Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/DSDo9iszIXbcYS5Jc4WFtL6-aIo.roa
File: DSDo9iszIXbcYS5Jc4WFtL6-aIo.roa (raw, json)
Hash identifier: a/QCPlwbH3ajJF0V3SWG6o06t43SVSD2WlV2QxIbqag=
Subject key identifier: 0D:20:E8:F6:2B:33:21:76:DC:61:2E:49:73:85:85:B4:BE:BE:68:8A
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 018B4E74BF84E91E9E3077B54DA71D76CF63
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/DSDo9iszIXbcYS5Jc4WFtL6-aIo.roa
Signing time: Fri 20 Oct 2023 18:59:15 +0000
ROA not before: Fri 20 Oct 2023 18:59:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Oct 2023 04:58:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:74:bf:84:e9:1e:9e:30:77:b5:4d:a7:1d:76:cf:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Oct 20 18:59:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d20e8f62b332176dc612e49738585b4bebe688a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ac:d7:b3:bd:25:7d:49:69:c5:44:12:95:a6:
68:9e:63:4f:f9:d5:17:33:97:bd:77:ea:03:49:3e:
43:53:3e:31:29:00:b7:34:83:e8:77:91:b3:c4:d1:
61:b6:1e:39:dc:92:6b:12:b8:4a:59:c4:83:7d:b9:
d1:75:45:96:8c:c6:32:8a:80:41:0c:f4:3f:cc:c5:
e9:05:ab:d1:39:07:78:96:04:b0:76:9f:cf:6a:37:
e4:8a:b7:91:fb:53:11:81:ba:98:2f:8a:cb:bb:87:
95:fb:d3:93:30:52:38:72:f6:2d:1c:10:36:1e:e9:
ea:81:69:3e:ea:e3:6f:50:5d:23:df:7c:a6:8e:6b:
5c:ba:9e:58:88:aa:57:be:1d:61:fd:2b:03:df:ce:
84:95:a2:64:3b:0b:37:3d:19:d1:cf:cd:ef:2a:85:
da:81:1c:cf:98:0d:32:ed:d6:48:24:57:47:b7:de:
42:c5:1f:66:f4:bd:d3:cf:1e:c7:fa:9a:05:c7:76:
89:53:df:0e:20:fc:39:31:94:a6:64:4b:fd:66:c0:
f2:74:89:4a:c4:b5:6a:5c:19:d6:16:96:83:bc:fe:
b1:82:b5:ac:e1:d3:ed:c5:ec:a2:8c:a5:d1:a7:65:
b9:99:18:1e:b5:61:b1:9c:e0:a8:c9:93:b6:ab:3a:
d2:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:20:E8:F6:2B:33:21:76:DC:61:2E:49:73:85:85:B4:BE:BE:68:8A
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/DSDo9iszIXbcYS5Jc4WFtL6-aIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:44:e3:07:41:34:e2:09:26:af:5e:88:23:27:eb:cd:58:d6:
97:4c:be:fd:c3:93:90:08:a7:a2:5f:28:03:70:26:dd:4d:93:
da:a7:5f:c4:d4:b9:f4:d1:ff:12:ec:33:77:4b:52:95:40:e4:
bf:7f:dc:14:26:c0:7d:1c:a4:70:17:75:38:2d:49:9b:b1:da:
87:cc:c9:c2:10:52:30:19:29:8c:61:0b:ff:49:c3:1e:c8:f6:
d5:a3:e6:ab:e1:24:3d:a7:92:64:5d:39:54:2c:91:85:de:3e:
b6:c8:d3:b3:de:de:75:ac:64:37:69:63:0e:9b:56:e5:ed:85:
d6:fb:e2:a9:c1:fb:12:3c:89:2f:89:1f:9f:24:25:fb:cf:83:
01:ba:22:f4:50:24:48:9d:a3:ca:6d:9b:0a:ba:10:f3:c8:64:
92:6d:67:78:b4:c2:7d:f2:48:4a:1f:ed:18:58:17:44:b1:6b:
18:ba:cf:f5:f3:6a:17:80:bf:ad:1d:7c:aa:54:8a:30:af:ef:
96:aa:62:a1:b6:a6:28:f2:87:fa:6d:9d:d1:53:c0:4e:a4:bc:
bf:92:15:fe:7e:ca:91:d5:83:15:89:80:aa:30:bd:6d:bd:86:
8d:e2:82:ce:70:f6:dc:ba:bc:e3:83:c0:61:33:fa:e2:d5:4a:
5c:08:ca:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtOdL+E6R6eMHe1Tacdds9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjMxMDIwMTg1OTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDIwZThmNjJiMzMyMTc2ZGM2MTJlNDk3Mzg1ODViNGJlYmU2ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjazXs70lfUlpxUQSlaZonmNP+dUX
M5e9d+oDST5DUz4xKQC3NIPod5GzxNFhth453JJrErhKWcSDfbnRdUWWjMYyioBB
DPQ/zMXpBavROQd4lgSwdp/PajfkireR+1MRgbqYL4rLu4eV+9OTMFI4cvYtHBA2
HunqgWk+6uNvUF0j33ymjmtcup5YiKpXvh1h/SsD386ElaJkOws3PRnRz83vKoXa
gRzPmA0y7dZIJFdHt95CxR9m9L3Tzx7H+poFx3aJU98OIPw5MZSmZEv9ZsDydIlK
xLVqXBnWFpaDvP6xgrWs4dPtxeyijKXRp2W5mRgetWGxnOCoyZO2qzrSjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA0g6PYrMyF23GEuSXOFhbS+vmiKMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvRFNEbzlpc3pJWGJjWVM1SmM0V0Z0TDYtYUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQA/ROMHQTTiCSavXogjJ+vNWNaXTL79w5OQCKeiXygD
cCbdTZPap1/E1Ln00f8S7DN3S1KVQOS/f9wUJsB9HKRwF3U4LUmbsdqHzMnCEFIw
GSmMYQv/ScMeyPbVo+ar4SQ9p5JkXTlULJGF3j62yNOz3t51rGQ3aWMOm1bl7YXW
++KpwfsSPIkviR+fJCX7z4MBuiL0UCRInaPKbZsKuhDzyGSSbWd4tMJ98khKH+0Y
WBdEsWsYus/182oXgL+tHXyqVIowr++WqmKhtqYo8of6bZ3RU8BOpLy/khX+fsqR
1YMViYCqML1tvYaN4oLOcPbcurzjg8BhM/ri1UpcCMos
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:30 2024 by rpki-client on console-fra.rpki-client.org