Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/CSCvrdG5ZyyFte2YD0RKmYtTy24.roa
File: CSCvrdG5ZyyFte2YD0RKmYtTy24.roa (raw, json)
Hash identifier: yEfDZF75dXvajbc7b3I2BkoiliaMcTdlyVCOTZbf3u0=
Subject key identifier: 09:20:AF:AD:D1:B9:67:2C:85:B5:ED:98:0F:44:4A:99:8B:53:CB:6E
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 018CC94E1D8E6C8DFD6CB6074E9FE968E457
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/CSCvrdG5ZyyFte2YD0RKmYtTy24.roa
Signing time: Tue 02 Jan 2024 08:33:08 +0000
ROA not before: Tue 02 Jan 2024 08:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5650
IP address blocks: 46.253.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 09 Jan 2024 11:54:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:1d:8e:6c:8d:fd:6c:b6:07:4e:9f:e9:68:e4:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jan 2 08:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0920afadd1b9672c85b5ed980f444a998b53cb6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0e:78:af:ac:33:4a:95:3b:e7:0f:6d:29:f6:
bd:bb:dc:a8:76:c0:4c:2b:90:3e:8b:45:e9:18:7b:
b4:bf:d2:eb:94:ec:f8:93:de:2a:32:07:54:a2:dd:
f8:37:a3:f8:2e:d6:83:57:07:ab:d2:fe:d1:8c:6c:
6f:f5:fb:78:25:3b:1b:09:60:4e:bc:ed:88:d9:65:
67:50:75:ec:4b:47:aa:ad:01:bc:b5:5c:8c:32:04:
82:13:b9:1c:96:ec:44:68:ba:bf:0f:3f:11:e2:7f:
bd:6e:fe:30:2e:08:c9:5a:77:f9:d7:51:c4:12:d7:
6c:ac:76:f8:a4:90:b7:5d:fc:f5:93:d8:a6:81:de:
d1:20:74:4f:63:12:09:78:ba:53:11:03:45:4b:49:
8f:ce:aa:d7:38:6a:89:21:5f:2d:22:96:66:b5:c1:
b3:b7:50:b5:34:b8:7c:9a:9e:87:57:36:2c:a7:7c:
de:f2:5d:c2:0f:52:d6:1b:b1:65:89:08:17:92:0a:
3d:f1:e8:03:46:80:95:8f:9a:37:4c:11:35:01:d5:
2e:85:36:8a:7d:57:f1:90:2d:b8:14:52:9a:9b:5e:
6f:fc:23:33:5a:50:2b:83:9f:39:10:dc:ca:e0:04:
4d:d3:08:a6:c2:0b:01:93:ef:66:46:86:ae:46:49:
da:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:20:AF:AD:D1:B9:67:2C:85:B5:ED:98:0F:44:4A:99:8B:53:CB:6E
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/CSCvrdG5ZyyFte2YD0RKmYtTy24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/21
Signature Algorithm: sha256WithRSAEncryption
de:3a:9e:19:f8:42:be:af:14:02:11:aa:d3:61:87:f4:8d:05:
0e:6b:04:d2:fb:04:d4:af:71:6d:dd:81:b2:3e:ef:1f:2b:a6:
fc:7a:48:19:02:25:7b:76:89:cf:39:6a:a3:f2:6b:e5:e3:53:
3a:f3:35:39:0b:cb:97:f7:c0:c1:6c:a7:87:f1:00:c0:e1:f3:
a1:31:a4:07:8a:ee:78:4a:fd:0f:da:22:b8:d6:fa:3f:ee:1c:
1f:6f:31:d2:3e:02:09:b7:64:50:13:62:9a:6c:cf:4f:77:91:
e6:ea:62:e4:65:47:b8:28:df:bf:cb:d7:a6:bc:8e:69:82:91:
56:0a:58:a0:e8:38:80:78:58:f4:0e:e1:c7:06:c8:cd:f2:92:
45:69:17:34:b8:c5:e2:ee:fd:2a:6c:f5:ef:d7:91:45:f8:57:
15:31:47:82:c8:d8:cd:d2:47:10:7e:69:42:74:cb:e9:9a:61:
85:cb:71:21:91:7f:e8:8e:73:f3:ba:85:60:cb:6d:99:69:55:
d9:4d:41:e0:d3:13:79:38:46:fd:f3:cc:dc:8b:39:2c:bb:13:
fd:3c:52:0f:6b:ac:69:79:e0:a6:57:e5:d5:45:bd:3b:e7:9e:
f6:0b:a5:46:cb:6e:31:d5:2f:07:88:8e:f4:45:70:f1:db:ae:
1e:f2:0e:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTh2ObI39bLYHTp/paORXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjQwMTAyMDgzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTIwYWZhZGQxYjk2NzJjODViNWVkOTgwZjQ0NGE5OThiNTNjYjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA54r6wzSpU75w9tKfa9u9yodsBM
K5A+i0XpGHu0v9LrlOz4k94qMgdUot34N6P4LtaDVwer0v7RjGxv9ft4JTsbCWBO
vO2I2WVnUHXsS0eqrQG8tVyMMgSCE7kcluxEaLq/Dz8R4n+9bv4wLgjJWnf511HE
EtdsrHb4pJC3Xfz1k9imgd7RIHRPYxIJeLpTEQNFS0mPzqrXOGqJIV8tIpZmtcGz
t1C1NLh8mp6HVzYsp3ze8l3CD1LWG7FliQgXkgo98egDRoCVj5o3TBE1AdUuhTaK
fVfxkC24FFKam15v/CMzWlArg585ENzK4ARN0wimwgsBk+9mRoauRkna7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAkgr63RuWcshbXtmA9ESpmLU8tuMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvQ1NDdnJkRzVaeXlGdGUyWUQwUkttWXRUeTI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv1QMA0G
CSqGSIb3DQEBCwUAA4IBAQDeOp4Z+EK+rxQCEarTYYf0jQUOawTS+wTUr3Ft3YGy
Pu8fK6b8ekgZAiV7donPOWqj8mvl41M68zU5C8uX98DBbKeH8QDA4fOhMaQHiu54
Sv0P2iK41vo/7hwfbzHSPgIJt2RQE2KabM9Pd5Hm6mLkZUe4KN+/y9emvI5pgpFW
Clig6DiAeFj0DuHHBsjN8pJFaRc0uMXi7v0qbPXv15FF+FcVMUeCyNjN0kcQfmlC
dMvpmmGFy3EhkX/ojnPzuoVgy22ZaVXZTUHg0xN5OEb988zcizksuxP9PFIPa6xp
eeCmV+XVRb075572C6VGy24x1S8HiI70RXDx264e8g7W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:17 2024 by rpki-client on console-fra.rpki-client.org