Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/CMdUS-tdIxj06dcZVBll2S9RBLc.roa
File: CMdUS-tdIxj06dcZVBll2S9RBLc.roa (raw, json)
Hash identifier: WGxcFE/mm1YrmfL2/S18L7MaKIeNtt16ibnF8Gaibfs=
Subject key identifier: 08:C7:54:4B:EB:5D:23:18:F4:E9:D7:19:54:19:65:D9:2F:51:04:B7
Certificate issuer: /CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Certificate serial: 018AD3A1D735FB4B7FDDD19FF090A9E9A42E
Authority key identifier: E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/CMdUS-tdIxj06dcZVBll2S9RBLc.roa
Signing time: Tue 26 Sep 2023 22:35:13 +0000
ROA not before: Tue 26 Sep 2023 22:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42338
IP address blocks: 185.203.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d3:a1:d7:35:fb:4b:7f:dd:d1:9f:f0:90:a9:e9:a4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e501815c6f98f3a2b6184afebf18ea341be882ea
Validity
Not Before: Sep 26 22:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08c7544beb5d2318f4e9d719541965d92f5104b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9d:af:a8:87:b1:a3:c2:85:27:90:80:df:fc:
f8:d4:d3:d2:25:9e:bd:15:a6:4e:30:79:d7:b8:95:
44:a5:67:d4:c3:19:1f:f7:d0:0b:0b:29:0e:73:e8:
1d:75:b0:f0:4a:3a:48:ba:39:f8:91:a4:39:c5:8c:
3d:5a:f1:e8:97:29:78:3b:30:54:b5:f5:6e:5f:1b:
6d:fb:58:e6:1b:f5:32:f6:b1:d1:f9:77:92:05:d0:
a1:e3:be:5c:6c:d3:01:c9:f0:c0:4c:cb:1c:4d:7a:
fd:1c:d9:ee:85:bd:99:8a:b2:e5:3e:2b:b8:e7:91:
33:f0:f0:f4:0a:e8:81:98:8c:3d:3f:08:28:b6:9a:
56:c5:b4:0b:63:5f:21:97:af:2d:04:b5:32:84:ba:
a2:20:33:64:66:99:6a:64:1e:01:9e:5e:b4:63:99:
5d:2f:eb:e8:8b:92:e2:91:0f:9b:6a:45:aa:13:11:
27:69:dd:f5:5f:33:d5:ab:bb:cb:33:19:0b:54:dd:
36:6d:b2:52:35:db:0f:97:c9:8b:f7:27:4c:79:81:
f3:08:b2:97:c3:a6:5a:9e:3e:f5:c4:18:10:4e:fd:
e6:ef:dd:dd:e4:da:ca:ff:18:96:ad:ae:0c:ab:0f:
1e:5f:d2:76:e9:17:56:13:a5:98:e8:ca:24:4f:81:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C7:54:4B:EB:5D:23:18:F4:E9:D7:19:54:19:65:D9:2F:51:04:B7
X509v3 Authority Key Identifier:
keyid:E5:01:81:5C:6F:98:F3:A2:B6:18:4A:FE:BF:18:EA:34:1B:E8:82:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QGBXG-Y86K2GEr-vxjqNBvoguo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/CMdUS-tdIxj06dcZVBll2S9RBLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5b0222-ed64-4f55-b45b-0059f737ef05/1/5QGBXG-Y86K2GEr-vxjqNBvoguo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.33.0/24
Signature Algorithm: sha256WithRSAEncryption
