Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/dbc06c-a612-4db0-a856-787238415b08/1/cm53DjT7fvR_rM2QShvlGXZITtg.roa
File: cm53DjT7fvR_rM2QShvlGXZITtg.roa (raw, json)
Hash identifier: csFckQZUjPpbYEaKIXmZgQ+NZyk5hYvcJaJ9oukriJc=
Subject key identifier: 72:6E:77:0E:34:FB:7E:F4:7F:AC:CD:90:4A:1B:E5:19:76:48:4E:D8
Certificate issuer: /CN=03a4122b4a20f1cca6078a91d9a8bb1c03fb9fcd
Certificate serial: 018571B0D661E14B3024DDF4FB19CCE3C865
Authority key identifier: 03:A4:12:2B:4A:20:F1:CC:A6:07:8A:91:D9:A8:BB:1C:03:FB:9F:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A6QSK0og8cymB4qR2ai7HAP7n80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/dbc06c-a612-4db0-a856-787238415b08/1/cm53DjT7fvR_rM2QShvlGXZITtg.roa
Signing time: Mon 02 Jan 2023 08:54:52 +0000
ROA not before: Mon 02 Jan 2023 08:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25509
IP address blocks: 213.190.96.0/19 maxlen: 24
2a00:5380::/29 maxlen: 32
2a00:5380::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d6:61:e1:4b:30:24:dd:f4:fb:19:cc:e3:c8:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03a4122b4a20f1cca6078a91d9a8bb1c03fb9fcd
Validity
Not Before: Jan 2 08:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=726e770e34fb7ef47faccd904a1be51976484ed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b8:c1:2e:f7:44:6b:5a:76:19:6b:ae:06:84:
3b:23:7c:93:aa:6f:72:b0:90:af:7a:a4:5f:74:52:
53:9a:89:c7:68:ff:03:50:09:4b:ef:fc:92:61:d9:
4c:79:69:cb:c5:51:75:b0:a7:4d:fc:69:8e:89:ec:
a9:71:6a:2a:05:bb:52:e0:ab:31:e0:da:2b:f4:ee:
c0:3f:30:f1:20:47:fe:15:37:ac:2d:6d:20:4e:64:
8d:d0:9e:95:5b:d6:90:48:c2:e0:ea:fe:85:7e:08:
0e:5e:aa:3a:39:4f:d0:bb:e2:75:9e:e3:03:81:05:
fa:63:6e:9a:15:79:c0:a7:d6:8e:fc:6d:25:76:53:
ea:f8:71:a6:89:b4:68:90:cd:83:09:ed:e5:3c:dc:
df:cd:60:bd:f4:48:23:f5:c1:b3:8d:80:47:46:7e:
f5:b0:69:7d:88:c5:0b:6b:b0:22:f3:59:2c:eb:8a:
ff:12:80:48:f6:aa:9e:ab:e6:64:e9:6f:b7:62:da:
cd:f4:52:06:c8:06:f1:05:c5:9e:5e:21:74:eb:f2:
53:f1:4e:08:2d:9f:81:20:87:3d:98:6b:47:c7:45:
04:d4:73:be:bc:ab:5b:23:d1:e3:45:e8:c0:c2:48:
0e:8d:5f:4a:06:59:9f:1f:90:f3:d0:7f:3e:62:32:
56:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6E:77:0E:34:FB:7E:F4:7F:AC:CD:90:4A:1B:E5:19:76:48:4E:D8
X509v3 Authority Key Identifier:
keyid:03:A4:12:2B:4A:20:F1:CC:A6:07:8A:91:D9:A8:BB:1C:03:FB:9F:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A6QSK0og8cymB4qR2ai7HAP7n80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/dbc06c-a612-4db0-a856-787238415b08/1/cm53DjT7fvR_rM2QShvlGXZITtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/dbc06c-a612-4db0-a856-787238415b08/1/A6QSK0og8cymB4qR2ai7HAP7n80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.190.96.0/19
