Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/CsukVOM0HvISJESaBwxGFXas-6w.roa
File: CsukVOM0HvISJESaBwxGFXas-6w.roa (raw, json)
Hash identifier: pAQ8pNtT/cQu5805cTRSOKYrq7cUmV4p9myCSefkgJU=
Subject key identifier: 0A:CB:A4:54:E3:34:1E:F2:12:24:44:9A:07:0C:46:15:76:AC:FB:AC
Certificate issuer: /CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Certificate serial: 01856F38F6DE522013135BECC9DDC4C56973
Authority key identifier: CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/CsukVOM0HvISJESaBwxGFXas-6w.roa
Signing time: Sun 01 Jan 2023 21:24:42 +0000
ROA not before: Sun 01 Jan 2023 21:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41171
IP address blocks: 37.72.133.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:38:f6:de:52:20:13:13:5b:ec:c9:dd:c4:c5:69:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cafd3133df47ce2bb07c472fbe6bb4e9178c6233
Validity
Not Before: Jan 1 21:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0acba454e3341ef21224449a070c461576acfbac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4f:29:3f:83:02:f0:c2:36:ee:94:ac:7c:12:
3f:53:a2:82:93:0b:63:46:f2:74:7b:64:9a:f8:1e:
76:48:14:8c:e5:c0:d4:19:1d:85:47:fe:fe:3a:fa:
92:b5:0d:28:54:e5:ce:01:5e:a5:f9:8c:97:1b:8c:
66:ed:a1:0a:af:59:18:3f:80:b4:d3:93:f5:c5:f8:
1c:dc:e5:ff:a3:60:34:4f:2d:db:7b:1a:3c:90:81:
7f:e5:74:0c:67:ac:a2:17:3a:63:9b:f3:8d:40:45:
90:65:2c:1d:8b:e6:ca:0c:3f:23:2a:ce:31:79:c4:
0a:cf:cf:9f:5b:56:ae:18:cf:e1:8c:c3:46:7f:6f:
b5:2f:2c:a1:b3:75:7e:17:06:77:11:03:31:1f:fa:
90:e7:c9:91:47:c3:a6:51:e4:f7:55:ef:71:ad:40:
13:65:20:3c:50:ff:21:8b:67:29:1e:69:ef:4c:d2:
69:1f:8e:07:45:74:fd:7f:b6:bd:bb:d7:97:35:68:
94:9f:77:28:dd:59:c3:87:36:c5:6e:f8:54:2e:0e:
d6:9a:33:48:a0:e0:ec:eb:b2:f4:6a:b6:df:08:76:
80:51:c9:c3:6b:52:0c:fc:2f:a8:87:68:2b:38:c8:
b7:8a:ad:0c:66:b2:31:c8:b9:b4:2f:c4:58:55:30:
c7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CB:A4:54:E3:34:1E:F2:12:24:44:9A:07:0C:46:15:76:AC:FB:AC
X509v3 Authority Key Identifier:
keyid:CA:FD:31:33:DF:47:CE:2B:B0:7C:47:2F:BE:6B:B4:E9:17:8C:62:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yv0xM99HziuwfEcvvmu06ReMYjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/CsukVOM0HvISJESaBwxGFXas-6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/eb1cd5-c871-4d4f-ac3f-4b599d08ed1c/1/yv0xM99HziuwfEcvvmu06ReMYjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.133.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1d:80:ba:cf:03:b5:a0:62:4e:25:28:21:4e:5b:a3:e0:87:
7a:fb:de:07:eb:84:3c:21:1d:df:ab:70:9f:b2:56:13:fe:ce:
57:42:16:39:ff:23:98:2d:7d:18:a9:41:3f:cf:f2:0c:bb:7b:
2b:56:fc:2f:88:d9:80:bf:cb:1a:80:01:7f:53:a1:fe:f7:44:
64:13:12:6e:db:c5:66:dc:2f:f0:68:73:db:b5:0d:85:3b:d4:
91:50:98:d2:82:85:53:bd:da:e5:d2:9b:ed:5b:c7:dd:e2:5b:
65:48:1e:f0:2c:a9:ee:9c:d8:62:b4:7f:f6:92:23:3d:ab:74:
8d:69:5d:05:f2:57:52:72:50:0e:2b:e8:c4:1d:64:e7:ad:a5:
8c:0e:2b:53:3c:29:c8:3d:21:94:76:16:00:6b:ad:6d:c5:5a:
cf:a0:55:be:f7:53:f3:e0:00:48:97:63:34:f0:40:bb:52:2d:
34:94:1f:3c:53:c7:3a:fb:58:c3:95:b6:4b:43:70:2f:0b:5e:
5b:34:e4:d4:41:d6:7a:95:c4:a2:7d:c4:2f:04:d9:16:24:9c:
bf:14:68:9a:a9:92:68:ad:05:28:4e:06:f5:bf:74:28:3f:a6:
86:12:6c:f8:25:c3:86:de:aa:f0:48:72:fa:95:03:c7:16:67:
70:17:cc:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOPbeUiATE1vsyd3ExWlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZmQzMTMzZGY0N2NlMmJiMDdjNDcyZmJlNmJiNGU5MTc4
YzYyMzMwHhcNMjMwMTAxMjEyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWNiYTQ1NGUzMzQxZWYyMTIyNDQ0OWEwNzBjNDYxNTc2YWNmYmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE8pP4MC8MI27pSsfBI/U6KCkwtj
RvJ0e2Sa+B52SBSM5cDUGR2FR/7+OvqStQ0oVOXOAV6l+YyXG4xm7aEKr1kYP4C0
05P1xfgc3OX/o2A0Ty3bexo8kIF/5XQMZ6yiFzpjm/ONQEWQZSwdi+bKDD8jKs4x
ecQKz8+fW1auGM/hjMNGf2+1Lyyhs3V+FwZ3EQMxH/qQ58mRR8OmUeT3Ve9xrUAT
ZSA8UP8hi2cpHmnvTNJpH44HRXT9f7a9u9eXNWiUn3co3VnDhzbFbvhULg7WmjNI
oODs67L0arbfCHaAUcnDa1IM/C+oh2grOMi3iq0MZrIxyLm0L8RYVTDHvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArLpFTjNB7yEiREmgcMRhV2rPusMB8GA1UdIwQY
MBaAFMr9MTPfR84rsHxHL75rtOkXjGIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2Yt
NGI1OTlkMDhlZDFjLzEvQ3N1a1ZPTTBIdklTSkVTYUJ3eEdGWGFzLTZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lYjFjZDUtYzg3MS00ZDRmLWFjM2YtNGI1OTlkMDhlZDFj
LzEveXYweE05OUh6aXV3ZkVjdnZtdTA2UmVNWWpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJUiFMA0G
CSqGSIb3DQEBCwUAA4IBAQCaHYC6zwO1oGJOJSghTluj4Id6+94H64Q8IR3fq3Cf
slYT/s5XQhY5/yOYLX0YqUE/z/IMu3srVvwviNmAv8sagAF/U6H+90RkExJu28Vm
3C/waHPbtQ2FO9SRUJjSgoVTvdrl0pvtW8fd4ltlSB7wLKnunNhitH/2kiM9q3SN
aV0F8ldSclAOK+jEHWTnraWMDitTPCnIPSGUdhYAa61txVrPoFW+91Pz4ABIl2M0
8EC7Ui00lB88U8c6+1jDlbZLQ3AvC15bNOTUQdZ6lcSifcQvBNkWJJy/FGiaqZJo
rQUoTgb1v3QoP6aGEmz4JcOG3qrwSHL6lQPHFmdwF8xN
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:29:59 2024 by rpki-client on console-ams.rpki-client.org