Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/C2W0E9I0I76NSKxk3bQi5f1127c.roa
File: C2W0E9I0I76NSKxk3bQi5f1127c.roa (raw, json)
Hash identifier: spJHtCnCeJZrwufbk1XZ86yUN+dqamcpM5F7qAE2flw=
Subject key identifier: 0B:65:B4:13:D2:34:23:BE:8D:48:AC:64:DD:B4:22:E5:FD:75:DB:B7
Certificate issuer: /CN=2219b59dc2e9f34b255230e562a3cca61daeb155
Certificate serial: 01856D41A386497ADA7B078ABFE335C21214
Authority key identifier: 22:19:B5:9D:C2:E9:F3:4B:25:52:30:E5:62:A3:CC:A6:1D:AE:B1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ihm1ncLp80slUjDlYqPMph2usVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/C2W0E9I0I76NSKxk3bQi5f1127c.roa
Signing time: Sun 01 Jan 2023 12:14:56 +0000
ROA not before: Sun 01 Jan 2023 12:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44030
IP address blocks: 176.99.64.0/19 maxlen: 19
195.2.232.0/23 maxlen: 23
2001:67c:2084::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a3:86:49:7a:da:7b:07:8a:bf:e3:35:c2:12:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2219b59dc2e9f34b255230e562a3cca61daeb155
Validity
Not Before: Jan 1 12:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b65b413d23423be8d48ac64ddb422e5fd75dbb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:07:96:7c:bc:77:f8:5c:75:26:cc:c8:d3:15:
38:aa:4b:41:ba:87:8b:ff:13:55:a2:60:43:cb:6d:
66:99:6d:d6:44:2a:8a:64:fe:68:d5:36:44:65:8d:
0f:ef:0e:be:dd:87:bd:a6:42:e2:9b:93:e9:80:a1:
5a:d4:08:c9:b9:9c:b0:9e:c8:9f:d4:8b:b5:ed:86:
27:f2:1f:15:a2:c5:6e:99:11:f0:71:34:b8:61:fc:
f2:71:aa:6b:23:64:c4:aa:44:6b:26:88:94:83:04:
40:b2:a9:cc:57:8e:b6:83:fe:cc:f5:73:d7:ae:49:
7b:94:c6:61:11:3a:3d:4f:42:3e:eb:b1:5c:88:1e:
68:19:a6:5c:92:26:5b:4d:f8:74:d4:0f:23:ab:37:
9b:62:c5:e5:1c:b6:a0:2c:a6:49:46:ef:9c:e9:e0:
08:1e:11:76:f9:fc:02:db:11:95:bc:db:75:e2:17:
87:e3:ac:76:0b:6f:3c:c4:0d:a3:67:55:e7:47:c3:
63:68:63:8e:6b:d0:a4:a7:bb:9a:65:f2:1f:23:aa:
e1:47:95:c5:2c:b0:86:9f:80:03:bb:00:5c:e6:cb:
5d:62:1d:a6:c7:51:c5:83:8a:5f:5c:aa:a7:82:e0:
46:73:8d:4f:c5:be:26:a3:de:b3:38:35:78:8b:2c:
8d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:65:B4:13:D2:34:23:BE:8D:48:AC:64:DD:B4:22:E5:FD:75:DB:B7
X509v3 Authority Key Identifier:
keyid:22:19:B5:9D:C2:E9:F3:4B:25:52:30:E5:62:A3:CC:A6:1D:AE:B1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ihm1ncLp80slUjDlYqPMph2usVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/C2W0E9I0I76NSKxk3bQi5f1127c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/3bb3a8-1c3e-4154-90a9-006de0fa5342/1/Ihm1ncLp80slUjDlYqPMph2usVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.99.64.0/19
195.2.232.0/23
IPv6:
2001:67c:2084::/48
Signature Algorithm: sha256WithRSAEncryption
7f:67:6e:fa:f3:b7:38:21:1e:36:04:8c:df:e3:99:cb:a8:c7:
e9:b9:f6:78:49:d0:35:6c:46:13:e4:85:eb:c4:d8:a4:82:23:
84:91:94:ad:8e:f6:ae:2e:c9:5a:34:7c:db:a6:bd:72:0b:4e:
16:19:7c:62:26:59:e6:13:5e:d3:f0:b1:24:34:c3:5e:f1:91:
75:d0:71:0d:77:b0:61:cb:29:2a:46:55:d4:3b:59:4e:c7:56:
34:a9:a5:24:d7:d1:76:da:e0:b9:b6:83:c9:21:65:9b:79:78:
6f:ff:d0:8a:9e:81:45:0f:fc:30:92:19:23:bb:68:91:cc:7e:
dd:15:0f:49:45:dc:b9:aa:d1:ec:d0:42:06:6a:84:b2:8e:bb:
5c:2f:fc:d9:a3:45:f0:d4:36:86:7f:ed:67:ce:54:e0:3f:60:
5b:20:aa:67:e8:3b:1f:9a:56:6e:f8:2c:f0:38:62:95:0a:84:
79:66:8b:71:2d:20:3a:fc:6e:f6:2e:55:bd:91:5d:10:e8:ce:
19:5c:f6:9b:71:f6:e9:ba:15:f8:0c:da:4c:4d:f5:07:76:24:
6a:0d:13:58:af:f0:50:d8:d9:c9:ef:62:dd:84:b0:d8:52:2c:
4a:e5:cb:3f:15:1a:b8:c6:dd:3c:8b:5a:56:57:ec:54:8e:74:
b4:03:71:ee
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVtQaOGSXraeweKv+M1whIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMTliNTlkYzJlOWYzNGIyNTUyMzBlNTYyYTNjY2E2MWRh
ZWIxNTUwHhcNMjMwMTAxMTIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjY1YjQxM2QyMzQyM2JlOGQ0OGFjNjRkZGI0MjJlNWZkNzVkYmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogeWfLx3+Fx1JszI0xU4qktBuoeL
/xNVomBDy21mmW3WRCqKZP5o1TZEZY0P7w6+3Ye9pkLim5PpgKFa1AjJuZywnsif
1Iu17YYn8h8VosVumRHwcTS4YfzycaprI2TEqkRrJoiUgwRAsqnMV462g/7M9XPX
rkl7lMZhETo9T0I+67FciB5oGaZckiZbTfh01A8jqzebYsXlHLagLKZJRu+c6eAI
HhF2+fwC2xGVvNt14heH46x2C288xA2jZ1XnR8NjaGOOa9Ckp7uaZfIfI6rhR5XF
LLCGn4ADuwBc5stdYh2mx1HFg4pfXKqnguBGc41Pxb4mo96zODV4iyyNLQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAtltBPSNCO+jUisZN20IuX9ddu3MB8GA1UdIwQY
MBaAFCIZtZ3C6fNLJVIw5WKjzKYdrrFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWhtMW5jTHA4MHNsVWpEbFlxUE1waDJ1c1ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8zYmIzYTgtMWMzZS00MTU0LTkwYTkt
MDA2ZGUwZmE1MzQyLzEvQzJXMEU5STBJNzZOU0t4azNiUWk1ZjExMjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8zYmIzYTgtMWMzZS00MTU0LTkwYTktMDA2ZGUwZmE1MzQy
LzEvSWhtMW5jTHA4MHNsVWpEbFlxUE1waDJ1c1ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQFsGNAAwQB
wwLoMA8EAgACMAkDBwAgAQZ8IIQwDQYJKoZIhvcNAQELBQADggEBAH9nbvrztzgh
HjYEjN/jmcuox+m59nhJ0DVsRhPkhevE2KSCI4SRlK2O9q4uyVo0fNumvXILThYZ
fGImWeYTXtPwsSQ0w17xkXXQcQ13sGHLKSpGVdQ7WU7HVjSppSTX0Xba4Lm2g8kh
ZZt5eG//0IqegUUP/DCSGSO7aJHMft0VD0lF3Lmq0ezQQgZqhLKOu1wv/NmjRfDU
NoZ/7WfOVOA/YFsgqmfoOx+aVm74LPA4YpUKhHlmi3EtIDr8bvYuVb2RXRDozhlc
9ptx9um6FfgM2kxN9Qd2JGoNE1iv8FDY2cnvYt2EsNhSLErlyz8VGrjG3TyLWlZX
7FSOdLQDce4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:22 2024 by rpki-client on console-fra.rpki-client.org