Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/CaIsWAe89hgxA-tavNXQPshFgh0.roa
File: CaIsWAe89hgxA-tavNXQPshFgh0.roa (raw, json)
Hash identifier: e8KDlUXNXBioaYEAJIoKmgf8cHsS0Hi22xtL+7U5YHY=
Subject key identifier: 09:A2:2C:58:07:BC:F6:18:31:03:EB:5A:BC:D5:D0:3E:C8:45:82:1D
Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Certificate serial: 018CC9BC1B4B62087389D0A5AEDFCA3292C9
Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/CaIsWAe89hgxA-tavNXQPshFgh0.roa
Signing time: Tue 02 Jan 2024 10:33:17 +0000
ROA not before: Tue 02 Jan 2024 10:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203489
IP address blocks: 185.191.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 14:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1b:4b:62:08:73:89:d0:a5:ae:df:ca:32:92:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df
Validity
Not Before: Jan 2 10:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09a22c5807bcf6183103eb5abcd5d03ec845821d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:32:e3:3c:1c:9f:bf:0a:1a:14:50:45:be:73:
4f:60:7b:b0:07:4e:a2:ee:67:5a:c9:53:c1:c4:55:
af:f4:61:aa:cd:09:50:5b:e0:6f:79:c1:2b:62:7b:
02:a4:ad:7a:70:ba:90:3d:8e:34:42:aa:76:3e:3d:
78:4f:dd:3a:d1:c7:a5:c4:9e:5d:a3:76:64:c7:ab:
08:6e:0a:3d:c6:82:e2:32:df:75:13:22:de:3a:c2:
e7:e9:84:d1:50:d2:1d:e6:20:ba:d4:4a:fa:18:d5:
b4:a6:69:4d:11:5d:6c:93:16:ff:56:c4:eb:5d:da:
46:cf:1a:d1:ea:2b:d0:02:5d:83:c9:ed:09:88:60:
11:c0:93:ce:c8:d7:12:a1:73:6d:06:b4:6b:88:59:
2a:83:36:c1:f5:18:9b:79:b4:fa:76:56:d9:4a:b1:
5d:e9:fb:db:89:7d:01:9b:a4:3b:a9:36:87:9d:a3:
68:c3:ec:9a:31:30:84:c4:39:d7:65:37:b2:e7:5c:
98:28:fa:d7:e1:32:be:0c:d3:be:13:35:27:25:76:
80:d8:24:f2:06:cb:5f:73:93:6c:12:cc:c7:d2:2d:
f8:05:c0:fb:da:84:c8:87:bb:4b:df:b4:1b:02:67:
a2:07:bd:c0:95:c2:f8:09:32:69:37:0f:fc:d5:62:
5e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A2:2C:58:07:BC:F6:18:31:03:EB:5A:BC:D5:D0:3E:C8:45:82:1D
X509v3 Authority Key Identifier:
keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/CaIsWAe89hgxA-tavNXQPshFgh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.99.0/24
Signature Algorithm: sha256WithRSAEncryption
59:37:ab:85:ed:85:ae:2f:4a:b0:d7:d2:ca:78:23:7a:64:e5:
ad:5a:31:14:9e:9b:19:ea:e9:24:2e:24:1d:c7:e2:dd:4c:2a:
8d:8d:3d:f0:c0:7d:93:77:5f:69:b1:e0:54:9a:01:8a:f1:8f:
28:2c:9c:68:b6:20:31:0b:fd:ca:b2:d7:65:eb:68:7c:7d:ec:
9f:17:c7:80:2e:0e:d5:eb:3c:f7:37:a2:0c:9b:a5:4f:65:3f:
da:45:2e:de:93:18:9f:83:b1:c6:b7:0a:36:d4:80:2a:b6:14:
1e:0e:b1:81:9f:5a:f1:9a:93:1b:b4:42:82:55:d4:e8:5b:51:
f0:af:18:8c:b4:c4:cb:89:70:c5:2b:a2:ac:66:a7:c2:d3:1a:
1c:89:d2:60:84:d5:35:67:73:c0:e7:9e:3f:4c:78:41:ad:30:
36:66:d5:5c:da:61:34:7e:03:46:31:9a:ef:f2:af:6c:84:20:
86:2c:84:5e:c7:8f:0f:c7:fa:da:d7:79:47:bb:12:08:a5:ca:
6d:6d:58:b7:1f:7b:65:ec:17:86:9b:4a:c3:87:07:56:f3:45:
f8:b5:f2:ee:6a:ff:86:6c:51:5f:b5:ed:9d:56:cb:63:8e:2b:
8a:67:f4:d6:96:a9:76:23:0b:96:4d:69:59:55:ab:7b:ce:10:
19:47:e9:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvBtLYghzidClrt/KMpLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj
ZTMyZGYwHhcNMjQwMTAyMTAzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWEyMmM1ODA3YmNmNjE4MzEwM2ViNWFiY2Q1ZDAzZWM4NDU4MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjLjPByfvwoaFFBFvnNPYHuwB06i
7mdayVPBxFWv9GGqzQlQW+BvecErYnsCpK16cLqQPY40Qqp2Pj14T9060celxJ5d
o3Zkx6sIbgo9xoLiMt91EyLeOsLn6YTRUNId5iC61Er6GNW0pmlNEV1skxb/VsTr
XdpGzxrR6ivQAl2Dye0JiGARwJPOyNcSoXNtBrRriFkqgzbB9RibebT6dlbZSrFd
6fvbiX0Bm6Q7qTaHnaNow+yaMTCExDnXZTey51yYKPrX4TK+DNO+EzUnJXaA2CTy
Bstfc5NsEszH0i34BcD72oTIh7tL37QbAmeiB73AlcL4CTJpNw/81WJeOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmiLFgHvPYYMQPrWrzV0D7IRYIdMB8GA1UdIwQY
MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt
NDM3OTM0YzU4NDUzLzEvQ2FJc1dBZTg5aGd4QS10YXZOWFFQc2hGZ2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz
LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub9jMA0G
CSqGSIb3DQEBCwUAA4IBAQBZN6uF7YWuL0qw19LKeCN6ZOWtWjEUnpsZ6ukkLiQd
x+LdTCqNjT3wwH2Td19pseBUmgGK8Y8oLJxotiAxC/3Kstdl62h8feyfF8eALg7V
6zz3N6IMm6VPZT/aRS7ekxifg7HGtwo21IAqthQeDrGBn1rxmpMbtEKCVdToW1Hw
rxiMtMTLiXDFK6KsZqfC0xocidJghNU1Z3PA554/THhBrTA2ZtVc2mE0fgNGMZrv
8q9shCCGLIRex48Px/ra13lHuxIIpcptbVi3H3tl7BeGm0rDhwdW80X4tfLuav+G
bFFfte2dVstjjiuKZ/TWlql2IwuWTWlZVat7zhAZR+nu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:06 2024 by rpki-client on console-fra.rpki-client.org