Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0PGreM3qkIgiZhWw-xkdNaK3jOs.roa
File: 0PGreM3qkIgiZhWw-xkdNaK3jOs.roa (raw, json)
Hash identifier: 0sMv+vEd5yfLzCMXKwV5s7yM2aPcMwJd/TP+51Zd3BQ=
Subject key identifier: D0:F1:AB:78:CD:EA:90:88:22:66:15:B0:FB:19:1D:35:A2:B7:8C:EB
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01859FE19607A5F8BAE65F241114C42BC573
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0PGreM3qkIgiZhWw-xkdNaK3jOs.roa
Signing time: Wed 11 Jan 2023 08:10:39 +0000
ROA not before: Wed 11 Jan 2023 08:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21700
IP address blocks: 213.176.72.0/22 maxlen: 24
213.176.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Jan 2023 07:38:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9f:e1:96:07:a5:f8:ba:e6:5f:24:11:14:c4:2b:c5:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 11 08:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0f1ab78cdea9088226615b0fb191d35a2b78ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:11:f8:66:bd:46:44:0d:bc:81:ab:2e:ac:24:
90:ee:ca:c6:e2:71:0c:9d:95:6e:e3:fe:e3:75:57:
32:37:a6:ad:13:85:11:30:90:70:47:4b:e6:df:41:
30:9a:98:c2:58:79:7a:7d:f0:36:e6:1e:f3:2e:a8:
00:ed:0f:fb:8a:75:67:f5:1d:9b:c8:3c:5d:f6:f4:
f2:5a:75:28:c4:44:c7:da:ba:a5:75:0c:8a:66:0e:
47:4c:33:e5:92:29:af:99:09:06:5c:c2:2f:02:02:
a7:4b:cc:24:a5:09:14:4b:8d:09:ac:41:0b:d5:7b:
1b:4d:2d:8d:af:87:b5:67:8d:48:1d:b1:99:29:20:
dd:88:a2:f3:14:f2:f2:18:71:60:59:95:f8:d5:98:
fb:c4:c2:36:c0:6b:9d:3f:ac:75:d1:fe:a2:7c:ec:
23:58:6f:7c:e4:de:64:0e:31:7b:14:93:84:ce:aa:
f6:ca:ec:54:ab:f8:9d:07:22:a9:53:40:ca:55:9d:
34:43:9d:8b:03:b8:b8:4e:33:8d:34:91:0b:48:84:
57:8f:dc:56:8d:6c:32:80:31:62:01:25:4b:91:a1:
16:85:ec:bc:c1:56:c1:ea:64:8f:cf:c4:e2:a6:13:
cf:79:36:04:31:e9:a9:70:08:ba:6b:e8:9f:85:91:
93:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:F1:AB:78:CD:EA:90:88:22:66:15:B0:FB:19:1D:35:A2:B7:8C:EB
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/0PGreM3qkIgiZhWw-xkdNaK3jOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.72.0/22
213.176.92.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:00:ee:0a:30:e6:dc:d8:fb:53:10:94:6e:f9:e5:d1:5d:c4:
75:94:6a:df:a0:ce:92:bc:c1:75:a3:d8:43:66:87:cb:81:e2:
78:23:de:ad:62:db:a2:1f:96:71:ef:d9:91:b9:d2:07:41:98:
75:ab:fe:e3:a2:6a:d4:1a:7b:24:71:99:8b:30:02:3c:e4:27:
62:67:1d:19:55:5d:24:b2:ce:6e:73:09:c6:f8:1d:14:81:ca:
4d:9e:dd:4c:5b:30:c3:7e:b2:1e:9f:44:db:24:10:57:48:c6:
9c:a3:e9:49:a0:44:d1:e5:e4:79:fa:4d:d2:d8:26:60:9b:53:
84:80:15:a9:83:d6:d5:2f:51:14:1f:cd:9c:3f:b9:38:d2:7f:
a0:8d:6d:11:5c:d2:fc:53:04:1b:00:c1:46:ba:4f:49:bb:30:
b6:9d:7f:b2:c5:4e:99:cd:0b:8a:d2:3a:92:50:2b:e5:05:45:
01:94:de:3d:89:be:06:4e:83:f2:1e:dc:b6:06:a2:7c:11:d7:
ac:d7:fc:b1:dd:e2:91:72:c1:0c:3d:98:2c:37:06:94:90:6c:
eb:82:26:8f:cb:89:25:0a:24:42:c1:ae:da:72:45:74:4d:93:
96:41:7b:8f:78:eb:26:ee:77:72:d8:ef:fe:b4:be:bf:a6:e9:
73:34:6a:be
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYWf4ZYHpfi65l8kERTEK8VzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjMwMTExMDgxMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGYxYWI3OGNkZWE5MDg4MjI2NjE1YjBmYjE5MWQzNWEyYjc4Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBH4Zr1GRA28gasurCSQ7srG4nEM
nZVu4/7jdVcyN6atE4URMJBwR0vm30EwmpjCWHl6ffA25h7zLqgA7Q/7inVn9R2b
yDxd9vTyWnUoxETH2rqldQyKZg5HTDPlkimvmQkGXMIvAgKnS8wkpQkUS40JrEEL
1XsbTS2Nr4e1Z41IHbGZKSDdiKLzFPLyGHFgWZX41Zj7xMI2wGudP6x10f6ifOwj
WG985N5kDjF7FJOEzqr2yuxUq/idByKpU0DKVZ00Q52LA7i4TjONNJELSIRXj9xW
jWwygDFiASVLkaEWhey8wVbB6mSPz8TiphPPeTYEMempcAi6a+ifhZGTvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNDxq3jN6pCIImYVsPsZHTWit4zrMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMFBHcmVNM3FrSWdpWmhXdy14a2ROYUszak9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQC1bBIAwQC
1bBcMA0GCSqGSIb3DQEBCwUAA4IBAQAfAO4KMObc2PtTEJRu+eXRXcR1lGrfoM6S
vMF1o9hDZofLgeJ4I96tYtuiH5Zx79mRudIHQZh1q/7jomrUGnskcZmLMAI85Cdi
Zx0ZVV0kss5ucwnG+B0UgcpNnt1MWzDDfrIen0TbJBBXSMaco+lJoETR5eR5+k3S
2CZgm1OEgBWpg9bVL1EUH82cP7k40n+gjW0RXNL8UwQbAMFGuk9JuzC2nX+yxU6Z
zQuK0jqSUCvlBUUBlN49ib4GToPyHty2BqJ8Edes1/yx3eKRcsEMPZgsNwaUkGzr
giaPy4klCiRCwa7ackV0TZOWQXuPeOsm7ndy2O/+tL6/pulzNGq+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:38 2024 by rpki-client on console-fra.rpki-client.org