Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/479673-9667-4eda-bbbd-b0b2eaaeed61/1/CH_urK-5quGVAeyeeS4zRAx3iM4.roa
File: CH_urK-5quGVAeyeeS4zRAx3iM4.roa (raw, json)
Hash identifier: q4+22dX1tbwUy7fgWXl4SIwyCcQk2HsysVm5CtRKdlM=
Subject key identifier: 08:7F:EE:AC:AF:B9:AA:E1:95:01:EC:9E:79:2E:33:44:0C:77:88:CE
Certificate issuer: /CN=22a72f3ed23e2294f9bb6ba660246166c13f8324
Certificate serial: 018BDD600E225E23042EE10EB7BFE2857236
Authority key identifier: 22:A7:2F:3E:D2:3E:22:94:F9:BB:6B:A6:60:24:61:66:C1:3F:83:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqcvPtI-IpT5u2umYCRhZsE_gyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/479673-9667-4eda-bbbd-b0b2eaaeed61/1/CH_urK-5quGVAeyeeS4zRAx3iM4.roa
Signing time: Fri 17 Nov 2023 13:02:21 +0000
ROA not before: Fri 17 Nov 2023 13:02:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25059
IP address blocks: 193.201.212.0/22 maxlen: 22
193.201.212.0/24 maxlen: 24
193.201.213.0/24 maxlen: 24
193.201.215.0/24 maxlen: 24
193.201.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:60:0e:22:5e:23:04:2e:e1:0e:b7:bf:e2:85:72:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a72f3ed23e2294f9bb6ba660246166c13f8324
Validity
Not Before: Nov 17 13:02:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=087feeacafb9aae19501ec9e792e33440c7788ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:42:de:be:94:1a:ce:16:4d:67:d9:fd:d8:
f4:34:43:a4:30:48:2e:39:1c:45:b2:34:71:bf:3a:
bb:6d:d4:58:1c:20:f1:d3:5a:80:23:fb:92:29:5f:
26:e3:39:b7:35:30:9b:e5:17:09:3e:cc:0e:fa:39:
ee:08:aa:d1:93:83:c7:b2:c7:dd:c1:24:0e:1f:bf:
17:8e:4c:d5:87:50:a1:8c:6f:71:b0:13:f5:dc:c6:
7a:64:b3:85:97:35:2d:28:1c:dc:0f:49:c4:9f:bb:
98:b1:35:4e:da:7f:fe:77:8e:04:04:d6:34:c4:ab:
f7:fc:e0:46:cf:a7:42:6f:b4:52:2c:fb:42:99:f2:
72:7d:d2:28:0d:5e:aa:9e:d5:3b:ab:02:8c:fd:d1:
49:54:81:94:9e:8a:ab:01:c1:0b:ce:c8:8b:f6:08:
1b:f9:6e:d7:a3:cc:63:e4:2a:8a:e1:53:09:66:81:
6c:9a:e4:f2:9a:39:17:42:db:10:08:a0:e7:70:d6:
25:c5:4b:da:09:fc:c5:1c:66:da:a4:cb:60:ce:d5:
d1:60:6c:02:3b:34:78:d3:ee:a7:8d:c3:06:c6:d6:
e9:48:bb:8e:d3:65:3d:d8:db:49:d2:55:55:1a:5b:
90:87:39:ce:62:59:58:a2:e6:61:45:32:3d:12:68:
99:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7F:EE:AC:AF:B9:AA:E1:95:01:EC:9E:79:2E:33:44:0C:77:88:CE
X509v3 Authority Key Identifier:
keyid:22:A7:2F:3E:D2:3E:22:94:F9:BB:6B:A6:60:24:61:66:C1:3F:83:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqcvPtI-IpT5u2umYCRhZsE_gyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/479673-9667-4eda-bbbd-b0b2eaaeed61/1/CH_urK-5quGVAeyeeS4zRAx3iM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/479673-9667-4eda-bbbd-b0b2eaaeed61/1/IqcvPtI-IpT5u2umYCRhZsE_gyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.212.0/22
