Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/Czie1WrmYEzi2EYcOQrP1cbbRAM.roa
File: Czie1WrmYEzi2EYcOQrP1cbbRAM.roa (raw, json)
Hash identifier: 4Ip2QBkm6qDFPGUpl7gFkTLFapfLH/4ouPwkB4PbSa4=
Subject key identifier: 0B:38:9E:D5:6A:E6:60:4C:E2:D8:46:1C:39:0A:CF:D5:C6:DB:44:03
Certificate issuer: /CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Certificate serial: 01857042827E77A28590EDBFB0356A149FF6
Authority key identifier: D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/Czie1WrmYEzi2EYcOQrP1cbbRAM.roa
Signing time: Mon 02 Jan 2023 02:14:44 +0000
ROA not before: Mon 02 Jan 2023 02:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 192.118.70.0/24 maxlen: 24
192.118.71.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:82:7e:77:a2:85:90:ed:bf:b0:35:6a:14:9f:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Validity
Not Before: Jan 2 02:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b389ed56ae6604ce2d8461c390acfd5c6db4403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6f:44:35:23:82:f4:d7:7d:a1:2c:f5:c2:c3:
95:e8:ca:69:de:ba:a2:05:99:37:9f:f1:72:ba:7e:
0a:eb:b2:10:27:f0:0f:65:88:f3:3d:c3:38:4b:da:
8e:3c:c9:97:ed:a3:e0:2d:9d:74:10:f2:0c:44:2f:
f7:c5:98:c2:ce:76:13:e0:07:3f:00:ad:30:88:ba:
23:d2:f5:d6:53:ff:cb:b4:88:78:bc:5b:7d:c6:0f:
5d:55:6a:6a:09:4e:a0:49:f2:82:7a:2e:4b:d7:80:
5d:ba:b1:54:18:2e:72:7a:e1:c2:43:7a:61:73:66:
00:cf:56:76:22:de:cf:1c:5a:33:e6:3d:65:64:c7:
c5:a8:d3:19:9b:3d:f6:a6:9f:d3:a1:0a:c8:a2:43:
9d:02:a6:48:bb:ec:47:a3:5e:e1:f3:ba:b2:3a:00:
95:54:bf:ff:fb:8e:e8:4f:a7:43:bf:e4:ed:f8:e2:
03:aa:e0:52:7b:9a:55:de:f2:b7:79:d2:c5:f1:84:
b3:73:64:29:c9:2b:fa:83:6f:12:96:82:9d:7a:db:
45:e5:db:ec:91:93:01:1e:53:f6:16:98:5d:74:1a:
78:ab:af:b3:2b:ab:2e:94:b2:2b:2a:97:8d:1e:9d:
e1:6d:e9:6a:ae:37:70:19:cb:8e:e9:d5:44:47:79:
e4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:38:9E:D5:6A:E6:60:4C:E2:D8:46:1C:39:0A:CF:D5:C6:DB:44:03
X509v3 Authority Key Identifier:
keyid:D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/Czie1WrmYEzi2EYcOQrP1cbbRAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/0sHV_U4greXxG2avsQpUyP_ksEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.118.70.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:c2:0c:22:f2:a8:ad:de:f6:63:76:b9:83:79:71:53:6a:69:
af:ec:05:2a:68:76:d7:d9:86:d7:4a:b8:d9:44:21:09:82:ff:
9c:92:a2:25:f8:90:06:d9:bf:11:3e:18:68:8a:c9:35:80:9b:
50:42:8e:93:98:2d:7d:ca:da:82:00:c1:32:25:e1:a8:c8:72:
4e:e8:76:57:dc:56:e2:a8:76:5f:13:03:72:d4:24:52:87:fa:
96:be:5b:67:4b:2e:f9:34:6a:c2:a5:9f:da:3f:43:b9:a2:42:
47:d2:a3:b1:39:90:70:38:90:62:93:0d:3b:31:a5:2f:a9:18:
1e:43:c7:0c:2d:da:57:df:7e:f2:b5:49:9d:22:fc:2d:bd:86:
81:ec:89:e7:da:7f:96:85:c3:d9:03:de:0c:30:e4:51:9d:e3:
4a:0c:5d:40:3f:98:b4:df:78:45:3f:84:da:73:1b:98:d1:f2:
dc:ad:82:2e:f9:4a:56:71:87:ad:77:3c:1e:c9:33:e2:ff:40:
9a:1b:a2:6c:b7:4d:11:2c:f2:ac:1d:6b:5c:f3:ce:b7:fc:d1:
d1:1c:8e:31:af:3e:22:ae:c0:5d:35:e8:77:76:49:d2:29:e0:
9e:61:39:d7:d4:c1:09:f2:2c:6b:83:8e:34:96:56:7b:90:fb:
e3:11:d1:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwQoJ+d6KFkO2/sDVqFJ/2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYzFkNWZkNGUyMGFkZTVmMTFiNjZhZmIxMGE1NGM4ZmZl
NGIwNDAwHhcNMjMwMTAyMDIxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM4OWVkNTZhZTY2MDRjZTJkODQ2MWMzOTBhY2ZkNWM2ZGI0NDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn29ENSOC9Nd9oSz1wsOV6Mpp3rqi
BZk3n/Fyun4K67IQJ/APZYjzPcM4S9qOPMmX7aPgLZ10EPIMRC/3xZjCznYT4Ac/
AK0wiLoj0vXWU//LtIh4vFt9xg9dVWpqCU6gSfKCei5L14BdurFUGC5yeuHCQ3ph
c2YAz1Z2It7PHFoz5j1lZMfFqNMZmz32pp/ToQrIokOdAqZIu+xHo17h87qyOgCV
VL//+47oT6dDv+Tt+OIDquBSe5pV3vK3edLF8YSzc2QpySv6g28SloKdettF5dvs
kZMBHlP2FphddBp4q6+zK6sulLIrKpeNHp3hbelqrjdwGcuO6dVER3nk7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs4ntVq5mBM4thGHDkKz9XG20QDMB8GA1UdIwQY
MBaAFNLB1f1OIK3l8Rtmr7EKVMj/5LBAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTkt
YTA5YTg3NWY1OTAzLzEvQ3ppZTFXcm1ZRXppMkVZY09RclAxY2JiUkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC84NjEzYWQtNGY1Zi00NWZkLTg3OTktYTA5YTg3NWY1OTAz
LzEvMHNIVl9VNGdyZVh4RzJhdnNRcFV5UF9rc0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwHZGMA0G
CSqGSIb3DQEBCwUAA4IBAQAbwgwi8qit3vZjdrmDeXFTammv7AUqaHbX2YbXSrjZ
RCEJgv+ckqIl+JAG2b8RPhhoisk1gJtQQo6TmC19ytqCAMEyJeGoyHJO6HZX3Fbi
qHZfEwNy1CRSh/qWvltnSy75NGrCpZ/aP0O5okJH0qOxOZBwOJBikw07MaUvqRge
Q8cMLdpX337ytUmdIvwtvYaB7Inn2n+WhcPZA94MMORRneNKDF1AP5i033hFP4Ta
cxuY0fLcrYIu+UpWcYetdzweyTPi/0CaG6Jst00RLPKsHWtc8863/NHRHI4xrz4i
rsBdNeh3dknSKeCeYTnX1MEJ8ixrg440llZ7kPvjEdE2
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:28 2024 by rpki-client on console-fra.rpki-client.org