Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/ChUaSgwnWRHxu1R7n5hjTig-X2I.roa
File: ChUaSgwnWRHxu1R7n5hjTig-X2I.roa (raw, json)
Hash identifier: +kalHM0abw9qvW0zp7QQgKplRBwyXdBrBnDrgN9k2Zo=
Subject key identifier: 0A:15:1A:4A:0C:27:59:11:F1:BB:54:7B:9F:98:63:4E:28:3E:5F:62
Certificate issuer: /CN=eb0d53c87071484971aedfd90ca6ecc656a96e4c
Certificate serial: 01856E8B42F25A6165B31F7CEAD7A190A1D0
Authority key identifier: EB:0D:53:C8:70:71:48:49:71:AE:DF:D9:0C:A6:EC:C6:56:A9:6E:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6w1TyHBxSElxrt_ZDKbsxlapbkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/ChUaSgwnWRHxu1R7n5hjTig-X2I.roa
Signing time: Sun 01 Jan 2023 18:14:58 +0000
ROA not before: Sun 01 Jan 2023 18:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203215
IP address blocks: 192.166.11.0/24 maxlen: 24
192.166.10.0/24 maxlen: 24
192.166.9.0/24 maxlen: 24
192.166.8.0/22 maxlen: 22
192.166.8.0/24 maxlen: 24
2a0c:7ac0::/29 maxlen: 29
2a0c:7ac0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:42:f2:5a:61:65:b3:1f:7c:ea:d7:a1:90:a1:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb0d53c87071484971aedfd90ca6ecc656a96e4c
Validity
Not Before: Jan 1 18:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a151a4a0c275911f1bb547b9f98634e283e5f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:4f:c3:d3:ba:66:40:ef:b9:1f:f5:42:6c:de:
b3:9a:ff:2a:2b:de:d9:65:a4:47:34:6d:08:b6:7d:
3e:20:fe:a9:f0:25:e1:29:54:5a:bb:25:a1:58:37:
05:db:25:f9:07:8f:db:3b:64:88:cb:5f:72:8a:f1:
52:ab:84:cb:86:e5:f0:ca:4a:9b:00:91:5d:2e:04:
f8:0e:17:9d:8b:bb:6a:6a:bb:e1:9d:ea:12:4c:60:
b5:3e:e5:21:cb:fd:f8:77:0d:e6:02:5e:74:ad:c5:
01:83:ee:b4:04:36:dc:66:51:35:fb:cc:32:29:28:
7a:d1:e2:12:ac:ef:5c:42:87:1c:ba:d0:09:42:df:
3d:2d:7c:da:e1:2d:fe:22:4d:43:ed:13:df:23:b1:
ea:81:5a:4f:e4:ce:9c:05:81:e8:9c:f3:9d:2d:55:
94:04:98:fd:d5:97:f2:d4:35:a3:77:65:6e:ca:2c:
0c:4e:d1:39:d6:1a:ca:ac:ec:5e:25:eb:73:48:30:
8e:90:c0:ad:1c:2c:fd:b0:c0:a3:62:b2:d5:38:e4:
7a:85:30:46:eb:2a:7f:69:83:13:13:59:87:af:fd:
d7:05:1a:88:21:3b:bc:2b:7a:2c:d0:99:eb:7b:af:
4c:69:d3:67:bd:09:bb:3d:dd:1d:f2:c5:89:70:21:
c2:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:15:1A:4A:0C:27:59:11:F1:BB:54:7B:9F:98:63:4E:28:3E:5F:62
X509v3 Authority Key Identifier:
keyid:EB:0D:53:C8:70:71:48:49:71:AE:DF:D9:0C:A6:EC:C6:56:A9:6E:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6w1TyHBxSElxrt_ZDKbsxlapbkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/ChUaSgwnWRHxu1R7n5hjTig-X2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/503458-1dc4-4102-9427-d6398183525d/1/6w1TyHBxSElxrt_ZDKbsxlapbkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.8.0/22
