Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/CuVlkO5jzXGBNF3hwpuGLOseiDY.roa
File: CuVlkO5jzXGBNF3hwpuGLOseiDY.roa (raw, json)
Hash identifier: 5sirmuEixzSGvKzEOvI0txK+tr4w4O7SPyu39Yvb2Uo=
Subject key identifier: 0A:E5:65:90:EE:63:CD:71:81:34:5D:E1:C2:9B:86:2C:EB:1E:88:36
Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Certificate serial: 018CC4251F5608C1FCA6C65669617744F1EE
Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/CuVlkO5jzXGBNF3hwpuGLOseiDY.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 213.158.90.0/23 maxlen: 24
213.158.92.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Apr 2024 09:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1f:56:08:c1:fc:a6:c6:56:69:61:77:44:f1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ae56590ee63cd7181345de1c29b862ceb1e8836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:42:5d:94:17:98:a3:ea:eb:b9:f8:a9:e4:8b:
7a:f9:8b:0f:a6:66:ef:b4:59:25:c9:83:28:4f:4c:
45:19:45:8a:84:03:bb:95:78:7c:e4:36:86:0f:fd:
54:a9:a8:89:5c:85:0c:a6:a0:a8:78:3b:24:ad:f0:
7d:54:de:13:c8:e9:aa:78:78:24:5e:af:73:92:4e:
c2:93:36:55:cd:da:e9:5d:4c:8f:87:c9:e7:8f:6e:
9f:b1:b8:88:31:d7:0e:df:02:af:9f:aa:ae:e8:e5:
bc:ae:41:34:bd:c2:da:20:e0:3b:3f:98:f9:2e:6f:
46:0b:5a:3e:7a:ff:bc:10:f7:d0:1d:72:ad:7e:95:
3f:ad:fa:11:57:a4:4d:d0:a6:65:12:e2:30:40:bb:
4e:27:e6:ae:84:95:6b:c2:57:a9:56:ae:7e:0c:11:
06:c3:df:3b:9c:43:fc:d7:ad:fc:53:da:6a:52:7e:
29:b9:4e:fc:cb:f3:7b:33:c2:6d:dd:fe:98:36:5b:
94:96:62:5d:6d:df:1e:da:34:eb:6e:63:2a:06:94:
3b:2b:bd:7b:5a:6c:b4:e4:4d:e8:0b:ca:ec:7c:5e:
6e:67:9e:53:14:7d:20:3f:ee:69:93:5e:1e:ea:5a:
aa:54:5a:2d:1c:d4:66:7d:2d:b3:c5:07:4b:dc:cc:
f2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E5:65:90:EE:63:CD:71:81:34:5D:E1:C2:9B:86:2C:EB:1E:88:36
X509v3 Authority Key Identifier:
keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/CuVlkO5jzXGBNF3hwpuGLOseiDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.90.0-213.158.95.255
Signature Algorithm: sha256WithRSAEncryption
55:34:a5:e1:65:15:e9:45:ad:0c:89:3e:eb:de:72:81:d9:5b:
e6:2e:4c:45:a4:32:36:a8:5a:99:ce:ad:4f:b7:d2:66:1b:e4:
1b:3d:39:40:2e:15:ae:a5:3d:e7:f0:65:89:d8:5e:ae:44:e1:
9c:01:4a:68:0b:65:b8:03:0b:77:4c:b8:92:d2:d9:2b:63:61:
90:dc:26:55:75:3e:99:00:49:1d:40:85:e3:ac:9c:e8:c3:34:
dd:91:36:cb:17:60:1b:44:c6:46:b1:cb:8f:c2:c5:4b:bf:e9:
40:60:e7:57:41:75:99:c5:8b:5c:39:52:f4:ac:cd:c6:11:f8:
27:ff:0f:e4:f3:cd:e7:a9:80:d6:9c:41:04:25:ad:25:59:1a:
3c:1b:59:f6:37:61:e7:1e:bb:fb:47:0f:56:a5:f4:99:1a:84:
88:92:b8:1e:24:e1:40:84:58:bc:48:78:98:0e:ec:fb:75:9b:
f9:07:e3:78:e7:75:0f:36:e7:35:8c:a6:80:27:a5:9c:87:30:
cf:ce:3c:6d:c8:99:e7:91:6e:4f:ae:fb:36:4a:be:60:da:ba:
48:30:84:36:c6:b2:12:3d:48:29:a4:28:ca:a4:64:98:93:fa:
e6:2c:db:ae:2f:de:a0:31:82:e3:53:61:c6:15:b1:67:7c:49:
8f:a0:f5:3d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJR9WCMH8psZWaWF3RPHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm
Y2FhOWYwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1NjU5MGVlNjNjZDcxODEzNDVkZTFjMjliODYyY2ViMWU4ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEJdlBeYo+rrufip5It6+YsPpmbv
tFklyYMoT0xFGUWKhAO7lXh85DaGD/1UqaiJXIUMpqCoeDskrfB9VN4TyOmqeHgk
Xq9zkk7CkzZVzdrpXUyPh8nnj26fsbiIMdcO3wKvn6qu6OW8rkE0vcLaIOA7P5j5
Lm9GC1o+ev+8EPfQHXKtfpU/rfoRV6RN0KZlEuIwQLtOJ+auhJVrwlepVq5+DBEG
w987nEP81638U9pqUn4puU78y/N7M8Jt3f6YNluUlmJdbd8e2jTrbmMqBpQ7K717
Wmy05E3oC8rsfF5uZ55TFH0gP+5pk14e6lqqVFotHNRmfS2zxQdL3Mzy5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFArlZZDuY81xgTRd4cKbhizrHog2MB8GA1UdIwQY
MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt
YmM1YjY5MTQ0NTg3LzEvQ3VWbGtPNWp6WEdCTkYzaHdwdUdMT3NlaURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3
LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAHVnloD
BAXVnkAwDQYJKoZIhvcNAQELBQADggEBAFU0peFlFelFrQyJPuvecoHZW+YuTEWk
MjaoWpnOrU+30mYb5Bs9OUAuFa6lPefwZYnYXq5E4ZwBSmgLZbgDC3dMuJLS2Stj
YZDcJlV1PpkASR1AheOsnOjDNN2RNssXYBtExkaxy4/CxUu/6UBg51dBdZnFi1w5
UvSszcYR+Cf/D+TzzeepgNacQQQlrSVZGjwbWfY3Yeceu/tHD1al9JkahIiSuB4k
4UCEWLxIeJgO7Pt1m/kH43jndQ825zWMpoAnpZyHMM/OPG3ImeeRbk+u+zZKvmDa
ukgwhDbGshI9SCmkKMqkZJiT+uYs264v3qAxguNTYcYVsWd8SY+g9T0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:04 2024 by rpki-client on console-fra.rpki-client.org