Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CEvMjs71Pm1qLg1WeHjK_N7sYBs.roa
File: CEvMjs71Pm1qLg1WeHjK_N7sYBs.roa (raw, json)
Hash identifier: kO05t0w1hW/nxhjH6jB1/gCD3uhX+7ZWnrSEbu9RgAU=
Subject key identifier: 08:4B:CC:8E:CE:F5:3E:6D:6A:2E:0D:56:78:78:CA:FC:DE:EC:60:1B
Certificate issuer: /CN=3e482fb3c9f9af470e4e48b6df382d3d50154661
Certificate serial: 018570DE5CE419253E5AE9ED87992B79195F
Authority key identifier: 3E:48:2F:B3:C9:F9:AF:47:0E:4E:48:B6:DF:38:2D:3D:50:15:46:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkgvs8n5r0cOTki23zgtPVAVRmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CEvMjs71Pm1qLg1WeHjK_N7sYBs.roa
Signing time: Mon 02 Jan 2023 05:04:59 +0000
ROA not before: Mon 02 Jan 2023 05:04:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56655
IP address blocks: 193.200.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:5c:e4:19:25:3e:5a:e9:ed:87:99:2b:79:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e482fb3c9f9af470e4e48b6df382d3d50154661
Validity
Not Before: Jan 2 05:04:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=084bcc8ecef53e6d6a2e0d567878cafcdeec601b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:d2:e2:e1:88:7a:19:fd:48:9f:93:e8:98:
ec:bf:bc:55:80:61:3a:15:1d:6f:47:12:2c:6c:78:
ba:aa:f4:c7:ed:db:02:db:ea:5e:39:2e:14:cf:ba:
a5:af:ac:7b:8e:e0:d0:f8:fd:2b:5c:85:e9:f6:7b:
83:e0:d0:16:2f:09:e6:e8:79:85:12:03:54:a6:bf:
ed:07:48:09:1e:3d:38:26:5f:a3:13:5e:87:a1:51:
f9:a0:d6:36:3a:69:05:af:b5:ee:9f:05:c8:f3:31:
18:3f:d5:df:5a:9f:5c:ad:51:41:e7:c2:6d:c9:7e:
f5:b7:27:e1:60:ad:d8:f6:dd:82:e7:08:00:4d:cd:
9b:22:a2:88:c1:04:11:13:7c:a3:34:6c:01:0c:cc:
a4:c0:20:07:80:5b:61:10:d5:cd:ad:94:9e:81:8a:
f6:66:d3:30:7f:60:41:d3:96:1e:f9:4a:3d:b3:59:
bb:ef:63:93:e8:7e:87:20:cb:bf:cd:fb:58:46:c2:
10:37:44:0e:90:e4:3c:f2:43:df:d2:25:9d:0e:c7:
01:9d:9f:5f:e7:ee:12:95:98:b6:ab:22:72:88:5b:
20:3f:d6:e9:c0:5c:0a:1b:24:2f:71:35:b6:04:be:
92:2a:b6:a4:95:bd:ee:ed:8f:bd:6d:fc:32:83:2d:
69:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4B:CC:8E:CE:F5:3E:6D:6A:2E:0D:56:78:78:CA:FC:DE:EC:60:1B
X509v3 Authority Key Identifier:
keyid:3E:48:2F:B3:C9:F9:AF:47:0E:4E:48:B6:DF:38:2D:3D:50:15:46:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkgvs8n5r0cOTki23zgtPVAVRmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/CEvMjs71Pm1qLg1WeHjK_N7sYBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/543b15-fb1b-445f-8aa4-db4d714859b5/1/Pkgvs8n5r0cOTki23zgtPVAVRmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.238.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:cd:b2:fc:59:7c:d7:30:9b:82:77:3a:96:86:0a:75:a6:e2:
33:97:90:5c:70:a8:18:c3:91:c9:9e:8c:15:af:e3:bb:e2:5a:
28:22:4f:4b:52:d7:6d:66:24:5a:4c:d5:26:5b:0f:e5:56:c6:
2e:0e:29:7c:e1:31:9e:a6:8c:6b:86:32:08:39:19:3a:79:18:
4e:85:eb:fa:30:6f:67:a1:0a:a7:42:73:50:cf:c6:81:8f:0e:
96:fe:c8:ea:97:ee:90:ab:06:6a:e1:14:ec:61:c5:43:e4:bf:
0f:91:a2:e7:8e:81:53:da:2c:02:2b:ef:23:43:f2:2e:c8:50:
9d:a4:5c:fd:0f:25:89:88:fd:c5:c0:c1:8f:d9:97:dc:bb:5f:
37:d9:d2:f6:05:15:e9:dd:a6:d7:7e:9a:f7:67:9e:17:14:e6:
b8:32:56:62:ba:75:1f:48:9d:1d:78:5b:fc:cf:5d:39:ab:c5:
4f:66:f6:42:7f:59:9b:97:68:ab:34:d0:fd:40:1e:5b:33:3f:
84:cd:c2:43:22:0f:03:61:e0:32:10:e4:5d:08:49:05:9a:a6:
8e:b1:be:ed:78:02:f6:e8:6c:dd:31:7e:1c:7a:29:77:91:da:
db:9c:83:c7:d0:0f:35:cf:89:89:44:fe:04:4f:9b:24:41:ed:
74:fa:c4:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw3lzkGSU+Wunth5kreRlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDgyZmIzYzlmOWFmNDcwZTRlNDhiNmRmMzgyZDNkNTAx
NTQ2NjEwHhcNMjMwMTAyMDUwNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRiY2M4ZWNlZjUzZTZkNmEyZTBkNTY3ODc4Y2FmY2RlZWM2MDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8vS4uGIehn9SJ+T6Jjsv7xVgGE6
FR1vRxIsbHi6qvTH7dsC2+peOS4Uz7qlr6x7juDQ+P0rXIXp9nuD4NAWLwnm6HmF
EgNUpr/tB0gJHj04Jl+jE16HoVH5oNY2OmkFr7XunwXI8zEYP9XfWp9crVFB58Jt
yX71tyfhYK3Y9t2C5wgATc2bIqKIwQQRE3yjNGwBDMykwCAHgFthENXNrZSegYr2
ZtMwf2BB05Ye+Uo9s1m772OT6H6HIMu/zftYRsIQN0QOkOQ88kPf0iWdDscBnZ9f
5+4SlZi2qyJyiFsgP9bpwFwKGyQvcTW2BL6SKraklb3u7Y+9bfwygy1pQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhLzI7O9T5tai4NVnh4yvze7GAbMB8GA1UdIwQY
MBaAFD5IL7PJ+a9HDk5Itt84LT1QFUZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtndnM4bjVyMGNPVGtpMjN6Z3RQVkFWUm1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My81NDNiMTUtZmIxYi00NDVmLThhYTQt
ZGI0ZDcxNDg1OWI1LzEvQ0V2TWpzNzFQbTFxTGcxV2VIaktfTjdzWUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My81NDNiMTUtZmIxYi00NDVmLThhYTQtZGI0ZDcxNDg1OWI1
LzEvUGtndnM4bjVyMGNPVGtpMjN6Z3RQVkFWUm1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwcjuMA0G
CSqGSIb3DQEBCwUAA4IBAQCszbL8WXzXMJuCdzqWhgp1puIzl5BccKgYw5HJnowV
r+O74looIk9LUtdtZiRaTNUmWw/lVsYuDil84TGepoxrhjIIORk6eRhOhev6MG9n
oQqnQnNQz8aBjw6W/sjql+6QqwZq4RTsYcVD5L8PkaLnjoFT2iwCK+8jQ/IuyFCd
pFz9DyWJiP3FwMGP2Zfcu1832dL2BRXp3abXfpr3Z54XFOa4MlZiunUfSJ0deFv8
z105q8VPZvZCf1mbl2irNND9QB5bMz+EzcJDIg8DYeAyEORdCEkFmqaOsb7teAL2
6GzdMX4ceil3kdrbnIPH0A81z4mJRP4ET5skQe10+sS2
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:43 2024 by rpki-client on console-ams.rpki-client.org