IPv6:
2a00:5380::/29
Signature Algorithm: sha256WithRSAEncryption
bf:2d:02:ed:d2:de:50:68:37:6f:71:dd:8a:25:b9:52:d6:88:
a4:9f:33:e7:c2:96:7a:2d:a8:56:e7:91:3c:2c:55:b3:0b:dc:
04:e2:6d:69:a7:38:d4:01:5c:52:37:0e:ec:00:b9:e6:20:53:
00:2e:a0:3c:51:e1:ee:5e:c2:73:af:47:6c:c8:db:72:b4:df:
64:ed:01:0d:9d:4f:28:49:c9:b8:e8:82:76:9b:2d:e3:89:47:
30:a2:26:59:2a:fe:fc:22:92:94:c3:fe:7b:ff:6b:3d:58:f1:
08:47:4a:e4:dc:be:ae:86:c0:04:36:80:32:c3:64:5e:7c:fa:
f5:11:e6:f0:41:a8:47:a8:aa:09:1b:e5:14:c9:d7:f8:0b:6a:
2e:44:95:09:5c:e5:12:1e:8c:83:7e:c9:7a:95:81:21:d2:6f:
8c:60:e3:9a:79:ad:fa:3e:f9:c0:f4:71:47:a1:14:fc:eb:5d:
2f:c9:e5:fe:64:28:91:42:fa:01:52:22:f0:92:b7:f7:38:1a:
53:79:0d:57:16:1b:8d:b2:85:cd:53:c4:af:e6:b3:6f:ca:74:
18:5f:a2:c8:31:13:0e:a2:00:c1:fc:7e:ac:db:d7:57:61:38:
a7:64:b1:bb:93:3d:b3:00:81:e6:94:33:bf:eb:1a:ea:2b:c9:
a2:6a:bc:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxsNZh4UswJN30+xnM48hlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYTQxMjJiNGEyMGYxY2NhNjA3OGE5MWQ5YThiYjFjMDNm
YjlmY2QwHhcNMjMwMTAyMDg1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZlNzcwZTM0ZmI3ZWY0N2ZhY2NkOTA0YTFiZTUxOTc2NDg0ZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7jBLvdEa1p2GWuuBoQ7I3yTqm9y
sJCveqRfdFJTmonHaP8DUAlL7/ySYdlMeWnLxVF1sKdN/GmOieypcWoqBbtS4Ksx
4Nor9O7APzDxIEf+FTesLW0gTmSN0J6VW9aQSMLg6v6FfggOXqo6OU/Qu+J1nuMD
gQX6Y26aFXnAp9aO/G0ldlPq+HGmibRokM2DCe3lPNzfzWC99Egj9cGzjYBHRn71
sGl9iMULa7Ai81ks64r/EoBI9qqeq+Zk6W+3YtrN9FIGyAbxBcWeXiF06/JT8U4I
LZ+BIIc9mGtHx0UE1HO+vKtbI9HjRejAwkgOjV9KBlmfH5Dz0H8+YjJWeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHJudw40+370f6zNkEob5Rl2SE7YMB8GA1UdIwQY
MBaAFAOkEitKIPHMpgeKkdmouxwD+5/NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTZRU0swb2c4Y3ltQjRxUjJhaTdIQVA3bjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kYmMwNmMtYTYxMi00ZGIwLWE4NTYt
Nzg3MjM4NDE1YjA4LzEvY201M0RqVDdmdlJfck0yUVNodmxHWFpJVHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kYmMwNmMtYTYxMi00ZGIwLWE4NTYtNzg3MjM4NDE1YjA4
LzEvQTZRU0swb2c4Y3ltQjRxUjJhaTdIQVA3bjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1b5gMA0E
AgACMAcDBQMqAFOAMA0GCSqGSIb3DQEBCwUAA4IBAQC/LQLt0t5QaDdvcd2KJblS
1oiknzPnwpZ6LahW55E8LFWzC9wE4m1ppzjUAVxSNw7sALnmIFMALqA8UeHuXsJz
r0dsyNtytN9k7QENnU8oScm46IJ2my3jiUcwoiZZKv78IpKUw/57/2s9WPEIR0rk
3L6uhsAENoAyw2RefPr1EebwQahHqKoJG+UUydf4C2ouRJUJXOUSHoyDfsl6lYEh
0m+MYOOaea36PvnA9HFHoRT8610vyeX+ZCiRQvoBUiLwkrf3OBpTeQ1XFhuNsoXN
U8Sv5rNvynQYX6LIMRMOogDB/H6s29dXYTinZLG7kz2zAIHmlDO/6xrqK8miarwO
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:27 2024 by rpki-client on console-ams.rpki-client.org