Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/cxOSBKrM5wNjoysc79SMGb5hPww.roa
File: cxOSBKrM5wNjoysc79SMGb5hPww.roa (raw, json)
Hash identifier: LvRaG2m7rnG6U//snvGvrNr8sW+KeeIykeUiJqz86jQ=
Subject key identifier: 73:13:92:04:AA:CC:E7:03:63:A3:2B:1C:EF:D4:8C:19:BE:61:3F:0C
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01857169E33472011632155F0DD67FD8207D
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/cxOSBKrM5wNjoysc79SMGb5hPww.roa
Signing time: Mon 02 Jan 2023 07:37:22 +0000
ROA not before: Mon 02 Jan 2023 07:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 193.31.116.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:e3:34:72:01:16:32:15:5f:0d:d6:7f:d8:20:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Jan 2 07:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=73139204aacce70363a32b1cefd48c19be613f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:63:e2:90:fa:9f:97:bf:df:cb:09:9a:c6:ae:
18:e1:6c:78:e0:99:06:83:4c:94:d9:62:e9:68:d4:
fc:30:7d:2e:09:47:c1:22:36:9c:d1:66:83:06:60:
90:0e:d6:8d:45:3d:01:5a:d4:21:ca:f4:e4:f8:30:
d8:78:45:3d:50:a7:fe:e4:01:72:95:89:ca:8e:d5:
f0:cf:c4:e2:97:48:fd:30:e4:9a:ac:eb:83:53:40:
f3:70:90:2f:ca:c0:56:27:51:1e:1f:4b:de:60:14:
39:12:0d:b8:9b:55:02:65:ce:24:12:39:cb:39:12:
53:d8:d6:8b:13:b7:44:c0:15:36:23:00:6a:57:26:
f7:ad:0e:13:21:19:f3:93:8a:76:ac:ae:36:b1:18:
f1:b9:59:e3:35:d9:38:6b:aa:ec:71:65:1f:82:ef:
26:cd:85:b6:34:71:50:a4:82:7d:c5:05:51:42:4f:
59:6e:50:c1:9f:ff:3e:7f:ad:ea:f3:22:24:da:7b:
6f:47:40:53:3b:b7:22:1a:9b:d6:09:b4:98:fd:c3:
46:99:50:1f:6c:e2:d0:0a:3c:98:27:1b:8c:1e:98:
e1:11:37:35:1b:b2:60:08:45:e3:da:f1:c5:2f:56:
90:b8:dc:9b:c4:aa:02:1a:8f:bc:f5:a3:d2:dd:93:
c2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:13:92:04:AA:CC:E7:03:63:A3:2B:1C:EF:D4:8C:19:BE:61:3F:0C
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/cxOSBKrM5wNjoysc79SMGb5hPww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.98.40.0/23
193.31.116.0/24
Signature Algorithm: sha256WithRSAEncryption
84:54:1c:4b:97:d2:be:fa:b1:dd:32:45:df:2a:fe:b5:f2:1e:
f1:0e:13:f4:c6:73:c7:d0:68:01:c2:b0:0f:8f:e1:c2:1b:d5:
9a:37:b8:88:d2:15:1c:bb:7e:c4:d0:8a:5b:63:fb:10:47:99:
52:71:e3:a5:13:f5:33:62:4b:be:1b:d2:06:db:70:3e:8a:dd:
dc:e7:c0:6c:1b:b4:3b:f2:74:12:7b:20:70:2f:6c:11:e1:15:
82:07:bb:ec:ba:ef:0a:28:5f:d3:c4:09:0f:7d:71:83:7d:fb:
94:c0:ac:9e:4b:23:73:7b:10:87:ac:b9:28:2a:af:ac:bf:f9:
ea:ea:28:a7:6e:cb:b0:b7:ca:bf:e2:99:f1:8b:d2:f5:52:a9:
6e:f1:1f:06:f8:6b:da:12:fe:7a:0c:5d:18:e4:d2:8a:53:c4:
9f:0d:ee:54:2b:ec:88:94:c4:b4:b0:37:db:6b:b7:d0:a1:6d:
f6:bc:43:b6:14:fb:4d:dd:ce:6d:df:38:9b:51:32:a7:b9:6f:
fb:13:2e:fa:ff:d6:a9:72:91:99:6f:f1:9e:f6:94:7f:6e:be:
78:5e:ed:4e:ce:26:02:ba:11:ca:c3:d5:b1:71:dd:e5:67:eb:
d3:29:92:45:53:6e:96:f7:f3:79:4a:1c:78:be:14:dc:6e:77:
d3:b3:95:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxaeM0cgEWMhVfDdZ/2CB9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjMwMTAyMDczNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzEzOTIwNGFhY2NlNzAzNjNhMzJiMWNlZmQ0OGMxOWJlNjEzZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmPikPqfl7/fywmaxq4Y4Wx44JkG
g0yU2WLpaNT8MH0uCUfBIjac0WaDBmCQDtaNRT0BWtQhyvTk+DDYeEU9UKf+5AFy
lYnKjtXwz8Til0j9MOSarOuDU0DzcJAvysBWJ1EeH0veYBQ5Eg24m1UCZc4kEjnL
ORJT2NaLE7dEwBU2IwBqVyb3rQ4TIRnzk4p2rK42sRjxuVnjNdk4a6rscWUfgu8m
zYW2NHFQpIJ9xQVRQk9ZblDBn/8+f63q8yIk2ntvR0BTO7ciGpvWCbSY/cNGmVAf
bOLQCjyYJxuMHpjhETc1G7JgCEXj2vHFL1aQuNybxKoCGo+89aPS3ZPC+QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHMTkgSqzOcDY6MrHO/UjBm+YT8MMB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvY3hPU0JLck01d05qb3lzYzc5U01HYjVoUHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBsGIoAwQA
wR90MA0GCSqGSIb3DQEBCwUAA4IBAQCEVBxLl9K++rHdMkXfKv618h7xDhP0xnPH
0GgBwrAPj+HCG9WaN7iI0hUcu37E0IpbY/sQR5lSceOlE/UzYku+G9IG23A+it3c
58BsG7Q78nQSeyBwL2wR4RWCB7vsuu8KKF/TxAkPfXGDffuUwKyeSyNzexCHrLko
Kq+sv/nq6iinbsuwt8q/4pnxi9L1Uqlu8R8G+GvaEv56DF0Y5NKKU8SfDe5UK+yI
lMS0sDfba7fQoW32vEO2FPtN3c5t3zibUTKnuW/7Ey76/9apcpGZb/Ge9pR/br54
Xu1OziYCuhHKw9Wxcd3lZ+vTKZJFU26W9/N5Shx4vhTcbnfTs5VA
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:12 2024 by rpki-client on console-fra.rpki-client.org