Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/cXSAI4huYp8suLfTLh7nt7_Y3eI.roa
File: cXSAI4huYp8suLfTLh7nt7_Y3eI.roa (raw, json)
Hash identifier: umCfPklIoWF+a3+HYz1ihzUaeEm6mS+nF0EflMnwdjY=
Subject key identifier: 71:74:80:23:88:6E:62:9F:2C:B8:B7:D3:2E:1E:E7:B7:BF:D8:DD:E2
Certificate issuer: /CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Certificate serial: 01856D01B8A4042388F8D112AB736BC2FFA6
Authority key identifier: 6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/cXSAI4huYp8suLfTLh7nt7_Y3eI.roa
Signing time: Sun 01 Jan 2023 11:05:07 +0000
ROA not before: Sun 01 Jan 2023 11:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204776
IP address blocks: 194.143.130.0/23 maxlen: 24
193.16.100.0/24 maxlen: 24
195.246.98.0/24 maxlen: 24
195.246.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:b8:a4:04:23:88:f8:d1:12:ab:73:6b:c2:ff:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d3ee1a52a5d65b9091de5a5b464fb97032d0e9b
Validity
Not Before: Jan 1 11:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71748023886e629f2cb8b7d32e1ee7b7bfd8dde2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a0:9f:42:98:ea:f6:4b:fc:70:38:ce:09:d9:
b6:91:3a:99:8c:e6:4c:aa:c2:b1:4b:63:7c:71:7a:
d2:23:39:e3:87:81:e7:92:02:b4:94:2d:48:10:34:
d3:c0:ce:0c:e8:60:95:22:dd:1f:40:1a:88:35:1c:
e2:7c:85:c3:ef:ec:8d:26:ff:5d:0a:45:8e:31:56:
3d:06:ad:29:84:13:96:5c:76:57:30:57:90:50:48:
b2:15:9e:73:21:5a:5a:cb:7c:bb:e5:64:56:b6:47:
45:a8:e5:f8:94:9a:ba:0f:42:9d:a9:81:f0:e1:a1:
42:b0:14:58:09:84:f8:ab:f7:d0:5b:92:26:d8:19:
88:15:d3:5f:80:ee:8a:37:04:c1:c2:11:ae:5c:91:
01:c8:1c:c7:01:a3:76:56:61:d4:d6:b0:1d:ec:63:
b8:28:f4:0a:52:90:93:f9:2a:66:18:51:a9:77:ce:
c5:31:32:fa:f1:09:ff:53:03:5b:8f:02:ea:3f:97:
7e:54:d0:46:60:35:a5:57:ec:be:8d:bd:8f:4f:dd:
bb:16:8b:f1:7c:03:f0:cc:cd:b7:a8:e0:b6:f1:ef:
6f:18:ad:cf:cc:7c:31:66:a8:ae:21:c7:c2:9a:77:
3f:3d:17:0b:35:cd:19:35:00:a5:98:91:5a:32:17:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:74:80:23:88:6E:62:9F:2C:B8:B7:D3:2E:1E:E7:B7:BF:D8:DD:E2
X509v3 Authority Key Identifier:
keyid:6D:3E:E1:A5:2A:5D:65:B9:09:1D:E5:A5:B4:64:FB:97:03:2D:0E:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bT7hpSpdZbkJHeWltGT7lwMtDps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/cXSAI4huYp8suLfTLh7nt7_Y3eI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/12e7d5-3a0f-4bc6-9611-05435efd8bf6/1/bT7hpSpdZbkJHeWltGT7lwMtDps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.100.0/24
194.143.130.0/23
