Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/cJGiNOpQEX1BG-L1ML8VGx98P18.roa
File: cJGiNOpQEX1BG-L1ML8VGx98P18.roa (raw, json)
Hash identifier: ymVXp265HpUoPV2+PUxHb1e6WRdarQzDq8XAmqC0pRQ=
Subject key identifier: 70:91:A2:34:EA:50:11:7D:41:1B:E2:F5:30:BF:15:1B:1F:7C:3F:5F
Certificate issuer: /CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Certificate serial: 01888F94C6FB3823200BAC0D3A61D09D9784
Authority key identifier: 5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/cJGiNOpQEX1BG-L1ML8VGx98P18.roa
Signing time: Tue 06 Jun 2023 07:21:12 +0000
ROA not before: Tue 06 Jun 2023 07:21:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 193.160.102.0/24 maxlen: 24
193.160.113.0/24 maxlen: 24
193.160.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Jun 2023 14:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:94:c6:fb:38:23:20:0b:ac:0d:3a:61:d0:9d:97:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eee0d7e73084a42e4c7f7118f2383fcff369ba4
Validity
Not Before: Jun 6 07:21:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7091a234ea50117d411be2f530bf151b1f7c3f5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:90:94:93:db:b8:35:91:90:ae:9f:2c:63:48:
16:6c:dd:10:62:e3:23:81:50:1d:1d:f9:ca:2d:e0:
6a:a0:84:97:05:dc:a4:5e:53:ec:e5:03:63:d1:d3:
1b:17:dd:30:64:ef:c7:9d:cd:87:b9:60:c4:65:73:
44:52:be:89:c0:b3:fd:ff:e9:33:c5:2b:49:bf:21:
3e:8e:bc:54:70:f8:19:cb:12:16:27:10:03:62:b5:
c7:7a:44:5f:a6:49:fc:13:26:26:cd:e5:17:a5:66:
2d:2e:d4:87:b9:88:5e:7a:27:8e:d2:86:0a:3d:ab:
85:2d:c4:40:da:40:92:dc:00:dc:79:ec:b5:aa:de:
65:81:85:77:68:b4:80:1c:99:37:e7:8e:a4:3f:a1:
ed:7b:7c:d2:35:02:a6:bb:8a:46:cc:a9:c1:f7:f1:
01:b2:f3:d1:a5:eb:3c:1d:48:d2:41:0e:15:d9:4d:
e2:fd:7b:5d:a8:9a:3a:47:7a:8e:b4:e6:fa:ff:54:
71:27:5f:e3:3d:3c:f0:e3:99:6d:f4:8b:ac:9b:05:
4b:6f:2b:bb:c3:8a:63:d4:fa:4d:ee:5b:c8:aa:cb:
db:f2:25:ec:8d:56:0e:47:35:2b:9b:65:9a:82:5b:
43:dc:bc:47:aa:46:71:d0:16:c7:56:33:bf:43:d4:
19:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:91:A2:34:EA:50:11:7D:41:1B:E2:F5:30:BF:15:1B:1F:7C:3F:5F
X509v3 Authority Key Identifier:
keyid:5E:EE:0D:7E:73:08:4A:42:E4:C7:F7:11:8F:23:83:FC:FF:36:9B:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xu4NfnMISkLkx_cRjyOD_P82m6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/cJGiNOpQEX1BG-L1ML8VGx98P18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/784321-99dd-4754-b208-ddc2665646cc/1/Xu4NfnMISkLkx_cRjyOD_P82m6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.102.0/24
