Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/cVRmz8iop3lTkma7jo1u6RRBoWM.roa
File: cVRmz8iop3lTkma7jo1u6RRBoWM.roa (raw, json)
Hash identifier: CgXuu8iCb+Dxsc7I1uqPtpjYKcuoCCyZ+kuILJHSnAg=
Subject key identifier: 71:54:66:CF:C8:A8:A7:79:53:92:66:BB:8E:8D:6E:E9:14:41:A1:63
Certificate issuer: /CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Certificate serial: 018DDB0EAC103422C472A0961CA5F8EEB286
Authority key identifier: D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/cVRmz8iop3lTkma7jo1u6RRBoWM.roa
Signing time: Sat 24 Feb 2024 12:19:48 +0000
ROA not before: Sat 24 Feb 2024 12:19:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59956
IP address blocks: 176.117.89.0/24 maxlen: 24
176.117.90.0/23 maxlen: 24
176.117.92.0/23 maxlen: 24
176.117.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:15:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:0e:ac:10:34:22:c4:72:a0:96:1c:a5:f8:ee:b2:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0299cf12b38ff12d95ffc0d13ac12c69fe2c1ca
Validity
Not Before: Feb 24 12:19:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=715466cfc8a8a779539266bb8e8d6ee91441a163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:42:69:85:eb:b9:a1:9b:c6:dd:73:cc:d5:6e:
79:9a:96:e7:25:0b:a6:17:a0:07:5f:fd:15:89:61:
46:5a:05:ba:ce:c2:3c:b8:d8:b6:7a:e6:35:cc:c5:
f6:98:a7:dc:e8:e0:da:d2:57:21:c1:fb:d8:af:7a:
e8:b2:2d:50:f5:bd:06:13:ad:a6:e8:46:00:06:42:
ef:55:90:b9:95:8f:27:ac:f0:6a:f7:45:d7:7c:01:
e4:c5:dd:ba:52:b1:95:de:cf:49:01:f5:7d:8d:52:
74:75:4d:b3:ed:a8:31:ea:27:56:df:37:d5:18:a8:
2f:52:ea:ae:4e:95:5d:bf:ca:6d:fd:7d:30:b2:39:
84:a0:29:f1:6c:9f:7d:ea:fc:ac:2a:ca:33:9c:8c:
ec:d0:34:16:b1:97:78:92:b1:03:17:ba:17:3c:a5:
ac:61:d8:a2:b6:3d:49:7e:bc:1c:bd:5f:50:a0:55:
fb:c0:fb:11:16:dd:50:4e:8a:ae:c2:b8:17:37:dc:
34:52:6e:cb:68:23:04:92:61:06:a5:3b:d0:f0:ba:
3b:25:c8:53:1b:5b:c7:10:26:8d:2e:2d:1d:ae:30:
b2:c9:c0:6e:d8:79:25:7b:00:d3:86:a7:c5:b8:32:
c3:d1:65:35:e4:90:71:52:77:dc:bc:21:30:a7:43:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:54:66:CF:C8:A8:A7:79:53:92:66:BB:8E:8D:6E:E9:14:41:A1:63
X509v3 Authority Key Identifier:
keyid:D0:29:9C:F1:2B:38:FF:12:D9:5F:FC:0D:13:AC:12:C6:9F:E2:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/cVRmz8iop3lTkma7jo1u6RRBoWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d582c4-36e3-4a57-8752-e641e713d1fa/1/0Cmc8Ss4_xLZX_wNE6wSxp_iwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.89.0-176.117.94.255
