Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/CHuukc06MTM-MVp9obv40L3JQhU.roa
File: CHuukc06MTM-MVp9obv40L3JQhU.roa (raw, json)
Hash identifier: uRzP4X+YjD2h62OIqZKiyEkZGtVEzPcb1lmwClV8UGc=
Subject key identifier: 08:7B:AE:91:CD:3A:31:33:3E:31:5A:7D:A1:BB:F8:D0:BD:C9:42:15
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 018ABBEB579AEAF41F1966984545F24FD884
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/CHuukc06MTM-MVp9obv40L3JQhU.roa
Signing time: Fri 22 Sep 2023 08:04:37 +0000
ROA not before: Fri 22 Sep 2023 08:04:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 185.99.199.0/24 maxlen: 24
185.99.196.0/24 maxlen: 24
185.99.197.0/24 maxlen: 24
185.99.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:eb:57:9a:ea:f4:1f:19:66:98:45:45:f2:4f:d8:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Sep 22 08:04:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=087bae91cd3a31333e315a7da1bbf8d0bdc94215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:e7:00:2f:c4:23:06:8a:03:e3:5a:41:c5:
6e:a7:80:5d:f5:58:82:e4:0c:36:78:cb:21:4f:5f:
4e:08:b2:a8:a8:5f:8a:c3:0b:63:bb:85:5c:59:51:
86:a0:b7:ae:c5:c9:c2:96:32:83:ae:a1:8f:2d:fe:
b6:21:82:8f:6a:84:36:af:38:ec:12:af:a6:9f:b7:
60:d7:37:79:dc:9a:9d:c2:27:db:77:47:5c:ff:3f:
24:9b:c6:e9:3a:db:d4:f6:80:e3:f7:a3:6f:26:98:
a6:92:a8:e8:ea:1d:e2:36:b4:1c:99:24:c5:9d:86:
c4:d6:5f:b7:6c:6d:fc:63:5c:fc:9d:2b:56:91:3a:
42:0c:ba:a2:01:57:a3:87:cc:36:be:39:1e:16:60:
b7:a7:24:a6:ee:6d:11:22:60:05:ba:88:be:f2:b9:
a3:30:bf:45:c4:ef:bc:4d:53:54:25:47:6c:e1:39:
a8:2e:2a:b9:d6:dd:90:be:34:49:22:25:d5:99:81:
54:05:cd:27:a6:74:5d:b2:bf:ed:7a:44:c0:1b:12:
c1:12:8e:df:95:53:8e:0a:19:93:c1:53:cb:f6:72:
ba:ce:c0:42:c5:9e:a7:34:05:81:75:56:41:77:1d:
4f:59:1c:a5:63:61:be:79:a5:73:5b:1c:95:a1:a6:
e1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7B:AE:91:CD:3A:31:33:3E:31:5A:7D:A1:BB:F8:D0:BD:C9:42:15
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/CHuukc06MTM-MVp9obv40L3JQhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.196.0/22
Signature Algorithm: sha256WithRSAEncryption
97:9c:ae:9d:a6:68:d8:92:33:8e:53:f2:0c:85:5b:72:db:e1:
cb:a3:b7:cd:65:59:d8:a5:eb:71:f2:fe:95:c2:32:3c:dc:2c:
33:b6:7c:80:1c:8a:bf:a7:ca:09:7e:14:11:44:54:36:53:54:
8c:ff:16:d2:f7:f3:0d:4f:83:10:4b:5b:e7:41:1e:89:b7:9b:
1f:cb:bb:f2:dc:d9:77:dd:ab:42:bf:42:6d:ee:85:39:a3:c1:
e5:da:09:4e:66:ff:2e:7c:48:09:92:d0:f0:dc:87:82:1b:52:
48:08:57:2d:8b:ba:09:1e:48:73:ee:a4:61:80:e8:32:16:3a:
72:d6:fe:51:81:a3:f8:a3:9d:dc:dd:fa:25:2e:09:6f:1e:a4:
87:4a:70:a0:c2:61:b2:6e:14:83:cf:c8:2f:c5:65:25:60:ac:
01:ff:e2:a7:b0:6d:c9:f7:e8:d3:44:ed:b6:80:4d:c1:a0:69:
88:5f:db:2c:d5:df:66:5b:18:9b:bd:6c:2a:f9:c6:2c:30:b8:
52:f9:c5:ef:9a:1c:26:9c:17:1d:a3:3f:85:bd:e8:0f:49:98:
03:d9:e2:10:30:cc:61:53:bb:fe:2d:e3:7f:d9:98:14:e5:2d:
09:5f:be:8e:f7:57:a8:da:e0:eb:ca:8c:8b:a0:4d:9f:cf:93:
3c:ac:00:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq761ea6vQfGWaYRUXyT9iEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjMwOTIyMDgwNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdiYWU5MWNkM2EzMTMzM2UzMTVhN2RhMWJiZjhkMGJkYzk0MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT3nAC/EIwaKA+NaQcVup4Bd9ViC
5Aw2eMshT19OCLKoqF+Kwwtju4VcWVGGoLeuxcnCljKDrqGPLf62IYKPaoQ2rzjs
Eq+mn7dg1zd53Jqdwifbd0dc/z8km8bpOtvU9oDj96NvJpimkqjo6h3iNrQcmSTF
nYbE1l+3bG38Y1z8nStWkTpCDLqiAVejh8w2vjkeFmC3pySm7m0RImAFuoi+8rmj
ML9FxO+8TVNUJUds4TmoLiq51t2QvjRJIiXVmYFUBc0npnRdsr/tekTAGxLBEo7f
lVOOChmTwVPL9nK6zsBCxZ6nNAWBdVZBdx1PWRylY2G+eaVzWxyVoabhYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh7rpHNOjEzPjFafaG7+NC9yUIVMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvQ0h1dWtjMDZNVE0tTVZwOW9idjQwTDNKUWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuWPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCXnK6dpmjYkjOOU/IMhVty2+HLo7fNZVnYpetx8v6V
wjI83CwztnyAHIq/p8oJfhQRRFQ2U1SM/xbS9/MNT4MQS1vnQR6Jt5sfy7vy3Nl3
3atCv0Jt7oU5o8Hl2glOZv8ufEgJktDw3IeCG1JICFcti7oJHkhz7qRhgOgyFjpy
1v5RgaP4o53c3folLglvHqSHSnCgwmGybhSDz8gvxWUlYKwB/+KnsG3J9+jTRO22
gE3BoGmIX9ss1d9mWxibvWwq+cYsMLhS+cXvmhwmnBcdoz+FvegPSZgD2eIQMMxh
U7v+LeN/2ZgU5S0JX76O91eo2uDryoyLoE2fz5M8rAB/
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:41 2024 by rpki-client on console-ams.rpki-client.org