Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cthJ7_PFS8B49kAc6ycfUOCgXxo.roa
File: cthJ7_PFS8B49kAc6ycfUOCgXxo.roa (raw, json)
Hash identifier: hisechSb9CwiZQfLQMl2O4/Ivnwtocie7T66uq2iXmI=
Subject key identifier: 72:D8:49:EF:F3:C5:4B:C0:78:F6:40:1C:EB:27:1F:50:E0:A0:5F:1A
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01872CAD4BBF2201B9A349088D93BD6E035C
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cthJ7_PFS8B49kAc6ycfUOCgXxo.roa
Signing time: Wed 29 Mar 2023 09:22:47 +0000
ROA not before: Wed 29 Mar 2023 09:22:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211440
IP address blocks: 194.28.128.0/24 maxlen: 24
178.253.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:ad:4b:bf:22:01:b9:a3:49:08:8d:93:bd:6e:03:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Mar 29 09:22:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72d849eff3c54bc078f6401ceb271f50e0a05f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:de:14:be:52:b1:bc:16:bb:69:b9:ba:6e:d7:
f6:47:a9:3e:ab:41:b7:f3:eb:16:44:52:3f:83:84:
21:25:98:0d:e2:9d:c6:d2:05:33:4b:8a:58:21:bd:
b2:e3:c6:44:35:c7:3c:37:f5:ad:97:d6:1e:b5:86:
cd:4c:9c:54:2b:44:c7:67:9a:81:2a:3c:05:22:4c:
5c:a9:25:67:e5:67:55:6c:1a:f5:18:b6:19:62:92:
f3:34:be:1e:b0:2f:6e:f3:98:31:dc:47:11:73:6e:
af:5c:fa:98:e5:6f:c2:0f:ea:8d:4c:58:93:9d:8c:
47:66:e1:a6:fa:87:98:84:77:81:af:70:cc:ef:ac:
7d:6f:6a:6f:10:82:00:37:69:a3:6c:d5:d0:48:ca:
d1:64:65:e6:bb:78:01:21:16:6a:37:81:60:4f:dd:
93:d8:26:9d:17:24:d1:35:37:10:79:71:a8:5a:6b:
03:c8:54:24:f3:89:84:a3:70:0d:b0:06:6a:0f:c6:
25:c6:74:f0:f1:1c:89:47:d3:9f:56:8c:10:76:24:
58:fb:fc:65:2b:71:6e:d5:c9:f4:56:96:26:ef:0a:
29:42:56:12:e5:e4:1f:32:6c:c2:10:0c:3a:36:d4:
7c:d3:57:50:46:d2:c7:03:72:9c:06:e1:3f:82:1f:
21:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:D8:49:EF:F3:C5:4B:C0:78:F6:40:1C:EB:27:1F:50:E0:A0:5F:1A
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/cthJ7_PFS8B49kAc6ycfUOCgXxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.253.243.0/24
194.28.128.0/24
Signature Algorithm: sha256WithRSAEncryption
37:2e:d7:aa:b9:ec:17:89:d4:16:a2:30:db:e4:bd:88:1d:1f:
e5:5b:54:43:0a:47:e9:18:c8:47:c0:40:28:5e:22:dd:25:0f:
25:b9:4f:9c:c6:a8:5d:16:bc:d5:2d:96:31:8a:0a:d4:ed:e6:
5c:fa:c4:48:eb:b9:94:f0:4f:d4:48:c2:a2:ac:7a:7e:41:49:
ce:2a:38:88:bf:cf:54:45:71:7c:25:af:68:f5:70:f0:53:99:
bd:cc:42:b0:d1:1f:0a:6b:5d:70:b6:f6:3c:7c:f5:74:f7:ee:
e1:ba:40:56:ea:90:c4:e5:e7:a4:9b:ba:dd:32:2c:9e:e1:ac:
2b:ca:ba:83:a5:18:1e:27:cc:d7:57:ba:aa:30:f1:b0:f5:7b:
79:5e:5b:48:d6:e4:26:4c:91:1b:50:d9:fd:40:03:8f:cf:99:
15:65:5f:83:e2:2b:45:d0:72:e9:a0:4d:3f:f7:fc:fd:ae:1c:
2b:32:15:fd:26:85:c0:f0:73:9f:d0:78:cb:90:00:3e:79:12:
73:16:88:f3:2a:36:5d:97:5e:73:ec:8b:8d:5f:8e:71:30:c3:
6a:f0:85:74:54:57:c1:17:2c:a9:a3:ae:7e:05:ad:5e:da:7d:
62:36:75:76:37:30:16:01:f5:58:e1:c0:05:2f:73:21:c9:f5:
ca:21:7f:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcsrUu/IgG5o0kIjZO9bgNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjMwMzI5MDkyMjQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmQ4NDllZmYzYzU0YmMwNzhmNjQwMWNlYjI3MWY1MGUwYTA1ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhd4UvlKxvBa7abm6btf2R6k+q0G3
8+sWRFI/g4QhJZgN4p3G0gUzS4pYIb2y48ZENcc8N/Wtl9YetYbNTJxUK0THZ5qB
KjwFIkxcqSVn5WdVbBr1GLYZYpLzNL4esC9u85gx3EcRc26vXPqY5W/CD+qNTFiT
nYxHZuGm+oeYhHeBr3DM76x9b2pvEIIAN2mjbNXQSMrRZGXmu3gBIRZqN4FgT92T
2CadFyTRNTcQeXGoWmsDyFQk84mEo3ANsAZqD8YlxnTw8RyJR9OfVowQdiRY+/xl
K3Fu1cn0VpYm7wopQlYS5eQfMmzCEAw6NtR801dQRtLHA3KcBuE/gh8hDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHLYSe/zxUvAePZAHOsnH1DgoF8aMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvY3RoSjdfUEZTOEI0OWtBYzZ5Y2ZVT0NnWHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsv3zAwQA
whyAMA0GCSqGSIb3DQEBCwUAA4IBAQA3LtequewXidQWojDb5L2IHR/lW1RDCkfp
GMhHwEAoXiLdJQ8luU+cxqhdFrzVLZYxigrU7eZc+sRI67mU8E/USMKirHp+QUnO
KjiIv89URXF8Ja9o9XDwU5m9zEKw0R8Ka11wtvY8fPV09+7hukBW6pDE5eekm7rd
Miye4awryrqDpRgeJ8zXV7qqMPGw9Xt5XltI1uQmTJEbUNn9QAOPz5kVZV+D4itF
0HLpoE0/9/z9rhwrMhX9JoXA8HOf0HjLkAA+eRJzFojzKjZdl15z7IuNX45xMMNq
8IV0VFfBFyypo65+Ba1e2n1iNnV2NzAWAfVY4cAFL3MhyfXKIX8z
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:13:57 2024 by rpki-client on console-ams.rpki-client.org