Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/DLgHeX4nE6OBhaZvzuytvSX_LwM.roa
File: DLgHeX4nE6OBhaZvzuytvSX_LwM.roa (raw, json)
Hash identifier: yf68iZ817IjeLb4ULtNWX67YOIMIPZuS33J9ONZpVDY=
Subject key identifier: 0C:B8:07:79:7E:27:13:A3:81:85:A6:6F:CE:EC:AD:BD:25:FF:2F:03
Certificate issuer: /CN=dd48d508215340eac0f14f0b74749d1c8ec9f566
Certificate serial: 01857067347E1BDF5153D21C919A8478AA8F
Authority key identifier: DD:48:D5:08:21:53:40:EA:C0:F1:4F:0B:74:74:9D:1C:8E:C9:F5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3UjVCCFTQOrA8U8LdHSdHI7J9WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/DLgHeX4nE6OBhaZvzuytvSX_LwM.roa
Signing time: Mon 02 Jan 2023 02:54:49 +0000
ROA not before: Mon 02 Jan 2023 02:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39294
IP address blocks: 213.5.76.0/22 maxlen: 22
91.234.108.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:34:7e:1b:df:51:53:d2:1c:91:9a:84:78:aa:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd48d508215340eac0f14f0b74749d1c8ec9f566
Validity
Not Before: Jan 2 02:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cb807797e2713a38185a66fceecadbd25ff2f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:80:20:7e:3a:84:5d:d6:2d:fd:5b:d6:44:36:
5a:9e:36:63:95:17:bb:38:df:91:fd:56:01:ae:a6:
99:c4:f8:26:3f:1c:4e:39:8b:5c:4e:87:ae:47:4a:
ea:4e:a3:cb:b5:8d:34:b8:4c:c8:c3:b4:42:cd:a2:
a6:2d:d4:88:73:47:1f:20:00:65:c3:70:96:0a:e3:
0d:c5:e9:df:9c:46:0a:e6:96:96:a8:75:9e:c1:2e:
eb:ab:5f:d6:0c:41:a8:28:56:68:a7:80:42:fc:b3:
b6:f3:5e:ae:4c:50:2d:4c:64:ce:9d:19:dd:bd:99:
b1:20:6b:96:35:13:8c:e3:74:92:8d:cc:84:ea:05:
8b:80:98:75:d4:0f:db:6f:9a:83:18:f0:ad:20:a3:
d7:b3:13:81:52:80:ba:2f:89:67:00:d0:1c:48:7c:
3d:9e:48:14:94:f5:4e:c4:7d:a2:76:d3:60:ad:ce:
2c:f9:f8:1f:7f:09:45:f7:45:61:e5:e7:79:a4:6f:
4f:c2:35:e6:aa:61:f8:c0:40:7f:8c:c5:df:d7:82:
8e:d9:5a:46:ad:1c:2a:6b:be:25:5d:eb:91:d3:63:
e8:02:55:19:c5:f4:e8:98:3d:9d:86:ab:d7:7e:24:
52:4a:df:79:13:c1:05:2e:fb:b6:da:8a:3c:fd:c9:
ab:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B8:07:79:7E:27:13:A3:81:85:A6:6F:CE:EC:AD:BD:25:FF:2F:03
X509v3 Authority Key Identifier:
keyid:DD:48:D5:08:21:53:40:EA:C0:F1:4F:0B:74:74:9D:1C:8E:C9:F5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3UjVCCFTQOrA8U8LdHSdHI7J9WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/DLgHeX4nE6OBhaZvzuytvSX_LwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/ba16ba-a8c8-442a-bab9-45e4740023db/1/3UjVCCFTQOrA8U8LdHSdHI7J9WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.234.108.0/22
