Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/CHv_0MZbN279M4JhNXnLYTyrQvE.roa
File: CHv_0MZbN279M4JhNXnLYTyrQvE.roa (raw, json)
Hash identifier: u2zd8M70jMh0juFs5GRnl1lcZdPK9BX+2X7GrEenRaA=
Subject key identifier: 08:7B:FF:D0:C6:5B:37:6E:FD:33:82:61:35:79:CB:61:3C:AB:42:F1
Certificate issuer: /CN=a92b2440a7c7a2dfcf2e4216da8a3bde68b9b898
Certificate serial: 018571D7DD845632D26B7A61F7907EF8DBA1
Authority key identifier: A9:2B:24:40:A7:C7:A2:DF:CF:2E:42:16:DA:8A:3B:DE:68:B9:B8:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qSskQKfHot_PLkIW2oo73mi5uJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/CHv_0MZbN279M4JhNXnLYTyrQvE.roa
Signing time: Mon 02 Jan 2023 09:37:30 +0000
ROA not before: Mon 02 Jan 2023 09:37:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 193.108.238.0/24 maxlen: 24
91.213.13.0/24 maxlen: 24
2001:67c:1064::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:dd:84:56:32:d2:6b:7a:61:f7:90:7e:f8:db:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92b2440a7c7a2dfcf2e4216da8a3bde68b9b898
Validity
Not Before: Jan 2 09:37:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=087bffd0c65b376efd3382613579cb613cab42f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fc:d1:37:45:76:ca:c9:c6:b1:e4:52:85:29:
f8:52:e1:10:35:6a:95:f6:af:01:ed:b3:4d:6f:da:
88:52:59:67:0c:f5:64:3a:23:cc:39:ce:41:78:f9:
0c:76:21:b2:be:3a:e5:1d:68:9c:1f:1d:42:ee:50:
a7:9d:02:48:4d:26:c8:31:eb:b2:2d:ab:7d:20:8e:
a0:b9:5b:85:a1:50:c1:00:88:00:fd:66:36:e0:38:
ae:64:fa:06:95:ed:69:0f:d1:9e:2d:76:97:99:40:
8c:2d:f1:3d:c9:c7:8b:f0:e3:14:6a:52:1a:45:58:
0c:d7:9c:24:48:bf:34:3b:1d:05:ae:4f:da:93:c5:
36:5f:de:fc:be:c8:ae:58:71:ac:ee:07:2b:2e:24:
ea:b6:60:12:80:f8:17:34:43:47:8c:ef:48:48:99:
72:12:e2:29:b4:50:1f:d0:47:d9:33:41:93:4a:57:
69:96:d6:2f:ad:fd:0d:5b:12:9a:7b:69:cb:a0:50:
a0:a6:4d:b5:e1:77:76:8b:fe:a3:2d:4d:2e:7c:1b:
da:18:4b:da:2c:50:dc:ce:30:24:53:84:42:64:c3:
c8:fc:85:61:44:b0:29:1e:26:e3:71:f1:2a:54:ba:
bb:b5:9a:d3:15:21:eb:d3:10:97:29:a8:7e:45:b4:
42:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:FF:D0:C6:5B:37:6E:FD:33:82:61:35:79:CB:61:3C:AB:42:F1
X509v3 Authority Key Identifier:
keyid:A9:2B:24:40:A7:C7:A2:DF:CF:2E:42:16:DA:8A:3B:DE:68:B9:B8:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSskQKfHot_PLkIW2oo73mi5uJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/CHv_0MZbN279M4JhNXnLYTyrQvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/qSskQKfHot_PLkIW2oo73mi5uJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.13.0/24
193.108.238.0/24
IPv6:
2001:67c:1064::/48
