Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/cGeuVKHpXanxwjyt5YqV6r7NS80.roa
File: cGeuVKHpXanxwjyt5YqV6r7NS80.roa (raw, json)
Hash identifier: oBwea4+GnN3XfXRo2YFzDQjG5c/i7zZJYJIWOHBKjD0=
Subject key identifier: 70:67:AE:54:A1:E9:5D:A9:F1:C2:3C:AD:E5:8A:95:EA:BE:CD:4B:CD
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0186B5582FC126FF0D194741BB630BD228A1
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/cGeuVKHpXanxwjyt5YqV6r7NS80.roa
Signing time: Mon 06 Mar 2023 05:15:00 +0000
ROA not before: Mon 06 Mar 2023 05:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199785
IP address blocks: 194.113.233.0/24 maxlen: 24
193.37.70.0/24 maxlen: 24
193.37.71.0/24 maxlen: 24
80.66.89.0/24 maxlen: 24
80.66.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Mar 2023 11:28:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b5:58:2f:c1:26:ff:0d:19:47:41:bb:63:0b:d2:28:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Mar 6 05:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7067ae54a1e95da9f1c23cade58a95eabecd4bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d7:cc:17:0f:45:c5:40:a6:0b:46:2e:6d:ff:
c7:d8:82:23:8f:f7:3c:88:4d:09:4e:7f:7b:14:de:
b2:ab:5d:20:e0:e9:8e:34:c1:07:0e:fd:cc:b6:16:
cb:86:ad:32:96:e5:48:71:42:5a:1a:39:d8:4c:37:
00:fd:9e:9b:99:e9:95:40:55:43:d0:53:66:19:fb:
a0:61:f6:61:dd:f7:82:1c:29:92:fc:9e:96:c2:eb:
9c:39:49:57:f9:6b:69:be:1c:ba:0b:5d:d2:cc:32:
e8:67:57:f0:f2:a9:37:5f:45:61:f7:3a:56:87:7b:
07:10:75:f3:41:63:a1:c1:8f:59:1c:b7:b2:6d:0c:
b5:f6:3e:6a:8f:53:c1:90:41:ae:1c:d1:ba:28:67:
e3:ef:e4:cc:a7:96:be:ae:ec:88:91:fe:31:2e:bd:
ea:d7:89:1f:f5:cd:fe:7d:57:78:bc:83:1b:17:ba:
5c:2d:a2:0d:f0:d7:c8:1a:00:d4:18:be:cd:f9:3c:
a4:b5:a6:4b:3d:b9:f9:bd:49:8a:63:10:b8:2f:52:
fa:aa:62:f7:35:c5:a9:42:70:63:99:4a:8f:43:3c:
a5:a0:21:0b:7f:0d:5b:e2:94:34:bc:4e:b8:78:5c:
a4:b3:a5:1f:90:da:4f:20:3d:56:b1:a4:9e:a1:62:
ce:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:67:AE:54:A1:E9:5D:A9:F1:C2:3C:AD:E5:8A:95:EA:BE:CD:4B:CD
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/cGeuVKHpXanxwjyt5YqV6r7NS80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.87.0/24
80.66.89.0/24
193.37.70.0/23
194.113.233.0/24
Signature Algorithm: sha256WithRSAEncryption
90:55:4b:06:40:b7:24:4b:42:19:b6:be:2d:30:c0:b2:66:9f:
1b:36:21:e0:0e:18:93:a5:50:be:13:eb:7b:66:47:06:98:6c:
b4:78:5c:42:1c:05:a1:1c:36:0c:e0:aa:f2:8a:66:b7:02:e8:
a0:e4:d9:20:a2:81:8a:e7:ba:72:53:21:06:90:a6:06:4e:fb:
38:48:3e:83:96:27:86:10:be:77:a1:84:65:a7:c7:f1:82:eb:
ac:64:07:77:31:95:94:a8:94:75:e5:90:42:cb:4b:12:f8:30:
21:66:d6:6f:3e:3d:7a:4a:fe:88:77:9f:fc:79:f3:cc:8b:40:
d8:fe:a6:7c:04:98:b6:0d:e6:0e:be:a9:be:65:3f:e1:e3:4f:
73:c6:74:e4:96:e7:0e:ad:a9:c7:73:9d:ed:87:c3:8e:7b:e2:
e8:02:1e:c6:ba:f0:d2:5a:f5:ee:11:2e:11:37:ad:0e:6e:27:
ad:20:8c:84:8d:7d:5f:7b:72:40:a6:de:f1:d6:9d:a1:94:a4:
d6:98:e7:30:68:97:0c:0a:83:3f:4c:ba:e4:e8:45:5e:1c:59:
90:bf:fb:80:38:d3:3b:0e:a7:25:7b:73:64:b8:cf:a3:a3:63:
87:b2:8f:6b:6c:62:4a:17:ce:bc:9f:75:94:86:c2:61:d4:6b:
b9:31:df:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYa1WC/BJv8NGUdBu2ML0iihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMwMzA2MDUxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDY3YWU1NGExZTk1ZGE5ZjFjMjNjYWRlNThhOTVlYWJlY2Q0YmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltfMFw9FxUCmC0Yubf/H2IIjj/c8
iE0JTn97FN6yq10g4OmONMEHDv3MthbLhq0yluVIcUJaGjnYTDcA/Z6bmemVQFVD
0FNmGfugYfZh3feCHCmS/J6WwuucOUlX+Wtpvhy6C13SzDLoZ1fw8qk3X0Vh9zpW
h3sHEHXzQWOhwY9ZHLeybQy19j5qj1PBkEGuHNG6KGfj7+TMp5a+ruyIkf4xLr3q
14kf9c3+fVd4vIMbF7pcLaIN8NfIGgDUGL7N+TyktaZLPbn5vUmKYxC4L1L6qmL3
NcWpQnBjmUqPQzyloCELfw1b4pQ0vE64eFyks6UfkNpPID1WsaSeoWLOTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHBnrlSh6V2p8cI8reWKleq+zUvNMB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvY0dldVZLSHBYYW54d2p5dDVZcVY2cjdOUzgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUEJXAwQA
UEJZAwQBwSVGAwQAwnHpMA0GCSqGSIb3DQEBCwUAA4IBAQCQVUsGQLckS0IZtr4t
MMCyZp8bNiHgDhiTpVC+E+t7ZkcGmGy0eFxCHAWhHDYM4Kryima3Auig5NkgooGK
57pyUyEGkKYGTvs4SD6DlieGEL53oYRlp8fxguusZAd3MZWUqJR15ZBCy0sS+DAh
ZtZvPj16Sv6Id5/8efPMi0DY/qZ8BJi2DeYOvqm+ZT/h409zxnTklucOranHc53t
h8OOe+LoAh7GuvDSWvXuES4RN60ObietIIyEjX1fe3JApt7x1p2hlKTWmOcwaJcM
CoM/TLrk6EVeHFmQv/uAONM7Dqcle3NkuM+jo2OHso9rbGJKF868n3WUhsJh1Gu5
Md8G
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org