Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ChVEOgVi9wKzDrI_M9qwOKPJABE.roa
File: ChVEOgVi9wKzDrI_M9qwOKPJABE.roa (raw, json)
Hash identifier: hWawC35ATv3ePKozq0/d3MXtfiNgtj4HdcIBe/LzRc4=
Subject key identifier: 0A:15:44:3A:05:62:F7:02:B3:0E:B2:3F:33:DA:B0:38:A3:C9:00:11
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01856B4A398D58C7ABE4178CA7530981506D
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ChVEOgVi9wKzDrI_M9qwOKPJABE.roa
Signing time: Sun 01 Jan 2023 03:05:04 +0000
ROA not before: Sun 01 Jan 2023 03:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197998
IP address blocks: 141.101.207.0/24 maxlen: 24
141.101.212.0/23 maxlen: 23
141.101.214.0/23 maxlen: 23
141.101.140.0/23 maxlen: 23
37.230.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:4a:39:8d:58:c7:ab:e4:17:8c:a7:53:09:81:50:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a15443a0562f702b30eb23f33dab038a3c90011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cd:07:9c:85:2d:c8:11:f9:0d:a6:14:51:3b:
cd:06:7f:ae:11:40:19:bb:41:d5:02:ab:f4:36:6d:
4d:ec:c5:21:5d:a6:1c:e5:01:ed:e7:90:57:2d:d9:
aa:96:53:2a:f5:3b:96:ea:ec:1a:6d:b2:27:51:94:
9b:94:d6:67:d5:4f:94:1e:f9:89:d9:6a:39:39:29:
e3:26:fa:83:3b:21:4d:8c:0f:b1:92:bb:d8:34:d8:
40:53:50:3f:b3:ee:b5:a4:8f:b1:6f:2c:6f:15:01:
c2:36:7b:63:68:f4:12:b7:4f:75:58:d9:05:09:99:
5a:b4:e3:2f:21:3a:fa:31:29:da:d7:a4:c8:f4:50:
99:fa:1d:c5:bf:b7:36:30:28:40:84:f9:83:98:16:
15:58:3d:70:d6:01:6c:18:94:b6:d1:d7:f9:33:c5:
d6:31:80:f7:f9:4a:f5:c0:39:c5:af:a9:14:a7:5e:
35:ed:e4:e3:e8:71:bb:c1:d8:d4:68:53:65:af:a7:
0e:b2:ea:43:9d:30:9f:7f:24:02:eb:74:df:4c:b8:
cc:56:d7:14:6b:47:fa:f0:6e:bd:ab:d7:c4:a4:73:
f0:36:d5:3e:89:9b:ed:b4:ff:1e:81:a3:10:3a:f3:
0a:35:d2:43:55:ac:91:58:d2:33:67:07:35:50:79:
40:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:15:44:3A:05:62:F7:02:B3:0E:B2:3F:33:DA:B0:38:A3:C9:00:11
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/ChVEOgVi9wKzDrI_M9qwOKPJABE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.223.0/24
141.101.140.0/23
141.101.207.0/24
141.101.212.0/22
Signature Algorithm: sha256WithRSAEncryption
29:6a:15:d6:6f:9e:17:11:25:94:43:a1:f7:15:44:07:02:90:
4a:b9:bc:df:06:d0:c7:f4:5a:33:5c:81:bb:84:7a:d0:e0:4d:
c0:56:ea:52:a5:c9:f1:f0:82:29:1f:3b:30:54:66:56:6f:e6:
57:f8:12:78:d8:28:56:3c:91:2b:ea:75:e6:b7:22:56:1d:66:
c0:64:29:3c:7d:b0:8d:3d:6b:d1:ff:6b:cd:2f:96:04:c9:fb:
83:de:4c:bb:51:27:69:b4:de:79:70:0a:0f:b9:81:76:64:28:
cb:8d:30:8e:46:dc:a4:ca:8e:1d:8a:c4:7f:a2:77:82:3d:bf:
41:19:ee:7a:0b:78:58:98:09:2c:3c:9b:3e:f7:8f:6b:80:17:
61:47:49:14:21:1e:4a:5f:91:e1:bc:a0:52:76:db:d7:2f:af:
31:76:18:86:09:e2:b8:a3:2c:44:87:bb:65:56:80:21:59:29:
01:97:d6:4c:4c:4a:04:cc:b7:ac:65:a5:d0:1d:9f:5b:90:45:
ac:75:f6:99:9b:b6:e7:62:81:ee:fd:53:2e:b0:36:5d:68:b6:
44:c1:64:81:49:51:a8:5b:a8:e6:cf:9e:c2:b3:7e:10:35:33:
46:15:70:ba:39:18:85:05:00:7a:46:8b:7b:f0:0b:33:75:7d:
b8:0e:4d:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVrSjmNWMer5BeMp1MJgVBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjMwMTAxMDMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE1NDQzYTA1NjJmNzAyYjMwZWIyM2YzM2RhYjAzOGEzYzkwMDExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc0HnIUtyBH5DaYUUTvNBn+uEUAZ
u0HVAqv0Nm1N7MUhXaYc5QHt55BXLdmqllMq9TuW6uwabbInUZSblNZn1U+UHvmJ
2Wo5OSnjJvqDOyFNjA+xkrvYNNhAU1A/s+61pI+xbyxvFQHCNntjaPQSt091WNkF
CZlatOMvITr6MSna16TI9FCZ+h3Fv7c2MChAhPmDmBYVWD1w1gFsGJS20df5M8XW
MYD3+Ur1wDnFr6kUp1417eTj6HG7wdjUaFNlr6cOsupDnTCffyQC63TfTLjMVtcU
a0f68G69q9fEpHPwNtU+iZvttP8egaMQOvMKNdJDVayRWNIzZwc1UHlAMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAoVRDoFYvcCsw6yPzPasDijyQARMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvQ2hWRU9nVmk5d0t6RHJJX005cXdPS1BKQUJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJebfAwQB
jWWMAwQAjWXPAwQCjWXUMA0GCSqGSIb3DQEBCwUAA4IBAQApahXWb54XESWUQ6H3
FUQHApBKubzfBtDH9FozXIG7hHrQ4E3AVupSpcnx8IIpHzswVGZWb+ZX+BJ42ChW
PJEr6nXmtyJWHWbAZCk8fbCNPWvR/2vNL5YEyfuD3ky7USdptN55cAoPuYF2ZCjL
jTCORtykyo4disR/oneCPb9BGe56C3hYmAksPJs+949rgBdhR0kUIR5KX5HhvKBS
dtvXL68xdhiGCeK4oyxEh7tlVoAhWSkBl9ZMTEoEzLesZaXQHZ9bkEWsdfaZm7bn
YoHu/VMusDZdaLZEwWSBSVGoW6jmz57Cs34QNTNGFXC6ORiFBQB6Rot78AszdX24
Dk2j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org