Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/CyRSzcilv9H9p4YlSz5jbPl7jQ8.roa
File: CyRSzcilv9H9p4YlSz5jbPl7jQ8.roa (raw, json)
Hash identifier: CqMlc93jkIr1IUQBEevzCozgZD0S94Rn4j6Grv348Hw=
Subject key identifier: 0B:24:52:CD:C8:A5:BF:D1:FD:A7:86:25:4B:3E:63:6C:F9:7B:8D:0F
Certificate issuer: /CN=37518d180923a7f3c00653ec12bc702b95aab907
Certificate serial: 01856D0A9C5DE806A8548EBACF9731AAE3B1
Authority key identifier: 37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/CyRSzcilv9H9p4YlSz5jbPl7jQ8.roa
Signing time: Sun 01 Jan 2023 11:14:49 +0000
ROA not before: Sun 01 Jan 2023 11:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8678
IP address blocks: 193.255.224.0/21 maxlen: 21
193.255.222.0/23 maxlen: 23
193.255.221.0/24 maxlen: 24
193.255.232.0/22 maxlen: 22
193.255.236.0/23 maxlen: 23
194.27.24.0/22 maxlen: 22
194.27.28.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:9c:5d:e8:06:a8:54:8e:ba:cf:97:31:aa:e3:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37518d180923a7f3c00653ec12bc702b95aab907
Validity
Not Before: Jan 1 11:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b2452cdc8a5bfd1fda786254b3e636cf97b8d0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:81:87:bb:40:ad:15:ab:3a:a2:96:51:0e:1f:
7a:c7:80:4c:70:d1:b6:9e:0b:b0:0f:78:ea:b9:de:
99:fa:02:33:98:b9:da:a9:34:36:dd:9b:17:39:07:
a2:78:3f:ab:e2:2f:12:7b:46:1c:ba:e3:ee:d0:cd:
b1:a7:8c:8a:bc:95:7d:d8:bb:17:9c:b7:a3:c7:d1:
a2:32:f6:ca:a9:8d:f4:f5:ed:be:e6:7e:4b:88:0b:
3f:86:e8:8f:68:0e:3c:e8:c0:56:41:3a:1b:c3:9d:
86:b4:a1:1c:32:94:45:b2:7d:70:15:19:3d:ec:84:
20:da:f9:9c:25:4b:9b:93:ba:37:6d:32:7f:16:ff:
36:a7:19:34:04:b6:5f:70:c8:a9:36:d4:a2:1f:95:
59:dd:55:d9:9d:22:9d:fc:10:1c:32:f0:22:19:4a:
25:82:c6:b7:18:c7:02:b6:25:53:69:28:78:1b:fe:
f2:8c:2b:b3:c4:11:fa:da:3e:99:43:ed:b4:9f:38:
d7:f1:fe:e4:f7:43:e3:66:52:69:f8:48:67:fa:48:
a4:00:b0:c9:e9:26:fd:e7:9f:6c:ee:7d:a4:29:2e:
02:8b:6b:90:8c:61:ce:07:12:db:cb:19:0d:d7:0b:
ef:d3:4f:b5:db:9e:b4:18:0b:34:03:de:4a:fe:4e:
a2:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:24:52:CD:C8:A5:BF:D1:FD:A7:86:25:4B:3E:63:6C:F9:7B:8D:0F
X509v3 Authority Key Identifier:
keyid:37:51:8D:18:09:23:A7:F3:C0:06:53:EC:12:BC:70:2B:95:AA:B9:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1GNGAkjp_PABlPsErxwK5WquQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/CyRSzcilv9H9p4YlSz5jbPl7jQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f80ef3-9f0b-4bd1-8018-59671920fb60/1/N1GNGAkjp_PABlPsErxwK5WquQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.255.221.0-193.255.237.255
