Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cLGjwg-ClIt3Cfah2arCwdoAzG8.roa
File: cLGjwg-ClIt3Cfah2arCwdoAzG8.roa (raw, json)
Hash identifier: QUCzesF6YTlpi1yAqOWEH1oPdpJ9RvIO6488yVVPaUE=
Subject key identifier: 70:B1:A3:C2:0F:82:94:8B:77:09:F6:A1:D9:AA:C2:C1:DA:00:CC:6F
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018CC8DECB3A43C777DD9642C70788974757
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cLGjwg-ClIt3Cfah2arCwdoAzG8.roa
Signing time: Tue 02 Jan 2024 06:31:33 +0000
ROA not before: Tue 02 Jan 2024 06:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20668
IP address blocks: 193.3.55.0/24 maxlen: 24
193.56.144.0/24 maxlen: 24
62.3.28.0/24 maxlen: 24
93.190.122.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 14:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:cb:3a:43:c7:77:dd:96:42:c7:07:88:97:47:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 06:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70b1a3c20f82948b7709f6a1d9aac2c1da00cc6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d2:7c:a5:ad:1d:0b:eb:66:39:e5:e1:f3:31:
75:6a:60:ed:51:89:81:f3:5d:80:cc:1d:3e:3c:31:
79:3b:88:ff:a1:f5:f7:d5:b8:ad:bb:c0:8c:32:4a:
94:7c:fe:b4:33:1a:64:6c:61:8f:ff:ad:9a:42:81:
25:16:ea:9d:c4:6c:33:77:63:57:a8:40:3c:09:02:
ab:16:01:5d:6f:94:42:05:82:8d:2f:d0:8b:1d:5e:
4b:65:0a:10:a3:76:21:fb:11:5a:e8:66:e3:98:71:
31:fd:92:58:22:2b:60:e5:30:95:7a:7a:89:d3:ee:
de:a6:38:73:f1:ee:32:0d:21:39:14:68:05:ce:8a:
a0:60:78:ba:d7:19:4c:e9:1e:db:c7:26:52:e3:5f:
2b:c5:2f:b1:cb:11:e2:c8:9f:19:b5:1b:55:77:20:
bf:21:86:37:24:61:12:dd:fa:52:21:05:f2:c8:78:
76:a3:ee:c1:96:87:41:c3:b7:fa:13:0d:79:f8:50:
a8:7a:3e:ff:1c:ed:0e:a2:3d:f0:49:52:b8:b8:0f:
cf:92:d8:99:75:5f:28:d9:7e:e3:3d:bb:00:94:a6:
2a:66:da:31:1a:5c:10:ae:e5:76:f5:58:6d:54:f9:
92:b4:5c:fa:86:f8:63:66:41:5f:12:36:f3:bb:5b:
5c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B1:A3:C2:0F:82:94:8B:77:09:F6:A1:D9:AA:C2:C1:DA:00:CC:6F
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/cLGjwg-ClIt3Cfah2arCwdoAzG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.28.0/24
93.190.122.0/24
193.3.55.0/24
193.56.144.0/24
Signature Algorithm: sha256WithRSAEncryption
06:1c:31:d9:29:af:8a:2d:1e:1a:8b:87:53:7a:7f:9a:f4:be:
44:6e:84:37:25:03:79:f2:3f:83:05:95:75:5e:d8:04:f4:01:
bc:21:7b:18:b0:45:ad:95:83:70:4e:59:26:11:10:d1:83:c3:
85:6c:f8:e6:c1:9e:6e:9c:41:de:c6:9c:44:10:68:cf:a8:1b:
65:66:d8:b6:5f:14:03:e7:3a:47:17:95:9f:5d:ab:86:b5:46:
17:d7:96:44:cd:98:35:d4:50:ba:33:87:a0:29:6d:6e:71:9f:
b4:38:6b:f4:39:d9:34:d9:c6:d8:d6:27:a9:a2:17:56:30:2e:
e6:c5:9d:03:07:58:9d:5a:23:d6:38:ac:a4:21:8b:28:c3:4e:
11:c3:ad:1a:a7:0f:7b:ae:06:b4:15:6b:d2:f1:b3:d5:b6:83:
e5:a4:5f:b5:68:e9:dc:d0:0c:76:2c:1e:38:c9:af:d8:d5:1e:
b7:d7:31:7e:aa:df:0a:34:66:75:1a:a1:8d:a7:93:4d:84:c2:
5c:5e:18:b2:31:6a:6d:b4:34:6e:98:26:2a:b1:9a:2f:4d:cf:
f0:e4:b3:48:5f:3b:b7:64:ca:19:ff:db:77:82:cc:36:d4:b6:
3f:05:de:d3:9b:94:b2:19:ad:c1:b7:86:1e:b6:3e:d6:52:04:
90:ca:42:1b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3ss6Q8d33ZZCxweIl0dXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwMTAyMDYzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGIxYTNjMjBmODI5NDhiNzcwOWY2YTFkOWFhYzJjMWRhMDBjYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9J8pa0dC+tmOeXh8zF1amDtUYmB
812AzB0+PDF5O4j/ofX31bitu8CMMkqUfP60MxpkbGGP/62aQoElFuqdxGwzd2NX
qEA8CQKrFgFdb5RCBYKNL9CLHV5LZQoQo3Yh+xFa6GbjmHEx/ZJYIitg5TCVenqJ
0+7epjhz8e4yDSE5FGgFzoqgYHi61xlM6R7bxyZS418rxS+xyxHiyJ8ZtRtVdyC/
IYY3JGES3fpSIQXyyHh2o+7BlodBw7f6Ew15+FCoej7/HO0Ooj3wSVK4uA/PktiZ
dV8o2X7jPbsAlKYqZtoxGlwQruV29VhtVPmStFz6hvhjZkFfEjbzu1tcJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHCxo8IPgpSLdwn2odmqwsHaAMxvMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvY0xHandnLUNsSXQzQ2ZhaDJhckN3ZG9Bekc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPgMcAwQA
Xb56AwQAwQM3AwQAwTiQMA0GCSqGSIb3DQEBCwUAA4IBAQAGHDHZKa+KLR4ai4dT
en+a9L5EboQ3JQN58j+DBZV1XtgE9AG8IXsYsEWtlYNwTlkmERDRg8OFbPjmwZ5u
nEHexpxEEGjPqBtlZti2XxQD5zpHF5WfXauGtUYX15ZEzZg11FC6M4egKW1ucZ+0
OGv0Odk02cbY1iepohdWMC7mxZ0DB1idWiPWOKykIYsow04Rw60apw97rga0FWvS
8bPVtoPlpF+1aOnc0Ax2LB44ya/Y1R631zF+qt8KNGZ1GqGNp5NNhMJcXhiyMWpt
tDRumCYqsZovTc/w5LNIXzu3ZMoZ/9t3gsw21LY/Bd7Tm5SyGa3Bt4Yetj7WUgSQ
ykIb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:17 2025 by rpki-client