Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CNiAwlReh3_ofemOCWz4vUdfw_s.roa
File: CNiAwlReh3_ofemOCWz4vUdfw_s.roa (raw, json)
Hash identifier: 3M0Lsun/9xpyT6uev/MP+wnwe1GVa2VYsm4Blq7irJU=
Subject key identifier: 08:D8:80:C2:54:5E:87:7F:E8:7D:E9:8E:09:6C:F8:BD:47:5F:C3:FB
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 01856D0AC9B5A1E82185CC54768AC5134100
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CNiAwlReh3_ofemOCWz4vUdfw_s.roa
Signing time: Sun 01 Jan 2023 11:15:01 +0000
ROA not before: Sun 01 Jan 2023 11:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8839
IP address blocks: 213.245.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:c9:b5:a1:e8:21:85:cc:54:76:8a:c5:13:41:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 11:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08d880c2545e877fe87de98e096cf8bd475fc3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:2f:dc:ec:d0:52:c1:ae:16:a9:7c:31:1a:
87:9e:68:c9:93:54:eb:32:5a:fb:25:5e:33:ea:c5:
38:19:50:c7:c2:0a:e5:a0:31:14:a9:91:51:1c:c7:
22:0f:99:e9:1c:e7:fd:d4:82:3b:56:75:52:74:0f:
68:91:89:b4:23:9a:13:93:5a:14:66:4f:3a:05:2e:
9b:f2:2d:75:32:6c:66:04:ea:3f:86:cb:20:4e:80:
be:37:7f:07:17:07:c3:dc:cd:a5:32:31:f1:6b:23:
34:23:56:b4:38:60:c4:12:62:8b:4e:85:37:75:cb:
6a:4d:1a:5f:93:f0:92:f2:c3:47:f2:3d:b6:cc:8c:
82:37:c6:b7:fe:dd:d8:9d:7e:44:50:b6:a9:3e:97:
27:11:ef:e6:0c:ba:9a:76:00:3e:34:7a:a9:00:25:
6f:c7:be:50:4f:73:cf:70:c5:bb:48:7a:3e:ba:8f:
2f:86:fc:2c:d6:4f:e3:6f:68:f2:2d:ba:28:1a:dc:
d7:24:9b:18:61:2e:28:ff:fe:02:33:74:36:cd:b4:
3c:4c:50:d1:fa:ab:67:9f:a6:10:cf:b8:59:63:21:
2b:ce:2e:38:df:f1:02:19:02:8a:89:f2:ad:fb:a5:
49:26:d3:b3:11:ff:43:f4:28:a6:46:15:3f:68:cb:
d0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D8:80:C2:54:5E:87:7F:E8:7D:E9:8E:09:6C:F8:BD:47:5F:C3:FB
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/CNiAwlReh3_ofemOCWz4vUdfw_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.245.2.0/24
Signature Algorithm: sha256WithRSAEncryption
83:3f:4d:ac:9d:4e:cd:8a:be:75:d6:c0:35:63:ee:09:64:a1:
3a:0a:1d:25:84:c0:0c:51:27:c6:81:37:a1:76:b1:54:f4:53:
ac:bb:58:bd:24:3b:d3:57:1d:af:12:f8:5a:80:5f:44:a8:cf:
69:59:2d:a8:55:f7:cd:68:a4:03:43:a5:f6:17:2c:17:6a:91:
3c:df:fd:88:2b:ce:40:42:72:36:85:48:51:77:77:72:ea:dc:
e7:0e:6a:0a:1e:d3:e3:56:09:d4:50:b7:d7:00:07:9f:0e:47:
48:a1:a6:b3:82:9e:c0:00:b3:90:9d:44:21:3c:df:d4:85:fd:
39:53:ba:8e:b1:c5:7d:bd:f7:42:bf:81:f7:d6:00:e4:b3:f8:
7d:23:ba:82:00:5b:9c:70:e0:9c:10:d0:e3:35:7d:5f:9f:2e:
f2:75:4a:64:df:99:7d:b7:24:6a:c9:d4:58:c5:9b:5e:b1:b2:
63:cf:f5:13:09:1e:9c:1a:06:a3:97:86:86:7c:28:34:df:1b:
c6:e9:94:eb:2d:34:48:76:de:f1:1d:ff:a3:20:71:60:99:d1:
34:c1:ef:56:7d:98:71:82:64:0d:46:2d:1d:30:a3:b9:45:42:
bf:ec:1a:d4:db:ce:5f:75:5c:0d:2d:49:6c:6f:6e:08:44:76:
11:a0:20:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCsm1oeghhcxUdorFE0EAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjMwMTAxMTExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQ4ODBjMjU0NWU4NzdmZTg3ZGU5OGUwOTZjZjhiZDQ3NWZjM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonwv3OzQUsGuFql8MRqHnmjJk1Tr
Mlr7JV4z6sU4GVDHwgrloDEUqZFRHMciD5npHOf91II7VnVSdA9okYm0I5oTk1oU
Zk86BS6b8i11MmxmBOo/hssgToC+N38HFwfD3M2lMjHxayM0I1a0OGDEEmKLToU3
dctqTRpfk/CS8sNH8j22zIyCN8a3/t3YnX5EULapPpcnEe/mDLqadgA+NHqpACVv
x75QT3PPcMW7SHo+uo8vhvws1k/jb2jyLbooGtzXJJsYYS4o//4CM3Q2zbQ8TFDR
+qtnn6YQz7hZYyErzi443/ECGQKKifKt+6VJJtOzEf9D9CimRhU/aMvQRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjYgMJUXod/6H3pjgls+L1HX8P7MB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvQ05pQXdsUmVoM19vZmVtT0NXejR2VWRmd19zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1fUCMA0G
CSqGSIb3DQEBCwUAA4IBAQCDP02snU7Nir511sA1Y+4JZKE6Ch0lhMAMUSfGgTeh
drFU9FOsu1i9JDvTVx2vEvhagF9EqM9pWS2oVffNaKQDQ6X2FywXapE83/2IK85A
QnI2hUhRd3dy6tznDmoKHtPjVgnUULfXAAefDkdIoaazgp7AALOQnUQhPN/Uhf05
U7qOscV9vfdCv4H31gDks/h9I7qCAFuccOCcENDjNX1fny7ydUpk35l9tyRqydRY
xZtesbJjz/UTCR6cGgajl4aGfCg03xvG6ZTrLTRIdt7xHf+jIHFgmdE0we9WfZhx
gmQNRi0dMKO5RUK/7BrU285fdVwNLUlsb24IRHYRoCBf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org