194.27.24.0-194.27.29.255
Signature Algorithm: sha256WithRSAEncryption
8d:ac:f8:51:f2:98:f0:fd:b2:61:b0:d6:82:51:92:fc:d9:73:
14:14:a9:1b:cb:5f:62:08:ec:ce:87:1a:ef:10:34:ef:61:bc:
12:a7:2c:6f:13:5e:58:10:87:33:29:85:25:69:cb:10:ec:63:
cb:b4:24:35:85:cf:e0:ec:1f:81:5f:58:42:47:30:d7:ca:0f:
48:10:4c:cf:a6:15:eb:0a:0b:46:33:c6:77:2c:18:92:43:8e:
0d:5d:e9:58:40:a1:fa:40:d8:b9:28:19:7d:f9:06:a1:d9:e5:
ff:7b:92:44:be:a4:2e:86:5b:39:38:a2:71:e4:77:f2:2f:72:
93:bd:11:dc:07:45:00:2c:0c:30:f9:c7:c0:26:5e:ea:32:e4:
38:84:67:b2:b6:79:36:8a:89:7c:58:e2:4e:c3:c1:22:4a:eb:
94:7b:28:a1:8b:b3:5b:11:c9:2b:ea:3a:96:36:6a:c0:d9:c3:
8a:d1:14:46:91:e0:ea:77:3b:09:4f:87:a5:9a:28:25:8d:ec:
66:f7:66:c9:e9:b0:c9:ea:ad:fa:85:a4:96:ae:23:f5:5a:35:
e5:07:d9:16:e5:42:31:e9:2b:d9:a1:0e:cd:6e:ac:8e:4d:42:
e6:d2:41:48:05:e3:7c:da:08:a3:16:fe:e9:0b:99:d2:dd:eb:
99:3d:ec:1f
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVtCpxd6AaoVI66z5cxquOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTE4ZDE4MDkyM2E3ZjNjMDA2NTNlYzEyYmM3MDJiOTVh
YWI5MDcwHhcNMjMwMTAxMTExNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjI0NTJjZGM4YTViZmQxZmRhNzg2MjU0YjNlNjM2Y2Y5N2I4ZDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooGHu0CtFas6opZRDh96x4BMcNG2
nguwD3jqud6Z+gIzmLnaqTQ23ZsXOQeieD+r4i8Se0YcuuPu0M2xp4yKvJV92LsX
nLejx9GiMvbKqY309e2+5n5LiAs/huiPaA486MBWQTobw52GtKEcMpRFsn1wFRk9
7IQg2vmcJUubk7o3bTJ/Fv82pxk0BLZfcMipNtSiH5VZ3VXZnSKd/BAcMvAiGUol
gsa3GMcCtiVTaSh4G/7yjCuzxBH62j6ZQ+20nzjX8f7k90PjZlJp+Ehn+kikALDJ
6Sb9559s7n2kKS4Ci2uQjGHOBxLbyxkN1wvv00+12560GAs0A95K/k6iRQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAskUs3Ipb/R/aeGJUs+Y2z5e40PMB8GA1UdIwQY
MBaAFDdRjRgJI6fzwAZT7BK8cCuVqrkHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgt
NTk2NzE5MjBmYjYwLzEvQ3lSU3pjaWx2OUg5cDRZbFN6NWpiUGw3alE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mODBlZjMtOWYwYi00YmQxLTgwMTgtNTk2NzE5MjBmYjYw
LzEvTjFHTkdBa2pwX1BBQmxQc0VyeHdLNVdxdVFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADB/90D
BAHB/+wwDAMEA8IbGAMEAcIbHDANBgkqhkiG9w0BAQsFAAOCAQEAjaz4UfKY8P2y
YbDWglGS/NlzFBSpG8tfYgjszoca7xA072G8EqcsbxNeWBCHMymFJWnLEOxjy7Qk
NYXP4OwfgV9YQkcw18oPSBBMz6YV6woLRjPGdywYkkOODV3pWECh+kDYuSgZffkG
odnl/3uSRL6kLoZbOTiiceR38i9yk70R3AdFACwMMPnHwCZe6jLkOIRnsrZ5NoqJ
fFjiTsPBIkrrlHsooYuzWxHJK+o6ljZqwNnDitEURpHg6nc7CU+HpZooJY3sZvdm
yemwyeqt+oWklq4j9Vo15QfZFuVCMekr2aEOzW6sjk1C5tJBSAXjfNoIoxb+6QuZ
0t3rmT3sHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:01 2024 by rpki-client on console-ams.rpki-client.org