Signature Algorithm: sha256WithRSAEncryption
37:1a:cb:80:a1:46:ce:1b:0f:c1:52:a0:50:cc:05:5c:64:be:
ec:89:f9:42:84:2a:a9:ea:90:1a:65:b6:54:b1:47:10:fc:6f:
88:cd:83:de:9c:fa:dc:45:36:87:c7:93:ee:d5:d4:7c:9d:6c:
9b:f6:20:de:9d:62:c6:69:dd:c2:8c:d6:7b:b8:6e:06:61:08:
6d:21:56:4f:b3:38:a9:70:09:bd:d7:6c:d5:5d:94:e9:d9:d1:
fa:97:4b:db:9e:e0:2b:de:7a:2d:ca:a9:a2:8d:76:4d:64:0c:
ea:68:fb:82:d6:e4:7c:60:0c:37:e1:5e:88:ee:ba:ce:7c:c5:
df:22:62:52:33:d8:8b:91:c1:e9:a8:88:28:ab:65:03:3f:b9:
11:7c:cb:16:a8:c9:c9:21:7d:e1:b1:2f:f7:90:ff:8a:a8:06:
e3:09:64:d5:99:56:57:63:9e:6d:3c:1e:03:58:dc:f5:5c:fb:
0c:0e:c9:5b:5b:0e:b8:39:d6:a9:87:28:8f:ca:5d:59:e5:1a:
01:29:6f:af:a8:c4:f8:c5:5b:d1:22:0f:2f:38:e5:48:b2:30:
4d:a0:d9:cb:9e:6d:b9:53:78:48:a7:74:08:c5:ed:70:5c:78:
c4:e5:3b:4e:d9:4a:0e:4d:43:ac:66:48:46:af:1e:c3:cb:38:
7d:69:f5:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvdYA4iXiMELuEOt7/ihXI2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTcyZjNlZDIzZTIyOTRmOWJiNmJhNjYwMjQ2MTY2YzEz
ZjgzMjQwHhcNMjMxMTE3MTMwMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdmZWVhY2FmYjlhYWUxOTUwMWVjOWU3OTJlMzM0NDBjNzc4OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+RC3r6UGs4WTWfZ/dj0NEOkMEgu
ORxFsjRxvzq7bdRYHCDx01qAI/uSKV8m4zm3NTCb5RcJPswO+jnuCKrRk4PHssfd
wSQOH78XjkzVh1ChjG9xsBP13MZ6ZLOFlzUtKBzcD0nEn7uYsTVO2n/+d44EBNY0
xKv3/OBGz6dCb7RSLPtCmfJyfdIoDV6qntU7qwKM/dFJVIGUnoqrAcELzsiL9ggb
+W7Xo8xj5CqK4VMJZoFsmuTymjkXQtsQCKDncNYlxUvaCfzFHGbapMtgztXRYGwC
OzR40+6njcMGxtbpSLuO02U92NtJ0lVVGluQhznOYllYouZhRTI9EmiZOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh/7qyvuarhlQHsnnkuM0QMd4jOMB8GA1UdIwQY
MBaAFCKnLz7SPiKU+btrpmAkYWbBP4MkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFjdlB0SS1JcFQ1dTJ1bVlDUmhac0VfZ3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80Nzk2NzMtOTY2Ny00ZWRhLWJiYmQt
YjBiMmVhYWVlZDYxLzEvQ0hfdXJLLTVxdUdWQWV5ZWVTNHpSQXgzaU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80Nzk2NzMtOTY2Ny00ZWRhLWJiYmQtYjBiMmVhYWVlZDYx
LzEvSXFjdlB0SS1JcFQ1dTJ1bVlDUmhac0VfZ3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwcnUMA0G
CSqGSIb3DQEBCwUAA4IBAQA3GsuAoUbOGw/BUqBQzAVcZL7siflChCqp6pAaZbZU
sUcQ/G+IzYPenPrcRTaHx5Pu1dR8nWyb9iDenWLGad3CjNZ7uG4GYQhtIVZPszip
cAm912zVXZTp2dH6l0vbnuAr3notyqmijXZNZAzqaPuC1uR8YAw34V6I7rrOfMXf
ImJSM9iLkcHpqIgoq2UDP7kRfMsWqMnJIX3hsS/3kP+KqAbjCWTVmVZXY55tPB4D
WNz1XPsMDslbWw64OdaphyiPyl1Z5RoBKW+vqMT4xVvRIg8vOOVIsjBNoNnLnm25
U3hIp3QIxe1wXHjE5TtO2UoOTUOsZkhGrx7Dyzh9afXv
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org