZT4Ij4Er/CAcJa4uQjaronEdc942tJObywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMNVUno72MjdvZ8N15HNuz9d7wjcMB8GA1UdIwQY
MBaAFNxqN0Lw8PsSCSKzOe8Bzs+H9NHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgt
Y2MxZDJjNWUxYjMxLzEvdzFWU2Vqdll5TjI5bnczWGtjMjdQMTN2Q053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy80N2M5NzMtMjA1Yi00MTk3LTg2OTgtY2MxZDJjNWUxYjMx
LzEvM0dvM1F2RHcteElKSXJNNTd3SE96NGYwMGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTUnwAwQA
wjjbMA0EAgACMAcDBQAqAiEIMA0GCSqGSIb3DQEBCwUAA4IBAQA+IUaHJzQjK+Jl
/nB0PxfZEwaoy97CRUX2R65L15tEt2QyUzvyyjGL9uLqRqam2Wmp6LKgxFAtff/4
yOshyxGwWzaPbXUZQfyBHmx8fRs6qzBsx2cC9lK86EGKt46SA2MOVqrwvNAu+rHG
kxWnlt8TfIiMNiEtMgfkUhGSXoiGUnMDXF41jrGLBFASftP3eYgR6148rOxzcepB
LFt8ZJuBa/c9yLNDlckSVsOgJXW24jwMslnnGTrXD/363RFIouVQ3HJgImH5Qy21
fMn54np+WMVQ/i7XTO4DaHMalDo1jXx86p59FvsDXNJqRYZZHDvNUXq5Do18Hzor
zMRXHvQc
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:37 2024 by rpki-client on console-ams.rpki-client.org