Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/DyaFKW3bcGxq8xoeU4P0Jny1vec.roa
File: DyaFKW3bcGxq8xoeU4P0Jny1vec.roa (raw, json)
Hash identifier: HB2dRADiUJRR51U03Z95YFxwM4beUd1cWwxyQ91zkHY=
Subject key identifier: 0F:26:85:29:6D:DB:70:6C:6A:F3:1A:1E:53:83:F4:26:7C:B5:BD:E7
Certificate issuer: /CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Certificate serial: 01856CE60AFD8E5FE016EDA6FC98CD8F1832
Authority key identifier: 54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/DyaFKW3bcGxq8xoeU4P0Jny1vec.roa
Signing time: Sun 01 Jan 2023 10:34:53 +0000
ROA not before: Sun 01 Jan 2023 10:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205809
IP address blocks: 162.208.16.0/24 maxlen: 24
66.203.126.0/23 maxlen: 24
94.24.36.0/23 maxlen: 24
185.206.24.0/22 maxlen: 24
2a0b:e40::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:0a:fd:8e:5f:e0:16:ed:a6:fc:98:cd:8f:18:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Validity
Not Before: Jan 1 10:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f2685296ddb706c6af31a1e5383f4267cb5bde7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:78:e5:b5:8b:27:3d:24:0a:87:1f:19:e1:f8:
38:3a:ef:24:95:90:87:76:a0:f7:fe:2f:bd:f0:f4:
5f:b1:38:0c:16:9b:21:94:08:ba:7c:2b:57:74:ee:
05:67:92:e5:3b:da:ca:cd:76:e0:58:d5:db:dc:2c:
70:0f:b4:84:97:0e:33:0d:14:1c:77:17:f9:e5:0e:
2d:c5:d4:09:11:7b:53:16:0a:46:b8:d7:d3:03:64:
16:1e:84:c1:85:2e:c5:cc:c7:23:b1:5e:dc:6d:ba:
b9:37:d7:e6:2a:c8:53:a3:3d:38:ed:a3:c0:75:79:
b7:76:a1:57:ae:64:a6:45:de:b0:5a:bb:8e:e4:b1:
07:2c:9d:9f:24:a0:67:ab:fd:fa:b6:f5:6f:7b:93:
98:8d:44:a7:bb:09:42:62:27:a7:1e:1c:be:36:34:
1f:4b:c2:d7:56:06:ab:ba:c1:bb:03:27:b3:6b:37:
43:aa:97:c5:8d:95:d2:0a:7f:87:e8:e6:62:e4:14:
d0:80:ce:09:f0:84:95:eb:a4:64:e0:f3:f0:e3:71:
ee:69:b6:0d:64:70:28:27:96:a0:d2:88:97:92:9e:
7d:95:60:a8:68:13:ea:73:79:53:dc:86:8d:cc:19:
aa:9f:7b:fb:35:e0:1e:31:2a:90:b3:5e:38:d2:af:
42:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:26:85:29:6D:DB:70:6C:6A:F3:1A:1E:53:83:F4:26:7C:B5:BD:E7
X509v3 Authority Key Identifier:
keyid:54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/DyaFKW3bcGxq8xoeU4P0Jny1vec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.203.126.0/23
94.24.36.0/23
162.208.16.0/24
185.206.24.0/22
IPv6:
2a0b:e40::/29
Signature Algorithm: sha256WithRSAEncryption
17:04:a3:fe:95:c9:b7:a1:64:bb:3a:4f:5d:a2:8e:79:94:88:
93:70:02:db:9e:21:93:75:7e:d4:a8:20:65:e1:21:b6:c9:8c:
7f:07:a7:49:e7:cb:4f:4c:c3:22:01:2c:9f:34:49:d9:23:90:
04:89:cc:cc:fd:d6:3f:f9:3b:ae:95:87:89:2c:8c:86:03:8c:
1a:3b:29:94:00:99:bd:1e:3b:bf:4c:66:b9:ad:4d:1f:47:8b:
55:d8:a0:9b:bd:37:6d:e2:ba:3e:12:51:37:f3:f5:c9:c7:c2:
48:60:fb:a0:7b:ef:10:89:9b:58:7f:04:73:33:76:34:62:72:
99:84:0e:0a:14:e7:6e:09:be:18:6a:e4:1d:bd:7d:f5:55:a1:
05:e4:12:66:be:e9:91:d7:49:54:b2:45:70:47:68:8d:49:e0:
49:dc:f0:1a:82:15:a4:d8:84:8a:ff:f3:89:b6:0a:4d:b9:31:
d4:b6:2d:5e:ad:38:35:75:ef:48:54:52:13:45:60:39:92:b7:
37:6e:fe:41:c1:7b:9d:88:30:a1:d6:79:e8:3a:f4:7e:26:eb:
b3:2c:49:f3:e3:95:9d:69:52:60:b7:73:65:2a:4a:1b:9e:ee:
0b:ad:23:c5:f3:5d:70:77:36:4b:48:b1:ae:dd:9a:f2:32:62:
e2:26:77:36
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVs5gr9jl/gFu2m/JjNjxgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZjNTQ3NjJjZmU5MmQ3NmMyZjRjNmFmODk5OWNiY2Nm
NmJiNjcwHhcNMjMwMTAxMTAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI2ODUyOTZkZGI3MDZjNmFmMzFhMWU1MzgzZjQyNjdjYjViZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnjltYsnPSQKhx8Z4fg4Ou8klZCH
dqD3/i+98PRfsTgMFpshlAi6fCtXdO4FZ5LlO9rKzXbgWNXb3CxwD7SElw4zDRQc
dxf55Q4txdQJEXtTFgpGuNfTA2QWHoTBhS7FzMcjsV7cbbq5N9fmKshToz047aPA
dXm3dqFXrmSmRd6wWruO5LEHLJ2fJKBnq/36tvVve5OYjUSnuwlCYienHhy+NjQf
S8LXVgarusG7AyezazdDqpfFjZXSCn+H6OZi5BTQgM4J8ISV66Rk4PPw43HuabYN
ZHAoJ5ag0oiXkp59lWCoaBPqc3lT3IaNzBmqn3v7NeAeMSqQs1440q9CrQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFA8mhSlt23BsavMaHlOD9CZ8tb3nMB8GA1UdIwQY
MBaAFFQfxUdiz+ktdsL0xq+JmcvM9rtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEt
OGJjODI1YzNhMzI0LzEvRHlhRktXM2JjR3hxOHhvZVU0UDBKbnkxdmVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEtOGJjODI1YzNhMzI0
LzEvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBQst+AwQB
XhgkAwQAotAQAwQCuc4YMA0EAgACMAcDBQMqCw5AMA0GCSqGSIb3DQEBCwUAA4IB
AQAXBKP+lcm3oWS7Ok9doo55lIiTcALbniGTdX7UqCBl4SG2yYx/B6dJ58tPTMMi
ASyfNEnZI5AEiczM/dY/+TuulYeJLIyGA4waOymUAJm9Hju/TGa5rU0fR4tV2KCb
vTdt4ro+ElE38/XJx8JIYPuge+8QiZtYfwRzM3Y0YnKZhA4KFOduCb4YauQdvX31
VaEF5BJmvumR10lUskVwR2iNSeBJ3PAaghWk2ISK//OJtgpNuTHUti1erTg1de9I
VFITRWA5krc3bv5BwXudiDCh1nnoOvR+JuuzLEnz45WdaVJgt3NlKkobnu4LrSPF
811wdzZLSLGu3ZryMmLiJnc2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:23 2024 by rpki-client on console-fra.rpki-client.org