Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/CsVylS5WwMuV1jnN0nmbJTqglgI.roa
File: CsVylS5WwMuV1jnN0nmbJTqglgI.roa (raw, json)
Hash identifier: mUi7/RMVyn5DdGffTHoXwP/jjrxge/RI4XRvf2A0ea8=
Subject key identifier: 0A:C5:72:95:2E:56:C0:CB:95:D6:39:CD:D2:79:9B:25:3A:A0:96:02
Certificate issuer: /CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Certificate serial: 01881EAE78123406BE6F3253AD17B6BF3B61
Authority key identifier: 9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/CsVylS5WwMuV1jnN0nmbJTqglgI.roa
Signing time: Mon 15 May 2023 09:12:10 +0000
ROA not before: Mon 15 May 2023 09:12:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41720
IP address blocks: 217.197.100.0/24 maxlen: 24
2a09:b7c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 03 Dec 2023 13:44:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:ae:78:12:34:06:be:6f:32:53:ad:17:b6:bf:3b:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c21a5e4cf6e9e2e70338aeebfa0d1588d73b6ef
Validity
Not Before: May 15 09:12:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0ac572952e56c0cb95d639cdd2799b253aa09602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:6e:1f:74:53:10:71:a9:18:05:09:54:91:
f1:80:35:7f:07:06:8c:c8:cc:41:fe:94:86:e0:9f:
a0:97:e2:31:79:a6:d1:e4:bf:a1:3e:05:01:b4:4d:
ec:b1:44:e0:42:2e:35:8a:3b:4f:66:51:49:49:1e:
be:bb:4b:95:ac:02:de:d8:ba:3b:55:d1:87:69:19:
a0:a5:f3:f1:17:30:4b:c8:70:01:61:c3:72:be:f1:
e4:e5:96:a2:2f:f2:ce:87:9b:7f:e1:bf:2b:e8:95:
9d:cd:3e:e0:c3:17:2e:a5:6d:83:b2:9e:46:99:f5:
fd:98:88:a8:28:d7:a9:d5:d2:ed:0c:6a:f5:77:fb:
83:0f:b0:55:79:a7:ce:42:aa:b1:6b:0f:44:e6:25:
ea:10:45:dd:f9:fa:e0:a1:a2:12:6b:25:46:e6:63:
e6:fa:b8:93:12:54:cc:1f:fb:34:fd:87:87:18:46:
81:8d:1c:6d:67:4e:13:28:d3:8b:ac:5c:2a:ea:aa:
d4:0f:b1:35:0b:fb:bd:8f:20:b5:1e:d9:b9:e0:72:
13:aa:65:7f:49:df:c5:76:69:21:12:2b:30:86:9d:
e3:19:b0:48:30:d9:5c:7e:b0:e7:ae:2c:1c:b9:7b:
74:93:e4:33:6e:49:b2:9e:a7:5c:de:24:d1:65:37:
e0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C5:72:95:2E:56:C0:CB:95:D6:39:CD:D2:79:9B:25:3A:A0:96:02
X509v3 Authority Key Identifier:
keyid:9C:21:A5:E4:CF:6E:9E:2E:70:33:8A:EE:BF:A0:D1:58:8D:73:B6:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nCGl5M9uni5wM4ruv6DRWI1ztu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/CsVylS5WwMuV1jnN0nmbJTqglgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/8cce86-b0ae-4166-9042-528eff52febd/1/nCGl5M9uni5wM4ruv6DRWI1ztu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.197.100.0/24