195.246.98.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:0c:a0:04:c5:50:0f:1d:37:e7:42:c4:17:8b:5c:f8:dd:48:
8f:9e:27:ea:09:7a:04:b3:aa:a6:36:66:38:28:ab:0a:7f:07:
cd:96:01:10:c6:11:12:36:79:07:fb:cb:8a:4d:cc:66:0e:a6:
35:80:5f:40:46:95:38:59:6e:2e:26:bd:49:d2:44:4a:f9:b5:
0c:21:b6:8d:c0:64:78:e5:09:00:36:19:27:bb:88:41:57:1d:
0a:3c:c6:68:67:25:39:13:33:ab:dd:57:91:03:b2:a7:27:b6:
41:d1:59:6b:99:98:82:18:04:cc:36:4f:ef:f7:33:c1:d9:13:
a8:70:dc:28:87:b3:7d:48:b3:e5:bf:3d:c4:f5:4a:e1:1c:5b:
ad:ea:fe:58:4a:26:ff:32:fb:33:a5:fe:78:34:43:6f:10:b4:
c0:5f:0e:95:3a:6f:69:70:d9:65:99:dd:f8:11:de:a3:41:ff:
0c:ab:7c:29:b9:32:80:f1:d4:08:94:d5:f9:19:75:1c:e5:e1:
96:87:75:36:fc:af:d4:81:e3:c8:d9:c9:32:61:29:7c:3a:a4:
88:ee:1e:7b:6d:4b:c6:06:ff:e8:1f:f8:d3:66:fc:3e:c4:63:
7e:cc:25:44:4a:be:5e:06:a0:8e:4d:bc:17:d8:c8:a0:28:34:
44:19:e0:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtAbikBCOI+NESq3Nrwv+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkM2VlMWE1MmE1ZDY1YjkwOTFkZTVhNWI0NjRmYjk3MDMy
ZDBlOWIwHhcNMjMwMTAxMTEwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc0ODAyMzg4NmU2MjlmMmNiOGI3ZDMyZTFlZTdiN2JmZDhkZGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6CfQpjq9kv8cDjOCdm2kTqZjOZM
qsKxS2N8cXrSIznjh4HnkgK0lC1IEDTTwM4M6GCVIt0fQBqINRzifIXD7+yNJv9d
CkWOMVY9Bq0phBOWXHZXMFeQUEiyFZ5zIVpay3y75WRWtkdFqOX4lJq6D0KdqYHw
4aFCsBRYCYT4q/fQW5Im2BmIFdNfgO6KNwTBwhGuXJEByBzHAaN2VmHU1rAd7GO4
KPQKUpCT+SpmGFGpd87FMTL68Qn/UwNbjwLqP5d+VNBGYDWlV+y+jb2PT927Fovx
fAPwzM23qOC28e9vGK3PzHwxZqiuIcfCmnc/PRcLNc0ZNQClmJFaMhc3EQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHF0gCOIbmKfLLi30y4e57e/2N3iMB8GA1UdIwQY
MBaAFG0+4aUqXWW5CR3lpbRk+5cDLQ6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEt
MDU0MzVlZmQ4YmY2LzEvY1hTQUk0aHVZcDhzdUxmVExoN250N19ZM2VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMmU3ZDUtM2EwZi00YmM2LTk2MTEtMDU0MzVlZmQ4YmY2
LzEvYlQ3aHBTcGRaYmtKSGVXbHRHVDdsd010RHBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRBkAwQB
wo+CAwQBw/ZiMA0GCSqGSIb3DQEBCwUAA4IBAQB+DKAExVAPHTfnQsQXi1z43UiP
nifqCXoEs6qmNmY4KKsKfwfNlgEQxhESNnkH+8uKTcxmDqY1gF9ARpU4WW4uJr1J
0kRK+bUMIbaNwGR45QkANhknu4hBVx0KPMZoZyU5EzOr3VeRA7KnJ7ZB0VlrmZiC
GATMNk/v9zPB2ROocNwoh7N9SLPlvz3E9UrhHFut6v5YSib/Mvszpf54NENvELTA
Xw6VOm9pcNllmd34Ed6jQf8Mq3wpuTKA8dQIlNX5GXUc5eGWh3U2/K/UgePI2cky
YSl8OqSI7h57bUvGBv/oH/jTZvw+xGN+zCVESr5eBqCOTbwX2MigKDREGeCM
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:11 2024 by rpki-client on console-fra.rpki-client.org