Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/cE10fAgPNsYtHCdPSAHHxH2fprA.roa
File: cE10fAgPNsYtHCdPSAHHxH2fprA.roa (raw, json)
Hash identifier: HY9EIxYOFTH2N9nVsklZcoPCYD98NQtn5iE+SOVqc3k=
Subject key identifier: 70:4D:74:7C:08:0F:36:C6:2D:1C:27:4F:48:01:C7:C4:7D:9F:A6:B0
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 0185BA4CEDFA676921BC558255970707D444
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/cE10fAgPNsYtHCdPSAHHxH2fprA.roa
Signing time: Mon 16 Jan 2023 11:18:01 +0000
ROA not before: Mon 16 Jan 2023 11:18:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205419
IP address blocks: 206.252.242.0/24 maxlen: 24
195.167.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ba:4c:ed:fa:67:69:21:bc:55:82:55:97:07:07:d4:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 16 11:18:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=704d747c080f36c62d1c274f4801c7c47d9fa6b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:27:7b:cf:bb:84:ff:2c:0c:13:c6:78:fa:1b:
7d:8c:9c:63:55:48:9a:f9:06:e6:41:96:12:74:f1:
de:e4:98:1f:19:01:90:ed:0d:e8:02:89:52:3f:d6:
ea:c3:74:7b:3a:b4:0c:03:7a:ec:ff:49:68:b6:a3:
e2:16:3c:e0:be:d2:fb:94:7a:49:24:ca:1d:97:8a:
67:86:01:e7:ff:76:da:c8:ad:c2:c0:e9:ff:97:f9:
97:38:40:12:6d:26:2f:83:70:e8:e1:04:19:d2:a5:
ee:d5:6f:c7:05:b3:ed:19:03:2a:32:bc:c5:ba:48:
2e:02:12:ad:38:75:5a:70:51:df:2f:18:17:66:d6:
37:2a:35:1a:7f:e6:b0:3c:7a:3b:5b:51:3f:80:75:
73:47:93:4b:23:9e:ae:88:d0:3c:da:ca:61:c4:d8:
3f:c1:3f:c3:0d:d2:e4:25:21:21:e4:48:8f:8c:88:
ef:fb:2a:08:d6:af:67:32:77:69:f2:2c:ca:68:da:
54:d1:0d:f1:fd:3c:cf:77:04:61:79:48:3d:1c:4c:
90:e2:67:31:41:46:3b:f0:e5:ab:3a:99:a5:b0:99:
3c:aa:b5:d9:1b:dd:c4:c1:d4:ba:2c:36:0d:e8:4e:
71:61:e5:cc:d7:a8:be:24:12:51:8f:41:13:49:e0:
e9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4D:74:7C:08:0F:36:C6:2D:1C:27:4F:48:01:C7:C4:7D:9F:A6:B0
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/cE10fAgPNsYtHCdPSAHHxH2fprA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.167.153.0/24
206.252.242.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:45:cd:b8:e1:cb:d1:f9:d1:d6:18:50:ff:48:ad:e4:4b:ce:
f2:dc:29:ec:89:f9:f6:76:2a:54:94:98:42:09:96:4c:bf:8b:
7c:de:38:1a:07:f5:c5:72:59:92:6b:be:0c:84:64:f1:c5:18:
b8:79:21:83:d3:d8:d3:dd:cb:7a:1f:91:06:a3:91:c9:f8:17:
3e:ce:40:17:09:47:79:ce:51:61:36:28:11:e5:23:63:fd:06:
5c:6a:1f:f3:f1:93:0c:35:31:bf:14:4f:d5:2b:b1:4e:ab:c6:
d9:5d:48:ba:00:58:70:db:6c:48:33:6c:7a:4a:60:5b:1f:ec:
4e:cf:3d:77:a8:85:b5:bc:2e:92:a6:a4:a5:c9:6a:f6:07:ed:
a6:ae:5f:e0:97:ae:f6:dc:a5:ae:31:66:f8:f7:d2:33:bc:e2:
d6:e7:9a:c6:23:91:c9:41:62:48:6b:ad:b0:e0:14:b5:7f:32:
7d:32:06:50:bf:e3:24:85:e7:45:66:84:42:b2:9a:88:3c:b9:
78:26:9b:85:12:09:39:de:be:f6:9c:fb:80:89:06:96:f7:a5:
15:b7:e9:dc:16:54:52:3b:89:80:00:e6:26:8f:00:56:aa:d2:
e2:61:cc:c1:2c:0a:4b:2d:dc:78:de:e3:12:67:eb:15:e6:d8:
64:51:9c:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYW6TO36Z2khvFWCVZcHB9REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTE2MTExODAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDRkNzQ3YzA4MGYzNmM2MmQxYzI3NGY0ODAxYzdjNDdkOWZhNmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cd7z7uE/ywME8Z4+ht9jJxjVUia
+QbmQZYSdPHe5JgfGQGQ7Q3oAolSP9bqw3R7OrQMA3rs/0lotqPiFjzgvtL7lHpJ
JModl4pnhgHn/3bayK3CwOn/l/mXOEASbSYvg3Do4QQZ0qXu1W/HBbPtGQMqMrzF
ukguAhKtOHVacFHfLxgXZtY3KjUaf+awPHo7W1E/gHVzR5NLI56uiNA82sphxNg/
wT/DDdLkJSEh5EiPjIjv+yoI1q9nMndp8izKaNpU0Q3x/TzPdwRheUg9HEyQ4mcx
QUY78OWrOpmlsJk8qrXZG93EwdS6LDYN6E5xYeXM16i+JBJRj0ETSeDptQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHBNdHwIDzbGLRwnT0gBx8R9n6awMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvY0UxMGZBZ1BOc1l0SENkUFNBSEh4SDJmcHJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw6eZAwQA
zvzyMA0GCSqGSIb3DQEBCwUAA4IBAQANRc244cvR+dHWGFD/SK3kS87y3Cnsifn2
dipUlJhCCZZMv4t83jgaB/XFclmSa74MhGTxxRi4eSGD09jT3ct6H5EGo5HJ+Bc+
zkAXCUd5zlFhNigR5SNj/QZcah/z8ZMMNTG/FE/VK7FOq8bZXUi6AFhw22xIM2x6
SmBbH+xOzz13qIW1vC6SpqSlyWr2B+2mrl/gl6723KWuMWb499IzvOLW55rGI5HJ
QWJIa62w4BS1fzJ9MgZQv+MkhedFZoRCspqIPLl4JpuFEgk53r72nPuAiQaW96UV
t+ncFlRSO4mAAOYmjwBWqtLiYczBLApLLdx43uMSZ+sV5thkUZye
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:48 2024 by rpki-client on console-ams.rpki-client.org