IPv6:
2a0c:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ff:11:dd:d9:f0:40:24:12:03:ca:f8:00:99:c5:97:60:52:
80:c4:61:6a:a4:61:f0:98:8a:fb:68:7d:a6:e6:e5:26:21:e3:
63:25:44:c3:b0:f8:29:5f:fc:07:fe:10:6c:b9:c8:1a:47:62:
fd:a0:5e:1c:66:c8:71:78:c7:a7:5a:cd:b5:52:d2:a2:9f:5e:
f2:08:fb:97:39:f8:fc:e4:0c:9a:4b:f4:3f:db:de:9d:4e:4d:
6b:59:52:56:d9:9b:64:65:5d:08:3b:17:60:66:3d:6b:92:c7:
81:80:b0:c6:cc:91:19:ea:27:05:7d:8d:e5:4d:5d:20:9a:9c:
43:28:fe:15:88:ff:ac:ac:1a:5a:f0:45:f2:3a:7e:e5:45:ca:
24:54:d2:e4:31:51:44:f0:31:67:84:57:eb:45:20:31:cb:5c:
df:00:ce:9e:a6:ba:f0:2b:15:fc:9d:75:c5:35:39:25:48:b2:
c0:5f:fe:e8:96:20:56:34:f1:7d:ee:2c:52:fa:67:a6:5a:e1:
8e:ce:48:0b:df:e3:28:bb:b1:ec:3b:cc:39:99:53:b7:f4:f1:
30:db:59:6b:34:18:5e:e7:05:8f:64:b1:78:64:fd:e5:75:1b:
a4:df:ff:ac:46:3b:e0:bd:8a:47:4c:94:7c:a0:c3:ae:19:4d:
f6:95:ca:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVui0LyWmFlsx986tehkKHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMGQ1M2M4NzA3MTQ4NDk3MWFlZGZkOTBjYTZlY2M2NTZh
OTZlNGMwHhcNMjMwMTAxMTgxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE1MWE0YTBjMjc1OTExZjFiYjU0N2I5Zjk4NjM0ZTI4M2U1ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkk/D07pmQO+5H/VCbN6zmv8qK97Z
ZaRHNG0Itn0+IP6p8CXhKVRauyWhWDcF2yX5B4/bO2SIy19yivFSq4TLhuXwykqb
AJFdLgT4Dhedi7tqarvhneoSTGC1PuUhy/34dw3mAl50rcUBg+60BDbcZlE1+8wy
KSh60eISrO9cQoccutAJQt89LXza4S3+Ik1D7RPfI7HqgVpP5M6cBYHonPOdLVWU
BJj91Zfy1DWjd2VuyiwMTtE51hrKrOxeJetzSDCOkMCtHCz9sMCjYrLVOOR6hTBG
6yp/aYMTE1mHr/3XBRqIITu8K3os0Jnre69MadNnvQm7Pd0d8sWJcCHCoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAoVGkoMJ1kR8btUe5+YY04oPl9iMB8GA1UdIwQY
MBaAFOsNU8hwcUhJca7f2Qym7MZWqW5MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNncxVHlIQnhTRWx4cnRfWkRLYnN4bGFwYmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy81MDM0NTgtMWRjNC00MTAyLTk0Mjct
ZDYzOTgxODM1MjVkLzEvQ2hVYVNnd25XUkh4dTFSN241aGpUaWctWDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy81MDM0NTgtMWRjNC00MTAyLTk0MjctZDYzOTgxODM1MjVk
LzEvNncxVHlIQnhTRWx4cnRfWkRLYnN4bGFwYmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwKYIMA0E
AgACMAcDBQMqDHrAMA0GCSqGSIb3DQEBCwUAA4IBAQBa/xHd2fBAJBIDyvgAmcWX
YFKAxGFqpGHwmIr7aH2m5uUmIeNjJUTDsPgpX/wH/hBsucgaR2L9oF4cZshxeMen
Ws21UtKin17yCPuXOfj85AyaS/Q/296dTk1rWVJW2ZtkZV0IOxdgZj1rkseBgLDG
zJEZ6icFfY3lTV0gmpxDKP4ViP+srBpa8EXyOn7lRcokVNLkMVFE8DFnhFfrRSAx
y1zfAM6eprrwKxX8nXXFNTklSLLAX/7oliBWNPF97ixS+memWuGOzkgL3+Mou7Hs
O8w5mVO39PEw21lrNBhe5wWPZLF4ZP3ldRuk3/+sRjvgvYpHTJR8oMOuGU32lcrP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-ams.rpki-client.org