IPv6:
2a09:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
6e:99:0d:99:ae:e8:ad:9e:30:f1:69:49:fc:4a:38:2e:4a:1f:
0a:20:95:32:7a:57:d4:ef:f1:2b:30:1f:dd:08:c7:77:49:2d:
5a:1d:35:70:6d:a9:21:2a:b1:31:25:5d:25:0a:25:d1:ac:5a:
94:93:96:b5:a6:c0:b2:e1:a2:6f:56:37:7b:f9:7c:8c:77:c2:
16:78:8d:5a:6a:ef:08:57:1a:c4:3c:e3:ce:22:b8:f2:9f:fb:
b0:fb:b5:3c:7a:c9:ae:15:8d:b3:0d:ee:85:f3:e8:92:a5:d2:
2f:b6:c5:4c:91:60:11:46:b7:60:c6:00:3c:a8:52:ff:02:11:
f2:69:b0:c4:08:77:b6:97:bc:72:20:14:75:10:0c:5f:c2:ec:
10:19:c4:fd:5e:7a:6f:20:dc:27:c5:fc:b9:cf:6d:c5:fb:d5:
f7:a9:4b:8a:3e:d3:8d:b9:97:ef:44:d4:bf:3c:b6:d7:bf:f5:
3c:27:39:ea:7b:a1:a3:be:37:a6:c1:4b:44:99:2c:4b:41:9e:
c1:97:11:44:f5:8e:06:0a:27:80:f3:a3:c1:33:35:76:0f:b0:
21:5b:55:87:c5:87:0e:cb:7c:74:ef:df:8e:36:ab:9f:c7:0e:
3d:19:c7:49:4b:07:0b:f3:3d:7f:ff:de:5a:19:eb:24:89:61:
0f:99:99:6f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYgerngSNAa+bzJTrRe2vzthMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljMjFhNWU0Y2Y2ZTllMmU3MDMzOGFlZWJmYTBkMTU4OGQ3
M2I2ZWYwHhcNMjMwNTE1MDkxMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWM1NzI5NTJlNTZjMGNiOTVkNjM5Y2RkMjc5OWIyNTNhYTA5NjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAluH3RTEHGpGAUJVJHxgDV/BwaM
yMxB/pSG4J+gl+IxeabR5L+hPgUBtE3ssUTgQi41ijtPZlFJSR6+u0uVrALe2Lo7
VdGHaRmgpfPxFzBLyHABYcNyvvHk5ZaiL/LOh5t/4b8r6JWdzT7gwxcupW2Dsp5G
mfX9mIioKNep1dLtDGr1d/uDD7BVeafOQqqxaw9E5iXqEEXd+frgoaISayVG5mPm
+riTElTMH/s0/YeHGEaBjRxtZ04TKNOLrFwq6qrUD7E1C/u9jyC1Htm54HITqmV/
Sd/FdmkhEiswhp3jGbBIMNlcfrDnriwcuXt0k+Qzbkmynqdc3iTRZTfgTQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFArFcpUuVsDLldY5zdJ5myU6oJYCMB8GA1UdIwQY
MBaAFJwhpeTPbp4ucDOK7r+g0ViNc7bvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDIt
NTI4ZWZmNTJmZWJkLzEvQ3NWeWxTNVd3TXVWMWpuTjBubWJKVHFnbGdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi84Y2NlODYtYjBhZS00MTY2LTkwNDItNTI4ZWZmNTJmZWJk
LzEvbkNHbDVNOXVuaTV3TTRydXY2RFJXSTF6dHU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2cVkMA0E
AgACMAcDBQMqCbfAMA0GCSqGSIb3DQEBCwUAA4IBAQBumQ2ZruitnjDxaUn8Sjgu
Sh8KIJUyelfU7/ErMB/dCMd3SS1aHTVwbakhKrExJV0lCiXRrFqUk5a1psCy4aJv
Vjd7+XyMd8IWeI1aau8IVxrEPOPOIrjyn/uw+7U8esmuFY2zDe6F8+iSpdIvtsVM
kWARRrdgxgA8qFL/AhHyabDECHe2l7xyIBR1EAxfwuwQGcT9XnpvINwnxfy5z23F
+9X3qUuKPtONuZfvRNS/PLbXv/U8Jznqe6GjvjemwUtEmSxLQZ7BlxFE9Y4GCieA
86PBMzV2D7AhW1WHxYcOy3x079+ONqufxw49GcdJSwcL8z1//95aGeskiWEPmZlv
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org