193.160.113.0/24
193.160.130.0/24
Signature Algorithm: sha256WithRSAEncryption
57:08:af:b9:14:d5:bd:11:b9:67:89:4e:20:71:dd:9c:d3:de:
88:4c:13:d6:a6:94:45:44:2e:88:ed:0a:1d:f4:48:62:bc:30:
7e:20:5e:b5:69:59:ea:b4:78:c5:df:a0:19:e9:96:78:00:5b:
90:ef:71:86:c3:2f:0a:d2:9b:24:f7:8b:4a:fa:0b:d5:26:5a:
eb:f4:3b:ed:45:e0:e9:1d:2e:47:5d:0a:0a:56:2e:33:42:0b:
8d:9d:3a:a8:09:0d:5c:3f:31:4e:fc:d6:c0:74:b5:1e:ec:fa:
a3:de:7c:0e:5f:7b:10:e7:60:dc:5d:ed:09:a3:09:4b:90:16:
c3:a6:58:aa:64:df:1b:37:b5:be:ca:fd:9a:9a:13:23:b0:ad:
f3:2e:ee:a1:35:78:0b:f1:0a:ea:f1:6e:c6:a3:ef:3f:bb:6d:
18:f0:97:77:7d:27:35:51:66:d6:28:e5:f7:e8:59:07:ec:73:
d8:c5:1e:b6:52:9a:70:23:0d:22:97:64:03:67:b8:d9:4a:50:
35:47:5b:95:83:44:79:d7:3c:0d:48:2d:0a:19:b5:0f:4e:f3:
49:73:0b:fb:a4:0f:2b:08:49:e4:06:3b:bd:71:df:cb:fe:17:
00:0d:19:9b:c4:85:ed:0d:29:10:28:96:c9:4a:d5:8b:3b:9b:
46:99:9e:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYiPlMb7OCMgC6wNOmHQnZeEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZWUwZDdlNzMwODRhNDJlNGM3ZjcxMThmMjM4M2ZjZmYz
NjliYTQwHhcNMjMwNjA2MDcyMTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDkxYTIzNGVhNTAxMTdkNDExYmUyZjUzMGJmMTUxYjFmN2MzZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJCUk9u4NZGQrp8sY0gWbN0QYuMj
gVAdHfnKLeBqoISXBdykXlPs5QNj0dMbF90wZO/Hnc2HuWDEZXNEUr6JwLP9/+kz
xStJvyE+jrxUcPgZyxIWJxADYrXHekRfpkn8EyYmzeUXpWYtLtSHuYheeieO0oYK
PauFLcRA2kCS3ADceey1qt5lgYV3aLSAHJk3546kP6Hte3zSNQKmu4pGzKnB9/EB
svPRpes8HUjSQQ4V2U3i/XtdqJo6R3qOtOb6/1RxJ1/jPTzw45lt9IusmwVLbyu7
w4pj1PpN7lvIqsvb8iXsjVYORzUrm2WagltD3LxHqkZx0BbHVjO/Q9QZCwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHCRojTqUBF9QRvi9TC/FRsffD9fMB8GA1UdIwQY
MBaAFF7uDX5zCEpC5Mf3EY8jg/z/NpukMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgt
ZGRjMjY2NTY0NmNjLzEvY0pHaU5PcFFFWDFCRy1MMU1MOFZHeDk4UDE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni83ODQzMjEtOTlkZC00NzU0LWIyMDgtZGRjMjY2NTY0NmNj
LzEvWHU0TmZuTUlTa0xreF9jUmp5T0RfUDgybTZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwaBmAwQA
waBxAwQAwaCCMA0GCSqGSIb3DQEBCwUAA4IBAQBXCK+5FNW9EblniU4gcd2c096I
TBPWppRFRC6I7Qod9EhivDB+IF61aVnqtHjF36AZ6ZZ4AFuQ73GGwy8K0psk94tK
+gvVJlrr9DvtReDpHS5HXQoKVi4zQguNnTqoCQ1cPzFO/NbAdLUe7Pqj3nwOX3sQ
52DcXe0JowlLkBbDpliqZN8bN7W+yv2amhMjsK3zLu6hNXgL8Qrq8W7Go+8/u20Y
8Jd3fSc1UWbWKOX36FkH7HPYxR62UppwIw0il2QDZ7jZSlA1R1uVg0R51zwNSC0K
GbUPTvNJcwv7pA8rCEnkBju9cd/L/hcADRmbxIXtDSkQKJbJStWLO5tGmZ7D
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:40 2024 by rpki-client on console-fra.rpki-client.org