Signature Algorithm: sha256WithRSAEncryption
07:dc:c7:0c:1b:32:59:f2:80:02:75:d2:0e:05:b8:cb:37:41:
8d:8e:ef:d0:2d:21:88:bf:32:af:1d:ae:6b:89:a3:24:34:20:
44:43:f5:9e:54:d0:36:9c:7e:b8:15:c6:af:8d:cc:a2:53:3a:
9d:78:e4:01:49:61:1b:30:fb:cc:9e:a1:01:f4:f7:00:9e:65:
5d:c4:f1:2a:05:d8:34:c6:c2:87:bd:4b:8a:20:22:d8:49:33:
b5:51:98:7d:6e:b6:1f:21:d3:e7:9a:49:60:50:cd:a8:8e:2c:
68:c1:25:1d:ad:fb:34:31:02:ab:62:39:28:b5:f8:71:d5:f7:
46:c6:a1:b1:c9:22:81:66:c2:36:50:5d:b6:e7:81:90:0b:3c:
32:75:7c:23:b1:7e:42:91:59:79:a8:b6:ef:16:1e:28:69:0a:
3b:88:ac:7f:ab:ea:8d:f7:9f:b5:a4:72:73:75:0c:26:98:b0:
db:bc:1c:e2:df:94:b8:45:ba:0d:33:80:ca:10:4f:3c:11:15:
d1:5f:ed:34:b5:d2:fd:cb:83:63:f1:df:15:41:07:37:45:41:
3a:2e:3a:56:94:6e:21:78:56:f8:ab:ec:28:35:3d:c5:b2:00:
c1:58:0a:fd:1c:f2:62:b8:d9:2f:60:26:fc:45:38:6d:f0:04:
31:6f:ea:9d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVx192EVjLSa3ph95B++NuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmIyNDQwYTdjN2EyZGZjZjJlNDIxNmRhOGEzYmRlNjhi
OWI4OTgwHhcNMjMwMTAyMDkzNzMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiZmZkMGM2NWIzNzZlZmQzMzgyNjEzNTc5Y2I2MTNjYWI0MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPzRN0V2ysnGseRShSn4UuEQNWqV
9q8B7bNNb9qIUllnDPVkOiPMOc5BePkMdiGyvjrlHWicHx1C7lCnnQJITSbIMeuy
Lat9II6guVuFoVDBAIgA/WY24DiuZPoGle1pD9GeLXaXmUCMLfE9yceL8OMUalIa
RVgM15wkSL80Ox0Frk/ak8U2X978vsiuWHGs7gcrLiTqtmASgPgXNENHjO9ISJly
EuIptFAf0EfZM0GTSldpltYvrf0NWxKae2nLoFCgpk214Xd2i/6jLU0ufBvaGEva
LFDczjAkU4RCZMPI/IVhRLApHibjcfEqVLq7tZrTFSHr0xCXKah+RbRCFwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAh7/9DGWzdu/TOCYTV5y2E8q0LxMB8GA1UdIwQY
MBaAFKkrJECnx6Lfzy5CFtqKO95oubiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNza1FLZkhvdF9QTGtJVzJvbzczbWk1dUpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84OTIxOTMtOWVkOS00NDQ3LTg0MDIt
ZjJjNjdlY2EzZTViLzEvQ0h2XzBNWmJOMjc5TTRKaE5YbkxZVHlyUXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84OTIxOTMtOWVkOS00NDQ3LTg0MDItZjJjNjdlY2EzZTVi
LzEvcVNza1FLZkhvdF9QTGtJVzJvbzczbWk1dUpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9UNAwQA
wWzuMA8EAgACMAkDBwAgAQZ8EGQwDQYJKoZIhvcNAQELBQADggEBAAfcxwwbMlny
gAJ10g4FuMs3QY2O79AtIYi/Mq8drmuJoyQ0IERD9Z5U0DacfrgVxq+NzKJTOp14
5AFJYRsw+8yeoQH09wCeZV3E8SoF2DTGwoe9S4ogIthJM7VRmH1uth8h0+eaSWBQ
zaiOLGjBJR2t+zQxAqtiOSi1+HHV90bGobHJIoFmwjZQXbbngZALPDJ1fCOxfkKR
WXmotu8WHihpCjuIrH+r6o33n7WkcnN1DCaYsNu8HOLflLhFug0zgMoQTzwRFdFf
7TS10v3Lg2Px3xVBBzdFQTouOlaUbiF4Vvir7Cg1PcWyAMFYCv0c8mK42S9gJvxF
OG3wBDFv6p0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:00 2024 by rpki-client on console-fra.rpki-client.org