Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D3kDWjHJtGPfBDW4w8RuBzZwqSo.roa
File: D3kDWjHJtGPfBDW4w8RuBzZwqSo.roa (raw, json)
Hash identifier: 97wFok0xBY7KYgXiJHnDjJn2Ro/BEaWxQSazNr3Dvv8=
Subject key identifier: 0F:79:03:5A:31:C9:B4:63:DF:04:35:B8:C3:C4:6E:07:36:70:A9:2A
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018AD227EFCC62038DB9D4AF0A00FC580138
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D3kDWjHJtGPfBDW4w8RuBzZwqSo.roa
Signing time: Tue 26 Sep 2023 15:42:27 +0000
ROA not before: Tue 26 Sep 2023 15:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43641
IP address blocks: 217.25.3.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:27:ef:cc:62:03:8d:b9:d4:af:0a:00:fc:58:01:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 26 15:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f79035a31c9b463df0435b8c3c46e073670a92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:bd:29:2a:9e:4d:26:54:8b:dc:59:f4:19:ce:
e1:da:95:d9:a9:e9:6c:32:e0:ea:cd:15:50:0a:0d:
37:2a:32:c4:42:ee:d2:3f:aa:c2:25:92:de:df:8c:
e6:19:b1:95:7e:d1:74:42:75:5f:8e:20:43:32:b0:
5b:f9:52:75:2f:4e:59:36:e4:0b:00:74:77:d3:65:
19:ee:94:72:60:8a:66:ec:19:b6:d3:2f:ba:f8:46:
c8:ba:02:e2:b2:41:56:15:72:5b:12:c4:6e:96:38:
d5:b1:90:03:6c:e0:81:3c:43:5e:6c:39:2e:18:6f:
fc:df:ff:a9:a3:2c:88:ef:9e:11:e7:36:5c:f2:b1:
e6:7a:75:35:8e:5e:63:d9:3b:6f:c5:c1:22:34:8e:
24:38:21:bf:c5:39:29:20:59:97:13:de:17:c8:7e:
47:c0:85:f0:b9:a3:78:dd:08:72:2f:72:b4:83:23:
be:a6:85:92:5b:8d:15:7e:55:ab:67:ac:3e:03:c0:
39:4d:f0:a4:9d:77:f3:f4:f6:87:0d:73:45:22:a3:
fc:7d:2d:04:32:96:57:06:8e:39:29:33:7b:aa:b4:
14:b4:07:77:a5:e7:9e:2c:55:ac:fe:d2:38:03:8c:
fb:9c:af:57:76:90:98:55:5b:34:a7:13:62:a7:af:
60:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:79:03:5A:31:C9:B4:63:DF:04:35:B8:C3:C4:6E:07:36:70:A9:2A
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D3kDWjHJtGPfBDW4w8RuBzZwqSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.3.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:f6:95:4c:a9:ba:ce:dc:07:a1:e2:da:6b:95:2c:cb:7e:8c:
4a:a4:92:74:26:d5:ae:9d:af:5f:2b:bf:d1:8c:f9:f8:bc:e1:
fa:a7:22:ce:8b:07:8c:7b:f1:38:2b:85:6a:cd:e9:cf:88:74:
5b:79:cd:3a:92:b7:b7:99:28:ed:be:0c:29:fe:ee:cc:94:76:
0e:05:31:cd:d0:4d:37:92:2c:be:13:53:f1:89:65:73:cf:61:
bd:d7:91:ed:af:29:2a:2a:13:4f:25:62:36:7a:16:16:14:d0:
fa:99:9b:d3:5c:48:13:38:63:32:82:87:ea:0a:b9:45:d3:b3:
61:04:3c:94:70:e0:69:da:9f:ff:e7:45:93:78:99:98:84:37:
98:95:7e:bf:ce:3d:37:e3:09:4e:c5:16:7d:3e:d2:99:27:08:
f2:fd:75:38:43:e5:b9:b3:9f:dc:55:dd:ae:81:71:60:3e:56:
d3:bc:5a:b9:fd:2e:cb:12:6e:4a:19:7f:bb:bf:f5:86:aa:6b:
d9:10:ea:41:e0:28:c6:fb:dc:38:1c:f7:f2:28:cf:6e:d1:06:
34:06:8a:0c:7c:67:4a:b6:92:ee:57:9e:7f:22:4a:f3:b9:12:
25:50:bc:cc:8b:e1:1a:8e:d7:4c:6f:fb:db:32:bc:e2:f1:be:
02:97:b7:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrSJ+/MYgONudSvCgD8WAE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMwOTI2MTU0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjc5MDM1YTMxYzliNDYzZGYwNDM1YjhjM2M0NmUwNzM2NzBhOTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtL0pKp5NJlSL3Fn0Gc7h2pXZqels
MuDqzRVQCg03KjLEQu7SP6rCJZLe34zmGbGVftF0QnVfjiBDMrBb+VJ1L05ZNuQL
AHR302UZ7pRyYIpm7Bm20y+6+EbIugLiskFWFXJbEsRuljjVsZADbOCBPENebDku
GG/83/+poyyI754R5zZc8rHmenU1jl5j2TtvxcEiNI4kOCG/xTkpIFmXE94XyH5H
wIXwuaN43QhyL3K0gyO+poWSW40VflWrZ6w+A8A5TfCknXfz9PaHDXNFIqP8fS0E
MpZXBo45KTN7qrQUtAd3peeeLFWs/tI4A4z7nK9XdpCYVVs0pxNip69gGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA95A1oxybRj3wQ1uMPEbgc2cKkqMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvRDNrRFdqSEp0R1BmQkRXNHc4UnVCelp3cVNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkDMA0G
CSqGSIb3DQEBCwUAA4IBAQAc9pVMqbrO3Aeh4tprlSzLfoxKpJJ0JtWuna9fK7/R
jPn4vOH6pyLOiweMe/E4K4VqzenPiHRbec06kre3mSjtvgwp/u7MlHYOBTHN0E03
kiy+E1PxiWVzz2G915HtrykqKhNPJWI2ehYWFND6mZvTXEgTOGMygofqCrlF07Nh
BDyUcOBp2p//50WTeJmYhDeYlX6/zj034wlOxRZ9PtKZJwjy/XU4Q+W5s5/cVd2u
gXFgPlbTvFq5/S7LEm5KGX+7v/WGqmvZEOpB4CjG+9w4HPfyKM9u0QY0BooMfGdK
tpLuV55/IkrzuRIlULzMi+EajtdMb/vbMrzi8b4Cl7dW
-----END CERTIFICATE-----
Generated at Fri Oct 20 14:03:10 2023 by rpki-client on console-fra.rpki-client.org