Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/DGnCyfpv4RMEEyWISzw2MYMKL84.roa
File: DGnCyfpv4RMEEyWISzw2MYMKL84.roa (raw, json)
Hash identifier: gk2c+Y+YVQkjH1jJ06emqp1zjddMDfxfIHNhFvWL034=
Subject key identifier: 0C:69:C2:C9:FA:6F:E1:13:04:13:25:88:4B:3C:36:31:83:0A:2F:CE
Certificate issuer: /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial: 01856CF86FE981222BEE36BDE509FFBF8A3E
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/DGnCyfpv4RMEEyWISzw2MYMKL84.roa
Signing time: Sun 01 Jan 2023 10:54:59 +0000
ROA not before: Sun 01 Jan 2023 10:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42
IP address blocks: 194.0.36.0/24 maxlen: 24
2001:678:4c::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:6f:e9:81:22:2b:ee:36:bd:e5:09:ff:bf:8a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Validity
Not Before: Jan 1 10:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c69c2c9fa6fe113041325884b3c3631830a2fce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d6:2a:74:d4:32:42:c0:68:65:07:db:e0:10:
11:2b:6b:35:c5:48:b1:fa:cb:e9:7c:55:df:d6:9d:
e9:70:2d:ef:b0:ab:7c:b6:f8:37:6f:44:20:ff:fd:
a2:0f:a9:40:07:17:5c:da:36:09:57:20:46:10:aa:
62:47:28:75:5d:39:5b:5a:c5:a4:5d:bd:48:a4:a5:
bf:ff:25:8d:3f:c2:3b:30:c7:b9:61:11:17:14:94:
9e:1d:d9:0d:50:0a:5d:ae:8c:b0:0e:35:e7:c6:e5:
91:81:47:cd:51:27:35:36:6d:ce:74:46:44:92:5f:
5d:c0:af:f7:57:46:8c:c7:b7:fb:21:5e:56:1f:55:
3c:29:1d:61:cd:c4:c3:70:58:32:73:6d:60:5f:26:
3e:48:d5:5f:e3:cd:58:91:ca:ca:97:37:a9:79:c8:
cb:d4:d6:f2:da:ba:46:9c:9d:c5:63:a3:a7:d3:b8:
b1:e4:e3:75:47:df:4b:ca:5d:2f:05:43:3b:17:c4:
02:ad:aa:a3:3b:53:1c:47:c3:59:79:46:17:12:01:
0f:fd:26:6f:ad:b9:07:6b:ca:88:c9:4f:e9:44:ab:
93:f6:03:10:4c:eb:c8:69:0f:ab:28:b2:0a:98:36:
c4:73:e1:48:1c:4e:6f:48:74:35:8c:75:69:a0:b5:
66:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:69:C2:C9:FA:6F:E1:13:04:13:25:88:4B:3C:36:31:83:0A:2F:CE
X509v3 Authority Key Identifier:
keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/DGnCyfpv4RMEEyWISzw2MYMKL84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.36.0/24
IPv6:
2001:678:4c::/48
Signature Algorithm: sha256WithRSAEncryption
8f:50:39:b8:03:5d:7c:de:90:7f:6d:8d:67:32:7e:1d:77:74:
e6:e2:e3:a2:42:b5:2e:3b:2f:b2:ab:1d:27:d8:de:7b:78:16:
c2:2a:ff:5f:88:67:d1:e7:bb:76:3e:fa:95:41:4b:94:c3:26:
03:8f:51:c7:bd:b6:de:cf:56:60:66:fa:58:f6:8f:a3:c2:78:
58:01:6a:2b:66:6a:48:fd:60:ae:99:93:1f:02:db:7b:a7:34:
fd:ed:b1:f3:27:9f:2b:2b:01:fb:77:43:19:fc:d0:66:cb:08:
33:ef:c0:31:43:8e:b3:fb:17:bf:fa:a1:bc:98:5a:ec:78:2f:
a7:1d:cd:09:46:76:b5:d2:0e:b9:71:6d:9b:eb:89:d2:f1:6b:
5f:3d:e0:9f:2a:e1:9e:1d:cf:af:5a:26:44:20:32:b0:0d:60:
63:03:07:b6:2c:f5:93:2f:7d:8f:fa:12:97:ea:9f:a0:0b:52:
34:16:cf:f1:6f:bc:5a:c6:06:78:22:1c:da:a9:1a:ee:98:63:
3a:65:7d:96:c8:ab:f5:fc:61:96:8f:98:d8:c2:f6:23:98:ce:
f8:f4:eb:28:93:00:81:84:1f:84:3e:2f:49:47:8e:bb:d1:44:
8d:b5:b3:3b:b8:8e:9e:ee:8c:9e:2a:a8:07:f8:74:d4:08:3f:
d4:4f:31:db
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs+G/pgSIr7ja95Qn/v4o+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQzYzBiNjQxNGM5Yzg2ZTNjOTRhNzE0ZGZiMjY5Y2I1
ZTkxNjkwHhcNMjMwMTAxMTA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzY5YzJjOWZhNmZlMTEzMDQxMzI1ODg0YjNjMzYzMTgzMGEyZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9YqdNQyQsBoZQfb4BARK2s1xUix
+svpfFXf1p3pcC3vsKt8tvg3b0Qg//2iD6lABxdc2jYJVyBGEKpiRyh1XTlbWsWk
Xb1IpKW//yWNP8I7MMe5YREXFJSeHdkNUApdroywDjXnxuWRgUfNUSc1Nm3OdEZE
kl9dwK/3V0aMx7f7IV5WH1U8KR1hzcTDcFgyc21gXyY+SNVf481YkcrKlzepecjL
1Nby2rpGnJ3FY6On07ix5ON1R99Lyl0vBUM7F8QCraqjO1McR8NZeUYXEgEP/SZv
rbkHa8qIyU/pRKuT9gMQTOvIaQ+rKLIKmDbEc+FIHE5vSHQ1jHVpoLVmUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAxpwsn6b+ETBBMliEs8NjGDCi/OMB8GA1UdIwQY
MBaAFF6NPAtkFMnIbjyUpxTfsmnLXpFpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAt
MjM0MzA5NTA2MDljLzEvREduQ3lmcHY0Uk1FRXlXSVN6dzJNWU1LTDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9lYzM1MzEtODJmOC00YjRkLWI1OTAtMjM0MzA5NTA2MDlj
LzEvWG8wOEMyUVV5Y2h1UEpTbkZOLXlhY3Rla1drLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwgAkMA8E
AgACMAkDBwAgAQZ4AEwwDQYJKoZIhvcNAQELBQADggEBAI9QObgDXXzekH9tjWcy
fh13dObi46JCtS47L7KrHSfY3nt4FsIq/1+IZ9Hnu3Y++pVBS5TDJgOPUce9tt7P
VmBm+lj2j6PCeFgBaitmakj9YK6Zkx8C23unNP3tsfMnnysrAft3Qxn80GbLCDPv
wDFDjrP7F7/6obyYWux4L6cdzQlGdrXSDrlxbZvridLxa1894J8q4Z4dz69aJkQg
MrANYGMDB7Ys9ZMvfY/6Epfqn6ALUjQWz/FvvFrGBngiHNqpGu6YYzplfZbIq/X8
YZaPmNjC9iOYzvj06yiTAIGEH4Q+L0lHjrvRRI21szu4jp7ujJ4qqAf4dNQIP9RP
Mds=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:50 2024 by rpki-client on console-ams.rpki-client.org