01:05:ea:60:a5:48:e0:7e:a3:7b:46:49:69:61:4e:c1:4c:f5:
69:ba:4b:37:6c:b0:b3:fd:52:dc:08:51:57:4f:cf:41:5e:fc:
a8:60:89:60:53:9a:c9:f9:34:a8:7c:a1:7f:18:23:e4:c1:42:
b0:22:12:bf:d9:17:4c:a2:03:3f:a8:b2:e0:c0:a2:a7:27:b2:
bb:c1:18:2a:e0:d5:8a:29:dc:b6:83:7e:87:c9:0f:16:ba:13:
b4:be:d2:1a:be:fa:a7:24:99:5b:f0:de:46:96:4d:e9:d9:fa:
59:97:e0:08:17:45:78:76:0c:7a:d5:b0:1c:d9:43:d9:15:43:
4a:8f:9a:c9:f5:6f:f0:f0:2a:82:7c:94:2a:c7:6d:11:ed:9d:
89:75:3b:b1:45:4f:ea:aa:0b:04:48:ba:78:ef:5f:45:31:ce:
5b:0b:b1:9e:a8:b5:57:1f:03:f5:ef:36:26:49:a0:dd:2c:ac:
5b:06:92:7e:53:15:50:64:c0:89:bf:9e:52:44:f8:c5:cb:4e:
ca:db:77:7f:eb:76:f6:17:ba:6f:9a:11:b0:93:e7:d8:63:25:
60:27:6c:40:01:12:16:3c:c7:45:4d:c6:0d:2b:4a:13:d9:36:
6a:7f:9e:18:4f:de:7f:3b:e0:65:15:0a:91:06:5a:a0:31:7a:
99:11:83:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrTodc1+0t/3dGf8JCp6aQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MDE4MTVjNmY5OGYzYTJiNjE4NGFmZWJmMThlYTM0MWJl
ODgyZWEwHhcNMjMwOTI2MjIzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGM3NTQ0YmViNWQyMzE4ZjRlOWQ3MTk1NDE5NjVkOTJmNTEwNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ2vqIexo8KFJ5CA3/z41NPSJZ69
FaZOMHnXuJVEpWfUwxkf99ALCykOc+gddbDwSjpIujn4kaQ5xYw9WvHolyl4OzBU
tfVuXxtt+1jmG/Uy9rHR+XeSBdCh475cbNMByfDATMscTXr9HNnuhb2ZirLlPiu4
55Ez8PD0CuiBmIw9PwgotppWxbQLY18hl68tBLUyhLqiIDNkZplqZB4Bnl60Y5ld
L+voi5LikQ+bakWqExEnad31XzPVq7vLMxkLVN02bbJSNdsPl8mL9ydMeYHzCLKX
w6Zanj71xBgQTv3m793d5NrK/xiWra4Mqw8eX9J26RdWE6WY6MokT4HqfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjHVEvrXSMY9OnXGVQZZdkvUQS3MB8GA1UdIwQY
MBaAFOUBgVxvmPOithhK/r8Y6jQb6ILqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWIt
MDA1OWY3MzdlZjA1LzEvQ01kVVMtdGRJeGowNmRjWlZCbGwyUzlSQkxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81YjAyMjItZWQ2NC00ZjU1LWI0NWItMDA1OWY3MzdlZjA1
LzEvNVFHQlhHLVk4NksyR0VyLXZ4anFOQnZvZ3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucshMA0G
CSqGSIb3DQEBCwUAA4IBAQABBepgpUjgfqN7RklpYU7BTPVpuks3bLCz/VLcCFFX
T89BXvyoYIlgU5rJ+TSofKF/GCPkwUKwIhK/2RdMogM/qLLgwKKnJ7K7wRgq4NWK
Kdy2g36HyQ8WuhO0vtIavvqnJJlb8N5Glk3p2fpZl+AIF0V4dgx61bAc2UPZFUNK
j5rJ9W/w8CqCfJQqx20R7Z2JdTuxRU/qqgsESLp4719FMc5bC7GeqLVXHwP17zYm
SaDdLKxbBpJ+UxVQZMCJv55SRPjFy07K23d/63b2F7pvmhGwk+fYYyVgJ2xAARIW
PMdFTcYNK0oT2TZqf54YT95/O+BlFQqRBlqgMXqZEYMp
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:00 2024 by rpki-client on console-fra.rpki-client.org