Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/9Gg9vRuSKMWFuPTEH2yVFeqZAdA.roa
File: 9Gg9vRuSKMWFuPTEH2yVFeqZAdA.roa (raw, json)
Hash identifier: dzrzl0xX368GIOhfvIBtKUUOXbA86l9OzqPS9JywGWg=
Subject key identifier: F4:68:3D:BD:1B:92:28:C5:85:B8:F4:C4:1F:6C:95:15:EA:99:01:D0
Certificate issuer: /CN=dee623e2aff7b03afeb94260348c1633b54d9056
Certificate serial: 01856EC23A57771806C427A7D35DF55C6BDD
Authority key identifier: DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/9Gg9vRuSKMWFuPTEH2yVFeqZAdA.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203735
IP address blocks: 194.127.110.0/24 maxlen: 24
194.127.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:3a:57:77:18:06:c4:27:a7:d3:5d:f5:5c:6b:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee623e2aff7b03afeb94260348c1633b54d9056
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4683dbd1b9228c585b8f4c41f6c9515ea9901d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d6:be:da:66:44:b0:c1:89:77:74:9f:b0:fb:
c4:83:72:06:e9:ee:56:62:81:6d:4f:4c:fa:cb:cf:
dc:1e:a8:ad:50:21:c3:04:1a:1e:48:5a:5d:32:2e:
c9:9d:e0:15:49:4e:4e:89:84:7f:1b:11:4a:c4:48:
84:91:ba:e9:a8:c7:8b:be:91:da:c1:7b:df:43:4c:
e8:c3:d6:b5:23:77:4f:f7:a8:69:a4:46:60:a6:f3:
6b:24:1b:cd:a3:c0:4e:10:bc:14:db:99:d9:da:90:
17:bb:52:86:bd:da:bc:b5:0a:29:2b:47:9b:27:74:
58:0f:d0:77:70:62:7a:b8:b5:71:17:00:da:20:8d:
92:09:38:bf:8b:4c:31:b1:33:24:45:85:0c:b3:c0:
22:95:3a:49:13:d2:c0:85:0f:cb:6e:7e:49:cb:f3:
34:93:bd:df:2e:40:87:c8:a2:f4:62:47:ab:2c:7f:
27:d6:82:c5:f1:4c:32:a3:34:ea:65:88:58:39:a6:
7d:70:2c:77:1e:0e:a0:8a:89:16:c5:ad:bf:db:64:
ea:ef:b7:08:a0:11:54:cc:a4:72:f8:0b:e8:a2:77:
a8:fb:6c:03:45:15:02:8a:fb:5c:7f:49:ab:44:90:
e4:c2:9a:87:da:83:01:fb:3a:fa:0e:50:50:ce:1e:
fc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:68:3D:BD:1B:92:28:C5:85:B8:F4:C4:1F:6C:95:15:EA:99:01:D0
X509v3 Authority Key Identifier:
keyid:DE:E6:23:E2:AF:F7:B0:3A:FE:B9:42:60:34:8C:16:33:B5:4D:90:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3uYj4q_3sDr-uUJgNIwWM7VNkFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/9Gg9vRuSKMWFuPTEH2yVFeqZAdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9871ff-3f26-4b94-a464-6cc1d3ea832e/1/3uYj4q_3sDr-uUJgNIwWM7VNkFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.127.108.0/24
194.127.110.0/24
Signature Algorithm: sha256WithRSAEncryption
90:99:43:40:23:81:5f:99:d7:73:c2:72:87:cf:25:e7:57:df:
c9:d2:8c:ab:70:cb:7f:22:4d:b2:8d:af:dc:01:c4:3a:a2:11:
25:02:5f:27:67:95:87:8b:7c:27:f7:fb:37:d8:0a:96:21:99:
82:46:29:9e:fd:0d:5d:91:b6:9b:42:34:ab:69:4c:57:4c:e7:
ca:ff:f5:0e:d2:e3:8c:f4:40:93:14:5d:6e:1b:ea:f0:6f:05:
ce:cf:c5:36:08:b8:f2:27:c0:2d:53:d1:1e:39:39:75:53:a8:
1d:8b:b1:89:03:2e:c8:7e:37:54:e8:2f:87:52:0c:f2:ef:10:
ae:7c:a5:2c:af:f8:cc:f8:a9:86:ac:6a:c1:3b:68:15:09:d1:
cf:61:5a:be:a4:8d:8a:e5:a3:6d:19:f1:e8:72:98:a7:95:00:
ca:95:66:45:ef:97:ea:b5:a4:28:62:bd:20:f6:5e:fe:68:0f:
23:95:8b:cd:4b:2d:ad:f3:8e:95:bb:3f:5a:7b:26:a8:cc:68:
49:11:e6:4e:ab:95:6d:3c:b8:95:0b:65:d7:7c:74:34:71:c1:
34:89:91:d5:8a:d8:d5:96:35:dc:ad:29:fd:82:13:22:a9:19:
06:45:2a:09:46:d0:63:21:4f:bd:29:48:88:7c:6d:c8:45:77:
ee:de:34:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwjpXdxgGxCen0131XGvdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTYyM2UyYWZmN2IwM2FmZWI5NDI2MDM0OGMxNjMzYjU0
ZDkwNTYwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDY4M2RiZDFiOTIyOGM1ODViOGY0YzQxZjZjOTUxNWVhOTkwMWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9a+2mZEsMGJd3SfsPvEg3IG6e5W
YoFtT0z6y8/cHqitUCHDBBoeSFpdMi7JneAVSU5OiYR/GxFKxEiEkbrpqMeLvpHa
wXvfQ0zow9a1I3dP96hppEZgpvNrJBvNo8BOELwU25nZ2pAXu1KGvdq8tQopK0eb
J3RYD9B3cGJ6uLVxFwDaII2SCTi/i0wxsTMkRYUMs8AilTpJE9LAhQ/Lbn5Jy/M0
k73fLkCHyKL0YkerLH8n1oLF8UwyozTqZYhYOaZ9cCx3Hg6giokWxa2/22Tq77cI
oBFUzKRy+Avooneo+2wDRRUCivtcf0mrRJDkwpqH2oMB+zr6DlBQzh78gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPRoPb0bkijFhbj0xB9slRXqmQHQMB8GA1UdIwQY
MBaAFN7mI+Kv97A6/rlCYDSMFjO1TZBWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQt
NmNjMWQzZWE4MzJlLzEvOUdnOXZSdVNLTVdGdVBURUgyeVZGZXFaQWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85ODcxZmYtM2YyNi00Yjk0LWE0NjQtNmNjMWQzZWE4MzJl
LzEvM3VZajRxXzNzRHItdVVKZ05Jd1dNN1ZOa0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwn9sAwQA
wn9uMA0GCSqGSIb3DQEBCwUAA4IBAQCQmUNAI4FfmddzwnKHzyXnV9/J0oyrcMt/
Ik2yja/cAcQ6ohElAl8nZ5WHi3wn9/s32AqWIZmCRime/Q1dkbabQjSraUxXTOfK
//UO0uOM9ECTFF1uG+rwbwXOz8U2CLjyJ8AtU9EeOTl1U6gdi7GJAy7IfjdU6C+H
Ugzy7xCufKUsr/jM+KmGrGrBO2gVCdHPYVq+pI2K5aNtGfHocpinlQDKlWZF75fq
taQoYr0g9l7+aA8jlYvNSy2t846Vuz9aeyaozGhJEeZOq5VtPLiVC2XXfHQ0ccE0
iZHVitjVljXcrSn9ghMiqRkGRSoJRtBjIU+9KUiIfG3IRXfu3jRu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org