Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/d54e81-3317-4283-b45f-c81743b2cae6/1/CLprRcg0CTcvNvC3FjdOVLq2Wqo.roa
File: CLprRcg0CTcvNvC3FjdOVLq2Wqo.roa (raw, json)
Hash identifier: ytJdcR1bAhM5mUsY7kaZsuVHttrw2QvOMzswLV+xi5c=
Subject key identifier: 08:BA:6B:45:C8:34:09:37:2F:36:F0:B7:16:37:4E:54:BA:B6:5A:AA
Certificate issuer: /CN=9b67c02de7fc8d11a1afe7ae62c5854d17767553
Certificate serial: 018F3EE131EDD4CBFD1E85CDFC9E218D5572
Authority key identifier: 9B:67:C0:2D:E7:FC:8D:11:A1:AF:E7:AE:62:C5:85:4D:17:76:75:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2fALef8jRGhr-euYsWFTRd2dVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/d54e81-3317-4283-b45f-c81743b2cae6/1/CLprRcg0CTcvNvC3FjdOVLq2Wqo.roa
Signing time: Fri 03 May 2024 14:34:56 +0000
ROA not before: Fri 03 May 2024 14:34:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208065
IP address blocks: 193.8.40.0/22 maxlen: 22
193.8.40.0/23 maxlen: 23
193.8.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 11:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3e:e1:31:ed:d4:cb:fd:1e:85:cd:fc:9e:21:8d:55:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b67c02de7fc8d11a1afe7ae62c5854d17767553
Validity
Not Before: May 3 14:34:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08ba6b45c83409372f36f0b716374e54bab65aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:d8:e8:d9:37:dd:69:06:de:a5:be:76:9a:
66:f2:6e:aa:37:fa:83:7c:65:c2:6e:b0:4b:a8:de:
f0:1f:f0:8f:d9:4d:b3:a9:88:16:75:21:0a:e4:f4:
12:e4:09:6c:d3:29:78:e6:f4:0e:fd:3d:bc:1f:c0:
25:1c:04:26:f4:c4:1a:6f:5b:a1:7d:83:ea:7f:69:
bb:3c:92:7b:3a:db:1b:95:eb:85:e7:06:61:c8:56:
91:fa:02:26:59:92:17:5a:b3:99:c1:2e:16:1b:ac:
ae:ed:87:fe:81:01:6d:ff:bf:86:66:b0:62:04:b4:
6d:77:d2:de:4a:99:f4:12:41:8d:89:a1:99:51:b4:
45:50:ce:dd:73:94:e2:ab:50:2a:19:be:65:6e:80:
65:1a:59:98:34:f0:eb:74:9c:f2:ab:78:f7:58:93:
d8:1f:cb:93:1b:77:22:3b:4b:a4:4b:3f:3b:31:70:
4d:e6:ae:a6:08:5b:6e:cd:78:41:bb:b7:20:34:1e:
3c:4e:09:06:05:22:0f:02:41:90:86:0d:86:b6:39:
83:ae:50:23:b6:a9:d0:6b:e8:a1:59:6e:8d:d0:6c:
22:b7:76:53:f7:73:de:c8:f1:e5:9c:18:cf:0c:df:
9b:18:5c:e2:21:7d:e0:38:75:2d:03:5b:6a:7c:33:
e3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:BA:6B:45:C8:34:09:37:2F:36:F0:B7:16:37:4E:54:BA:B6:5A:AA
X509v3 Authority Key Identifier:
keyid:9B:67:C0:2D:E7:FC:8D:11:A1:AF:E7:AE:62:C5:85:4D:17:76:75:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2fALef8jRGhr-euYsWFTRd2dVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d54e81-3317-4283-b45f-c81743b2cae6/1/CLprRcg0CTcvNvC3FjdOVLq2Wqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/d54e81-3317-4283-b45f-c81743b2cae6/1/m2fALef8jRGhr-euYsWFTRd2dVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.8.40.0-193.8.44.255
