Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/CVwj9JDuAlgwcoSqXcXE3Ayis1Q.roa
File: CVwj9JDuAlgwcoSqXcXE3Ayis1Q.roa (raw, json)
Hash identifier: 9JbkcXlx2HNbSmMElqtNSHFPf1qleEfEr2DeQtlalks=
Subject key identifier: 09:5C:23:F4:90:EE:02:58:30:72:84:AA:5D:C5:C4:DC:0C:A2:B3:54
Certificate issuer: /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial: 01856E6671B78749E308A88D4D9DCD42080B
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/CVwj9JDuAlgwcoSqXcXE3Ayis1Q.roa
Signing time: Sun 01 Jan 2023 17:34:45 +0000
ROA not before: Sun 01 Jan 2023 17:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20521
IP address blocks: 213.169.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:66:71:b7:87:49:e3:08:a8:8d:4d:9d:cd:42:08:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
Validity
Not Before: Jan 1 17:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=095c23f490ee0258307284aa5dc5c4dc0ca2b354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a2:14:f5:f5:d4:63:9f:bd:e9:e4:99:c8:78:
14:50:ba:dd:f2:d3:a4:4e:d0:a7:b6:99:6b:3f:93:
3a:3d:22:09:a2:fc:f0:89:6b:da:bb:5a:16:bd:27:
05:95:fb:30:cd:1c:21:5b:ae:07:b4:fa:da:34:f0:
5d:c8:d1:ca:14:dd:b5:5d:c9:d1:2e:4f:e5:f2:8d:
33:54:7a:9f:6e:fa:86:4a:6a:fd:28:44:aa:44:97:
2f:b2:ac:2e:fe:bb:89:23:cc:b2:a9:29:9d:00:50:
1f:40:c5:92:c6:41:2f:a8:89:20:d5:27:e7:6f:24:
b2:cc:6c:80:48:60:8c:d9:34:1e:e7:f2:65:35:83:
e4:bc:41:ea:5d:55:08:bc:a6:fb:05:74:ca:b7:00:
9d:a1:2f:44:4b:8d:b6:3d:f1:4c:a2:57:1a:65:b7:
93:9f:7d:5c:5f:7f:ac:b7:64:2d:aa:32:16:d0:ba:
42:95:d5:eb:55:f3:03:64:a4:d4:40:45:0c:6b:84:
75:a1:99:11:f2:79:e0:05:69:64:b5:e1:e6:59:1f:
e2:b4:71:28:48:ae:92:b8:5a:59:c7:54:ee:c6:da:
bf:f9:6e:5f:f6:b5:b0:07:13:2a:b1:d1:6b:fb:de:
c3:ac:b9:ba:b8:f3:9b:70:24:b0:f6:e7:9b:60:80:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5C:23:F4:90:EE:02:58:30:72:84:AA:5D:C5:C4:DC:0C:A2:B3:54
X509v3 Authority Key Identifier:
keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/CVwj9JDuAlgwcoSqXcXE3Ayis1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.169.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:8c:5a:8e:2a:7b:47:21:d5:74:af:80:58:63:62:08:de:29:
53:6c:da:79:c4:8e:4c:15:7d:ed:46:db:cb:30:f9:c6:3d:6c:
d3:66:fd:41:04:9c:3a:c8:3d:0f:e2:fb:98:cf:cf:e7:86:eb:
5e:67:3d:79:91:ee:51:76:ae:a4:3f:fe:96:46:7f:c0:f0:59:
73:ca:27:59:62:e0:64:a4:ef:22:17:c8:fc:6c:40:0f:0b:13:
10:3a:62:67:7e:88:f4:f5:84:12:0a:58:a8:45:a2:15:61:f9:
16:85:f3:f6:9b:59:ca:f2:91:28:49:90:fc:76:8d:11:d3:5f:
7a:90:80:be:86:1e:bb:97:31:1f:04:63:99:2e:1d:cb:58:9d:
23:dd:38:b4:79:2b:dd:5b:92:e0:ea:95:27:5a:09:bb:4a:a1:
f8:8b:8c:47:88:e7:f8:f4:47:93:21:e4:30:89:c0:ec:ab:f2:
a5:13:aa:dd:54:8d:89:15:27:37:da:d6:2b:ae:05:a7:8d:cb:
95:5c:cb:c0:be:b2:d6:45:76:b6:59:23:b3:a1:b4:a3:22:ad:
51:22:8e:bd:95:19:50:f9:14:94:e5:2b:e2:da:1d:ec:a2:7c:
a5:c4:34:ee:f8:21:a3:8f:f8:99:9c:d6:87:7e:c1:46:04:35:
b8:2e:b6:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuZnG3h0njCKiNTZ3NQggLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDQyOTdlOTI3MWM2ZWRmMDY0OTE1ZjYxODBhZTEyNjkw
ZGRhOGIwHhcNMjMwMTAxMTczNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTVjMjNmNDkwZWUwMjU4MzA3Mjg0YWE1ZGM1YzRkYzBjYTJiMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6IU9fXUY5+96eSZyHgUULrd8tOk
TtCntplrP5M6PSIJovzwiWvau1oWvScFlfswzRwhW64HtPraNPBdyNHKFN21XcnR
Lk/l8o0zVHqfbvqGSmr9KESqRJcvsqwu/ruJI8yyqSmdAFAfQMWSxkEvqIkg1Sfn
bySyzGyASGCM2TQe5/JlNYPkvEHqXVUIvKb7BXTKtwCdoS9ES422PfFMolcaZbeT
n31cX3+st2QtqjIW0LpCldXrVfMDZKTUQEUMa4R1oZkR8nngBWlkteHmWR/itHEo
SK6SuFpZx1Tuxtq/+W5f9rWwBxMqsdFr+97DrLm6uPObcCSw9uebYIABgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlcI/SQ7gJYMHKEql3FxNwMorNUMB8GA1UdIwQY
MBaAFPxEKX6Sccbt8GSRX2GArhJpDdqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUt
YWUwN2YzMmU0MTAyLzEvQ1Z3ajlKRHVBbGd3Y29TcVhjWEUzQXlpczFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUtYWUwN2YzMmU0MTAy
LzEvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1amXMA0G
CSqGSIb3DQEBCwUAA4IBAQCdjFqOKntHIdV0r4BYY2II3ilTbNp5xI5MFX3tRtvL
MPnGPWzTZv1BBJw6yD0P4vuYz8/nhuteZz15ke5Rdq6kP/6WRn/A8FlzyidZYuBk
pO8iF8j8bEAPCxMQOmJnfoj09YQSClioRaIVYfkWhfP2m1nK8pEoSZD8do0R0196
kIC+hh67lzEfBGOZLh3LWJ0j3Ti0eSvdW5Lg6pUnWgm7SqH4i4xHiOf49EeTIeQw
icDsq/KlE6rdVI2JFSc32tYrrgWnjcuVXMvAvrLWRXa2WSOzobSjIq1RIo69lRlQ
+RSU5Svi2h3sonylxDTu+CGjj/iZnNaHfsFGBDW4Lrbz
-----END CERTIFICATE-----