213.5.76.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:6f:8b:a2:49:bd:4e:d8:5f:5f:78:4a:89:cc:0b:56:0a:88:
d5:ad:5d:4a:d8:af:e0:85:b8:8d:64:af:c8:29:8c:0b:bb:80:
0a:ca:65:dc:43:b5:f8:21:ce:f3:17:59:29:11:c3:1b:d2:38:
1c:ec:b3:91:f6:77:78:5a:2e:64:58:1d:b4:2f:61:c8:69:f8:
3c:2f:11:20:75:b2:4a:f5:78:b6:3b:69:5a:ba:e6:95:c5:78:
64:0a:2d:4a:8b:4b:80:d8:25:83:76:4f:2d:d2:be:0e:05:7f:
43:47:97:2a:03:32:a9:18:53:fb:12:f2:a0:44:ef:bf:12:74:
fb:3c:70:0b:d4:74:0b:96:82:3c:89:a3:e8:59:b2:92:ee:65:
7c:15:23:e2:68:c9:54:42:3e:5d:02:ab:db:46:3a:ef:1d:80:
40:db:a0:06:02:e8:3d:35:d2:32:9e:51:f0:94:ad:17:92:bd:
15:f3:37:cc:3a:a1:6a:7a:1f:e9:1c:70:34:e7:c6:54:9a:cf:
bb:c4:4c:14:25:d3:98:39:6f:3a:fa:51:71:d4:6b:d2:be:86:
ca:56:67:12:47:27:56:91:3d:23:ba:fa:bb:7c:a2:8c:67:50:
36:57:5b:d6:c9:c9:66:56:ec:a1:2c:ad:07:e8:e5:09:a8:9c:
83:aa:19:3d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwZzR+G99RU9IckZqEeKqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNDhkNTA4MjE1MzQwZWFjMGYxNGYwYjc0NzQ5ZDFjOGVj
OWY1NjYwHhcNMjMwMTAyMDI1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I4MDc3OTdlMjcxM2EzODE4NWE2NmZjZWVjYWRiZDI1ZmYyZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIAgfjqEXdYt/VvWRDZanjZjlRe7
ON+R/VYBrqaZxPgmPxxOOYtcToeuR0rqTqPLtY00uEzIw7RCzaKmLdSIc0cfIABl
w3CWCuMNxenfnEYK5paWqHWewS7rq1/WDEGoKFZop4BC/LO2816uTFAtTGTOnRnd
vZmxIGuWNROM43SSjcyE6gWLgJh11A/bb5qDGPCtIKPXsxOBUoC6L4lnANAcSHw9
nkgUlPVOxH2idtNgrc4s+fgffwlF90Vh5ed5pG9PwjXmqmH4wEB/jMXf14KO2VpG
rRwqa74lXeuR02PoAlUZxfTomD2dhqvXfiRSSt95E8EFLvu22oo8/cmriQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAy4B3l+JxOjgYWmb87srb0l/y8DMB8GA1UdIwQY
MBaAFN1I1QghU0DqwPFPC3R0nRyOyfVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1VqVkNDRlRRT3JBOFU4TGRIU2RISTdKOVdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9iYTE2YmEtYThjOC00NDJhLWJhYjkt
NDVlNDc0MDAyM2RiLzEvRExnSGVYNG5FNk9CaGFadnp1eXR2U1hfTHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9iYTE2YmEtYThjOC00NDJhLWJhYjktNDVlNDc0MDAyM2Ri
LzEvM1VqVkNDRlRRT3JBOFU4TGRIU2RISTdKOVdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+psAwQC
1QVMMA0GCSqGSIb3DQEBCwUAA4IBAQCcb4uiSb1O2F9feEqJzAtWCojVrV1K2K/g
hbiNZK/IKYwLu4AKymXcQ7X4Ic7zF1kpEcMb0jgc7LOR9nd4Wi5kWB20L2HIafg8
LxEgdbJK9Xi2O2lauuaVxXhkCi1Ki0uA2CWDdk8t0r4OBX9DR5cqAzKpGFP7EvKg
RO+/EnT7PHAL1HQLloI8iaPoWbKS7mV8FSPiaMlUQj5dAqvbRjrvHYBA26AGAug9
NdIynlHwlK0Xkr0V8zfMOqFqeh/pHHA058ZUms+7xEwUJdOYOW86+lFx1GvSvobK
VmcSRydWkT0juvq7fKKMZ1A2V1vWyclmVuyhLK0H6OUJqJyDqhk9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:38 2024 by rpki-client on console-ams.rpki-client.org