Signature Algorithm: sha256WithRSAEncryption
44:b4:85:bf:a5:ff:b6:39:2e:b9:94:bd:e1:26:4f:b9:54:2a:
5b:02:b7:4e:fb:c9:9e:ad:d4:f8:33:14:2a:06:35:e7:33:be:
82:cf:4d:f5:35:1b:22:27:1e:4f:c9:43:08:e2:bd:7d:73:e8:
17:fc:85:28:36:6f:45:9f:b6:73:86:f1:d0:73:84:27:3b:29:
2b:59:bc:00:e0:39:1c:57:be:77:06:4c:09:73:fb:0b:a1:87:
3c:aa:b4:76:1d:ab:6b:ce:84:ce:77:e0:76:3e:54:54:ff:38:
85:43:0e:6f:4b:ba:25:db:44:cb:77:b1:a3:78:ea:9f:fd:ca:
07:24:fa:e6:55:21:73:76:c8:b9:c3:d5:6e:e8:44:55:8a:38:
70:1c:35:ec:bb:20:5f:1b:d5:72:7d:35:73:fd:f0:5b:e5:9c:
95:4c:b4:91:c4:b6:97:65:2f:6f:d5:93:03:51:14:ae:00:5f:
3f:60:43:3a:dc:37:51:f1:33:42:06:c7:60:d5:75:68:67:08:
a6:49:db:c9:57:e4:69:08:45:96:1c:92:cc:49:55:1a:95:ac:
01:c0:8d:66:ed:77:d7:d2:d7:15:57:21:a9:8f:79:97:09:83:
e2:35:28:26:00:1a:ee:cc:71:79:55:6d:44:40:63:64:9e:13:
73:d4:3f:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY8+4THt1Mv9HoXN/J4hjVVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjdjMDJkZTdmYzhkMTFhMWFmZTdhZTYyYzU4NTRkMTc3
Njc1NTMwHhcNMjQwNTAzMTQzNDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGJhNmI0NWM4MzQwOTM3MmYzNmYwYjcxNjM3NGU1NGJhYjY1YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw/Y6Nk33WkG3qW+dppm8m6qN/qD
fGXCbrBLqN7wH/CP2U2zqYgWdSEK5PQS5Als0yl45vQO/T28H8AlHAQm9MQab1uh
fYPqf2m7PJJ7OtsbleuF5wZhyFaR+gImWZIXWrOZwS4WG6yu7Yf+gQFt/7+GZrBi
BLRtd9LeSpn0EkGNiaGZUbRFUM7dc5Tiq1AqGb5lboBlGlmYNPDrdJzyq3j3WJPY
H8uTG3ciO0ukSz87MXBN5q6mCFtuzXhBu7cgNB48TgkGBSIPAkGQhg2GtjmDrlAj
tqnQa+ihWW6N0Gwit3ZT93PeyPHlnBjPDN+bGFziIX3gOHUtA1tqfDPjGwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAi6a0XINAk3LzbwtxY3TlS6tlqqMB8GA1UdIwQY
MBaAFJtnwC3n/I0Roa/nrmLFhU0XdnVTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJmQUxlZjhqUkdoci1ldVlzV0ZUUmQyZFZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9kNTRlODEtMzMxNy00MjgzLWI0NWYt
YzgxNzQzYjJjYWU2LzEvQ0xwclJjZzBDVGN2TnZDM0ZqZE9WTHEyV3FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9kNTRlODEtMzMxNy00MjgzLWI0NWYtYzgxNzQzYjJjYWU2
LzEvbTJmQUxlZjhqUkdoci1ldVlzV0ZUUmQyZFZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAPBCCgD
BADBCCwwDQYJKoZIhvcNAQELBQADggEBAES0hb+l/7Y5LrmUveEmT7lUKlsCt077
yZ6t1PgzFCoGNeczvoLPTfU1GyInHk/JQwjivX1z6Bf8hSg2b0WftnOG8dBzhCc7
KStZvADgORxXvncGTAlz+wuhhzyqtHYdq2vOhM534HY+VFT/OIVDDm9LuiXbRMt3
saN46p/9ygck+uZVIXN2yLnD1W7oRFWKOHAcNey7IF8b1XJ9NXP98FvlnJVMtJHE
tpdlL2/VkwNRFK4AXz9gQzrcN1HxM0IGx2DVdWhnCKZJ28lX5GkIRZYcksxJVRqV
rAHAjWbtd9fS1xVXIamPeZcJg+I1KCYAGu7McXlVbURAY2SeE3PUP84=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:16 2024 by rpki-client on console-fra.rpki-client.org