Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CokbEXehmrhnFMInrZX5OHrxsjo.roa
File: CokbEXehmrhnFMInrZX5OHrxsjo.roa (raw, json)
Hash identifier: TAbLbkAarXYGHWyT2tEJp7dH2KXBAe+MsjPN61UTNDM=
Subject key identifier: 0A:89:1B:11:77:A1:9A:B8:67:14:C2:27:AD:95:F9:38:7A:F1:B2:3A
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 018D0CED64D018AE6DD2C3575473E719A368
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CokbEXehmrhnFMInrZX5OHrxsjo.roa
Signing time: Mon 15 Jan 2024 11:41:40 +0000
ROA not before: Mon 15 Jan 2024 11:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.163.203.0/24 maxlen: 24
2a04:1bc0::/29 maxlen: 29
2a0f:cdc6:2001::/48 maxlen: 48
2a00:4080::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 15 Jan 2024 12:36:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:ed:64:d0:18:ae:6d:d2:c3:57:54:73:e7:19:a3:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Jan 15 11:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a891b1177a19ab86714c227ad95f9387af1b23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:31:55:f8:fd:9c:26:ad:c1:3f:23:33:2f:31:
0d:9f:a7:bb:f4:ef:cf:b8:30:85:93:16:62:8d:a2:
f5:de:16:4c:e7:ef:e8:96:f2:29:7e:59:24:b1:2e:
1a:52:95:e5:be:48:10:c2:17:ed:52:f7:27:59:71:
c2:44:5a:17:8c:06:fd:d5:31:c2:55:3f:b4:2f:f4:
06:0b:be:c9:39:e1:22:2b:6d:bf:f8:c4:50:4d:d8:
46:e6:a7:92:5f:37:80:ba:2a:1f:ac:3a:24:24:79:
4f:42:f6:8b:59:05:4d:ba:96:a6:6d:d1:e5:cd:1b:
11:88:a8:7a:cf:c8:a4:83:0f:ec:d5:5d:52:3e:36:
69:59:cf:4e:19:3a:0a:eb:d6:3d:52:2c:b0:bf:7c:
c9:8f:2f:08:36:33:b3:7b:10:13:4c:24:c3:6e:d3:
d7:4d:d0:b5:2f:11:6c:b7:47:f8:b4:d0:0f:b8:01:
e7:65:ef:06:03:a6:21:70:20:1e:9e:97:81:25:72:
22:9a:06:df:ec:e0:89:0d:ce:3d:94:80:98:99:51:
a5:67:e7:c6:fe:93:e3:50:7c:48:eb:93:4b:27:cc:
c3:18:ca:30:31:36:e0:34:d4:97:9d:cf:19:96:77:
46:40:4d:3b:8a:7b:c5:75:82:e7:47:a0:8d:a4:9e:
25:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:89:1B:11:77:A1:9A:B8:67:14:C2:27:AD:95:F9:38:7A:F1:B2:3A
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/CokbEXehmrhnFMInrZX5OHrxsjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.163.203.0/24
IPv6:
2a00:4080::/29
2a04:1bc0::/29
2a0f:cdc6:2001::/48
Signature Algorithm: sha256WithRSAEncryption
9a:d5:09:6d:84:03:13:6f:b2:a3:98:bc:37:5a:a6:a1:77:5b:
bd:07:48:72:e9:96:c4:77:7e:31:43:d3:87:03:bc:69:f5:a2:
db:d9:0a:f0:e6:49:03:96:4d:7e:91:3a:3b:5f:49:5a:3a:f3:
28:ee:84:77:a3:a9:12:65:3b:69:4c:a4:3b:2c:94:c9:e2:cc:
2a:7e:6e:f7:a9:54:9b:0b:a7:d3:ee:59:1c:4d:ff:f5:2f:72:
44:38:17:bb:75:0b:1e:90:4c:89:2e:9e:a8:11:93:39:02:ad:
18:df:a8:59:53:6f:97:db:78:8c:fd:3e:66:66:9d:1b:0b:bb:
2c:8c:6c:58:8f:c1:11:b1:be:bb:00:04:25:b3:47:9e:ee:5e:
00:98:c5:40:7c:9a:a6:55:69:58:11:35:9a:b5:b9:1e:d8:77:
0f:cb:d9:97:e3:96:db:b0:a9:aa:1f:29:d6:3b:dc:51:00:1b:
25:95:a9:09:95:90:2a:e0:17:f5:83:bc:cc:28:d5:22:ff:0e:
12:74:fe:f4:f9:25:83:05:d5:57:63:ca:78:c3:ed:7f:05:0c:
08:61:d7:4f:79:74:23:65:84:6a:b6:82:7d:29:38:76:36:62:
32:91:2a:ee:fc:4b:ec:87:8d:d9:2d:9a:9c:77:64:bb:bf:89:
62:6a:7d:15
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY0M7WTQGK5t0sNXVHPnGaNoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwMTE1MTE0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTg5MWIxMTc3YTE5YWI4NjcxNGMyMjdhZDk1ZjkzODdhZjFiMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDFV+P2cJq3BPyMzLzENn6e79O/P
uDCFkxZijaL13hZM5+/olvIpflkksS4aUpXlvkgQwhftUvcnWXHCRFoXjAb91THC
VT+0L/QGC77JOeEiK22/+MRQTdhG5qeSXzeAuiofrDokJHlPQvaLWQVNupambdHl
zRsRiKh6z8ikgw/s1V1SPjZpWc9OGToK69Y9Uiywv3zJjy8INjOzexATTCTDbtPX
TdC1LxFst0f4tNAPuAHnZe8GA6YhcCAenpeBJXIimgbf7OCJDc49lICYmVGlZ+fG
/pPjUHxI65NLJ8zDGMowMTbgNNSXnc8ZlndGQE07invFdYLnR6CNpJ4l2QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFAqJGxF3oZq4ZxTCJ62V+Th68bI6MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvQ29rYkVYZWhtcmhuRk1JbnJaWDVPSHJ4c2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAMBAIAATAGAwQAwaPLMB0E
AgACMBcDBQMqAECAAwUDKgQbwAMHACoPzcYgATANBgkqhkiG9w0BAQsFAAOCAQEA
mtUJbYQDE2+yo5i8N1qmoXdbvQdIcumWxHd+MUPThwO8afWi29kK8OZJA5ZNfpE6
O19JWjrzKO6Ed6OpEmU7aUykOyyUyeLMKn5u96lUmwun0+5ZHE3/9S9yRDgXu3UL
HpBMiS6eqBGTOQKtGN+oWVNvl9t4jP0+ZmadGwu7LIxsWI/BEbG+uwAEJbNHnu5e
AJjFQHyaplVpWBE1mrW5Hth3D8vZl+OW27Cpqh8p1jvcUQAbJZWpCZWQKuAX9YO8
zCjVIv8OEnT+9PklgwXVV2PKeMPtfwUMCGHXT3l0I2WEaraCfSk4djZiMpEq7vxL
7IeN2S2anHdku7+JYmp9FQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:53 2024 by rpki-client on console-ams.rpki-client.org