Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Cpgtm44dpaoJ9xLrQNv56fwlN9w.roa
File: Cpgtm44dpaoJ9xLrQNv56fwlN9w.roa (raw, json)
Hash identifier: 7+sfh1lzjy599qumfGMrKImGI65PPQg8lklvRXPz6wA=
Subject key identifier: 0A:98:2D:9B:8E:1D:A5:AA:09:F7:12:EB:40:DB:F9:E9:FC:25:37:DC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192C927219820DD8B30DE2FD2971BC4965D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Cpgtm44dpaoJ9xLrQNv56fwlN9w.roa
Signing time: Sat 26 Oct 2024 14:07:17 +0000
ROA not before: Sat 26 Oct 2024 14:07:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207388
IP address blocks: 93.123.30.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
193.168.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 07:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c9:27:21:98:20:dd:8b:30:de:2f:d2:97:1b:c4:96:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 26 14:07:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a982d9b8e1da5aa09f712eb40dbf9e9fc2537dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:33:38:db:99:a2:3c:2d:12:35:54:6c:48:af:
d2:f4:b6:5a:70:3a:e3:79:f0:02:e3:ff:30:3f:bc:
d0:36:97:21:08:af:19:d4:9b:44:50:f8:9b:e5:46:
be:f3:f1:ae:63:53:e0:fc:59:75:db:6d:f4:3c:86:
12:bb:fd:45:ca:eb:25:31:14:d2:53:e8:7a:31:42:
5e:b0:49:5b:9e:b3:ac:db:16:bc:cd:78:cf:61:74:
c1:da:d5:f8:8b:21:9c:26:8c:47:3d:b6:f1:aa:50:
0b:fe:8f:9e:f1:e3:59:f1:44:6b:f6:93:67:de:7a:
b0:12:e4:f2:69:91:8a:60:7b:0c:45:32:66:18:e9:
ea:56:ef:46:cd:d7:bd:ea:5f:9c:19:bb:10:b0:fb:
fb:73:50:82:2a:ff:0c:51:8c:ff:9f:99:a2:d4:14:
4e:57:e1:36:11:95:b2:80:76:2e:bd:0a:9a:dc:1a:
a6:ae:35:2c:48:d7:e9:f1:14:65:de:fd:83:bb:eb:
87:5e:69:30:14:a4:03:5d:04:db:a9:67:6c:46:39:
cd:57:50:27:4a:22:9f:17:c1:19:9b:ac:86:9f:54:
4d:94:0c:6a:82:85:4b:a4:f8:08:86:6c:87:12:d6:
24:3a:a0:dd:05:03:05:ac:87:18:ee:4c:cd:a1:bc:
b3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:98:2D:9B:8E:1D:A5:AA:09:F7:12:EB:40:DB:F9:E9:FC:25:37:DC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Cpgtm44dpaoJ9xLrQNv56fwlN9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.30.0/24
192.145.28.0/22
193.168.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cf:96:3b:2c:f2:12:82:55:a7:59:07:0a:d5:13:5c:59:4d:
e2:68:04:6a:5a:50:e5:72:02:24:e0:0f:1c:a9:64:02:f4:95:
a7:09:3f:42:8d:cd:a1:0f:51:ac:77:f2:ee:0e:62:4e:90:3d:
f3:7f:5d:b3:f5:03:8a:79:db:64:ac:b4:e9:a9:2c:cd:dc:8f:
75:ef:62:09:7e:fe:a0:64:38:01:8b:30:85:5d:ba:d6:20:5d:
9b:8c:35:b4:79:39:25:48:a1:da:59:dd:f7:62:34:a1:f2:b8:
c0:0e:1f:9f:d1:07:a0:6d:2b:f6:bb:c8:cf:b0:89:79:0b:78:
c8:b2:e6:ec:ca:87:92:3b:fd:2b:a5:af:0a:99:d7:b9:d1:87:
79:17:88:c7:cc:70:6c:f0:19:f5:21:f5:6f:8d:59:9d:0e:65:
8a:9f:0e:47:b6:b1:1b:67:26:37:70:75:a0:1b:dd:14:a6:eb:
ee:07:ff:9b:14:94:63:c2:e1:4b:d9:ac:e5:39:c3:cc:45:b6:
eb:b6:c7:f0:a9:db:af:eb:7b:c5:14:3c:9f:67:69:5f:9e:c5:
fd:2a:1c:3b:9f:8d:66:7b:a7:f4:61:5c:13:a0:7c:cb:bd:68:
d9:49:75:8b:d7:5e:ed:d0:ac:b4:47:41:c7:9e:be:b7:88:cb:
4a:90:09:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLJJyGYIN2LMN4v0pcbxJZdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI2MTQwNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk4MmQ5YjhlMWRhNWFhMDlmNzEyZWI0MGRiZjllOWZjMjUzN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DM425miPC0SNVRsSK/S9LZacDrj
efAC4/8wP7zQNpchCK8Z1JtEUPib5Ua+8/GuY1Pg/Fl12230PIYSu/1FyuslMRTS
U+h6MUJesElbnrOs2xa8zXjPYXTB2tX4iyGcJoxHPbbxqlAL/o+e8eNZ8URr9pNn
3nqwEuTyaZGKYHsMRTJmGOnqVu9Gzde96l+cGbsQsPv7c1CCKv8MUYz/n5mi1BRO
V+E2EZWygHYuvQqa3BqmrjUsSNfp8RRl3v2Du+uHXmkwFKQDXQTbqWdsRjnNV1An
SiKfF8EZm6yGn1RNlAxqgoVLpPgIhmyHEtYkOqDdBQMFrIcY7kzNobyzzwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAqYLZuOHaWqCfcS60Db+en8JTfcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ3BndG00NGRwYW9KOXhMclFOdjU2ZndsTjl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXseAwQC
wJEcAwQAwajGMA0GCSqGSIb3DQEBCwUAA4IBAQA8z5Y7LPISglWnWQcK1RNcWU3i
aARqWlDlcgIk4A8cqWQC9JWnCT9Cjc2hD1Gsd/LuDmJOkD3zf12z9QOKedtkrLTp
qSzN3I9172IJfv6gZDgBizCFXbrWIF2bjDW0eTklSKHaWd33YjSh8rjADh+f0Qeg
bSv2u8jPsIl5C3jIsubsyoeSO/0rpa8Kmde50Yd5F4jHzHBs8Bn1IfVvjVmdDmWK
nw5HtrEbZyY3cHWgG90UpuvuB/+bFJRjwuFL2azlOcPMRbbrtsfwqduv63vFFDyf
Z2lfnsX9Khw7n41me6f0YVwToHzLvWjZSXWL117t0Ky0R0HHnr63iMtKkAlz
-----END CERTIFICATE-----
Generated at Tue Oct 29 09:23:25 2024 by rpki-client on console-ams.rpki-client.org