Signature Algorithm: sha256WithRSAEncryption
8b:a0:33:18:d3:ef:57:df:5b:f0:d9:b9:15:3c:c2:fb:fc:d6:
02:ae:3e:c2:38:04:a5:df:7c:2a:10:37:3b:8d:a5:27:42:9a:
d3:ce:5a:3f:59:e3:16:d6:68:d2:f2:1b:f6:c8:eb:5c:23:d9:
b1:6f:79:e0:5c:c2:1e:08:5e:31:7b:66:d7:a5:da:c1:18:b2:
e9:4a:88:73:29:8d:99:a9:11:df:8d:27:dd:92:9b:8a:90:a3:
6f:1d:a1:b0:ee:b2:2f:31:3a:39:56:f0:4d:f8:e4:d5:09:54:
27:13:0e:b0:fa:a9:bc:18:e9:96:2e:93:01:f1:70:df:00:bd:
23:98:1e:7e:68:8d:52:f3:1f:05:49:8b:e0:0f:ec:50:7d:74:
e0:45:ab:85:76:9d:d5:13:4e:61:b9:e3:99:3c:6e:35:e1:b7:
cf:a7:db:c7:65:fd:51:c3:f0:95:b4:f8:7d:f1:cb:1e:f2:01:
74:6e:2c:c7:cd:26:9e:07:4a:2b:fc:d3:14:b7:c8:d2:d8:23:
61:ae:44:00:b3:43:12:56:81:67:a7:11:d7:fa:c6:d8:ad:06:
50:82:a9:6b:cd:4f:b7:8a:51:b4:14:ca:ca:7f:55:ee:7e:b0:
64:15:dd:9c:df:1a:a9:dd:33:0d:b6:38:cd:8d:b0:b2:7b:05:
5b:ab:d7:c4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY3bDqwQNCLEcqCWHKX47rKGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjk5Y2YxMmIzOGZmMTJkOTVmZmMwZDEzYWMxMmM2OWZl
MmMxY2EwHhcNMjQwMjI0MTIxOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTU0NjZjZmM4YThhNzc5NTM5MjY2YmI4ZThkNmVlOTE0NDFhMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUJpheu5oZvG3XPM1W55mpbnJQum
F6AHX/0ViWFGWgW6zsI8uNi2euY1zMX2mKfc6ODa0lchwfvYr3rosi1Q9b0GE62m
6EYABkLvVZC5lY8nrPBq90XXfAHkxd26UrGV3s9JAfV9jVJ0dU2z7agx6idW3zfV
GKgvUuquTpVdv8pt/X0wsjmEoCnxbJ996vysKsoznIzs0DQWsZd4krEDF7oXPKWs
Ydiitj1JfrwcvV9QoFX7wPsRFt1QToquwrgXN9w0Um7LaCMEkmEGpTvQ8Lo7JchT
G1vHECaNLi0drjCyycBu2HklewDThqfFuDLD0WU15JBxUnfcvCEwp0MBDQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFHFUZs/IqKd5U5Jmu46NbukUQaFjMB8GA1UdIwQY
MBaAFNApnPErOP8S2V/8DROsEsaf4sHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTIt
ZTY0MWU3MTNkMWZhLzEvY1ZSbXo4aW9wM2xUa21hN2pvMXU2UlJCb1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kNTgyYzQtMzZlMy00YTU3LTg3NTItZTY0MWU3MTNkMWZh
LzEvMENtYzhTczRfeExaWF93TkU2d1N4cF9pd2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACwdVkD
BACwdV4wDQYJKoZIhvcNAQELBQADggEBAIugMxjT71ffW/DZuRU8wvv81gKuPsI4
BKXffCoQNzuNpSdCmtPOWj9Z4xbWaNLyG/bI61wj2bFveeBcwh4IXjF7Ztel2sEY
sulKiHMpjZmpEd+NJ92Sm4qQo28dobDusi8xOjlW8E345NUJVCcTDrD6qbwY6ZYu
kwHxcN8AvSOYHn5ojVLzHwVJi+AP7FB9dOBFq4V2ndUTTmG545k8bjXht8+n28dl
/VHD8JW0+H3xyx7yAXRuLMfNJp4HSiv80xS3yNLYI2GuRACzQxJWgWenEdf6xtit
BlCCqWvNT7eKUbQUysp/Ve5+sGQV3ZzfGqndMw22OM2NsLJ7BVur18Q=
-----END CERTIFICATE-----
Generated at Tue Feb 27 21:14:25 2024 by rpki-client on console-fra.rpki-client.org