Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/DuKborLXyFPOKUVfYi5-V9ByNdQ.roa
File: DuKborLXyFPOKUVfYi5-V9ByNdQ.roa (raw, json)
Hash identifier: lngqi9J4mVQT99Zlb14K0AztMPzri33bYl5ZrTk30eQ=
Subject key identifier: 0E:E2:9B:A2:B2:D7:C8:53:CE:29:45:5F:62:2E:7E:57:D0:72:35:D4
Certificate issuer: /CN=72c293760a734018cdd2a07f1d8bd54f27df680a
Certificate serial: 01856BAE96DD32B138D0B4C2998AA7522FF8
Authority key identifier: 72:C2:93:76:0A:73:40:18:CD:D2:A0:7F:1D:8B:D5:4F:27:DF:68:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csKTdgpzQBjN0qB_HYvVTyffaAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/DuKborLXyFPOKUVfYi5-V9ByNdQ.roa
Signing time: Sun 01 Jan 2023 04:54:42 +0000
ROA not before: Sun 01 Jan 2023 04:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49014
IP address blocks: 194.107.232.0/21 maxlen: 21
194.107.240.0/21 maxlen: 21
2001:67c:2c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ae:96:dd:32:b1:38:d0:b4:c2:99:8a:a7:52:2f:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c293760a734018cdd2a07f1d8bd54f27df680a
Validity
Not Before: Jan 1 04:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ee29ba2b2d7c853ce29455f622e7e57d07235d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:91:c7:63:1d:ea:a8:29:99:96:76:f8:bb:21:
08:4d:40:54:16:fe:55:e4:66:9d:3d:12:49:fd:c2:
20:c0:21:09:14:cc:37:74:9a:25:0b:44:d6:79:a5:
12:d2:e0:6d:7c:6b:01:07:5b:60:52:93:6a:65:f1:
4d:cb:1b:89:2a:c3:b2:6a:ec:d0:b2:61:20:ec:24:
9f:c8:3b:eb:03:ca:1f:6c:e0:49:3b:85:64:49:3e:
2c:3f:43:17:6f:e2:88:cf:14:57:d6:c6:1c:f3:71:
fe:78:0f:16:b5:60:79:d1:0b:a0:67:92:c4:7e:7c:
18:39:ff:d7:94:51:e1:5b:3a:cb:b2:3b:0c:1f:4c:
48:d2:7b:bc:0b:49:6d:4b:07:1f:29:2e:7d:bb:0e:
a9:bf:52:4d:f0:2f:86:58:b4:3c:35:a7:35:15:a7:
ec:bd:21:c1:13:16:ec:a4:3d:cc:79:7c:6c:d3:ec:
32:20:fb:80:a7:04:76:4c:f1:3e:a6:84:8e:82:fd:
61:2d:63:ef:43:7a:d2:1d:df:27:57:e1:10:63:37:
49:c2:f8:33:db:ff:df:4c:64:9b:50:04:49:89:2c:
16:b6:77:82:d1:62:5b:84:f2:5f:ba:08:ba:c7:ab:
c1:b8:8f:05:b5:32:98:49:4e:45:bb:23:21:a6:16:
43:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:9B:A2:B2:D7:C8:53:CE:29:45:5F:62:2E:7E:57:D0:72:35:D4
X509v3 Authority Key Identifier:
keyid:72:C2:93:76:0A:73:40:18:CD:D2:A0:7F:1D:8B:D5:4F:27:DF:68:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csKTdgpzQBjN0qB_HYvVTyffaAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/DuKborLXyFPOKUVfYi5-V9ByNdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/44aac4-45f4-4d19-8c15-3623b9b50f96/1/csKTdgpzQBjN0qB_HYvVTyffaAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.107.232.0-194.107.247.255
IPv6:
2001:67c:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
67:00:77:19:46:09:dc:f0:79:b5:48:1f:a7:96:a3:46:f4:79:
4c:ab:fe:c4:d3:84:7f:b5:28:5b:2e:0e:84:8c:21:18:4c:ae:
69:bc:3e:f4:04:14:65:26:15:80:f8:4b:40:5a:91:fa:44:fa:
8c:04:1c:7f:4c:80:81:99:4e:58:ca:92:47:9a:de:19:5f:69:
3d:64:b6:16:dc:35:6d:fc:12:26:ee:2b:91:1a:d5:d9:f6:77:
30:ce:00:2a:35:0d:99:f6:81:52:46:96:2e:92:fb:5a:a1:3d:
76:26:51:a0:36:fd:81:34:c8:db:c6:a5:1c:1b:e8:a8:8d:38:
95:70:84:52:60:b3:e9:0c:ad:1f:a5:12:a0:3b:46:47:d8:5b:
90:50:57:f0:46:84:7d:1f:2e:f1:25:b6:9f:4b:0d:f5:76:49:
64:73:e6:32:fe:1e:1f:c7:82:c2:3d:83:91:3a:ab:08:ad:9e:
0b:96:fc:1e:ad:9b:b1:06:f4:f4:c7:33:d7:5f:15:f2:5c:49:
ee:9b:00:8d:94:6d:7f:11:93:9c:95:00:1b:c5:ac:44:f9:1b:
96:20:01:14:38:16:ac:22:bd:62:05:d6:74:84:9d:2c:f8:eb:
9c:f6:98:0f:f0:00:5d:e4:ee:d7:a7:15:d5:0a:fc:95:47:e0:
76:ae:85:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVrrpbdMrE40LTCmYqnUi/4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI5Mzc2MGE3MzQwMThjZGQyYTA3ZjFkOGJkNTRmMjdk
ZjY4MGEwHhcNMjMwMTAxMDQ1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUyOWJhMmIyZDdjODUzY2UyOTQ1NWY2MjJlN2U1N2QwNzIzNWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5HHYx3qqCmZlnb4uyEITUBUFv5V
5GadPRJJ/cIgwCEJFMw3dJolC0TWeaUS0uBtfGsBB1tgUpNqZfFNyxuJKsOyauzQ
smEg7CSfyDvrA8ofbOBJO4VkST4sP0MXb+KIzxRX1sYc83H+eA8WtWB50QugZ5LE
fnwYOf/XlFHhWzrLsjsMH0xI0nu8C0ltSwcfKS59uw6pv1JN8C+GWLQ8Nac1Fafs
vSHBExbspD3MeXxs0+wyIPuApwR2TPE+poSOgv1hLWPvQ3rSHd8nV+EQYzdJwvgz
2//fTGSbUARJiSwWtneC0WJbhPJfugi6x6vBuI8FtTKYSU5FuyMhphZDuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA7im6Ky18hTzilFX2IuflfQcjXUMB8GA1UdIwQY
MBaAFHLCk3YKc0AYzdKgfx2L1U8n32gKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NLVGRncHpRQmpOMHFCX0hZdlZUeWZmYUFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS80NGFhYzQtNDVmNC00ZDE5LThjMTUt
MzYyM2I5YjUwZjk2LzEvRHVLYm9yTFh5RlBPS1VWZllpNS1WOUJ5TmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS80NGFhYzQtNDVmNC00ZDE5LThjMTUtMzYyM2I5YjUwZjk2
LzEvY3NLVGRncHpRQmpOMHFCX0hZdlZUeWZmYUFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAPCa+gD
BAPCa/AwDwQCAAIwCQMHACABBnwCwDANBgkqhkiG9w0BAQsFAAOCAQEAZwB3GUYJ
3PB5tUgfp5ajRvR5TKv+xNOEf7UoWy4OhIwhGEyuabw+9AQUZSYVgPhLQFqR+kT6
jAQcf0yAgZlOWMqSR5reGV9pPWS2Ftw1bfwSJu4rkRrV2fZ3MM4AKjUNmfaBUkaW
LpL7WqE9diZRoDb9gTTI28alHBvoqI04lXCEUmCz6QytH6USoDtGR9hbkFBX8EaE
fR8u8SW2n0sN9XZJZHPmMv4eH8eCwj2DkTqrCK2eC5b8Hq2bsQb09Mcz118V8lxJ
7psAjZRtfxGTnJUAG8WsRPkbliABFDgWrCK9YgXWdISdLPjrnPaYD/AAXeTu16cV
1Qr8lUfgdq6F9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:02 2024 by rpki-client on console-fra.rpki-client.org