Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/CXWebaV2m6Oea1t06WzQzV-uOWs.roa
File: CXWebaV2m6Oea1t06WzQzV-uOWs.roa (raw, json)
Hash identifier: 08jPkV4IrzYj3fDh2nHShrL7A9Dr1lx0/HFXvPx9Y8I=
Subject key identifier: 09:75:9E:6D:A5:76:9B:A3:9E:6B:5B:74:E9:6C:D0:CD:5F:AE:39:6B
Certificate issuer: /CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Certificate serial: 0187B75A9BEBC37433C6923A55016B84CB7D
Authority key identifier: 3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/CXWebaV2m6Oea1t06WzQzV-uOWs.roa
Signing time: Tue 25 Apr 2023 07:39:41 +0000
ROA not before: Tue 25 Apr 2023 07:39:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12665
IP address blocks: 212.4.224.0/19 maxlen: 19
195.238.144.0/20 maxlen: 20
195.238.128.0/19 maxlen: 20
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:5a:9b:eb:c3:74:33:c6:92:3a:55:01:6b:84:cb:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3df8a40c6a2c6993c9fbe81df3ea7dd372f96dec
Validity
Not Before: Apr 25 07:39:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09759e6da5769ba39e6b5b74e96cd0cd5fae396b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e0:d9:66:cd:7c:eb:f3:96:75:74:00:be:e6:
f1:41:4e:f6:5a:af:88:86:b6:7a:57:02:70:e7:0f:
df:5f:9a:cb:c5:41:76:ac:6e:40:e0:dd:f8:cd:34:
e6:7f:f1:96:aa:17:43:3c:b9:7a:76:81:35:ba:86:
62:48:89:0a:a9:63:28:51:a2:b5:3d:b8:78:98:c1:
d5:22:4e:cc:29:f0:fb:cd:76:89:15:73:ac:b9:d0:
9f:0e:38:91:ec:96:4d:9b:80:81:5d:62:25:37:23:
3d:42:27:f6:3f:b8:d9:45:fe:7f:0e:14:75:7d:bb:
7d:14:16:24:e7:06:3b:28:6c:c6:70:6b:29:e1:fe:
6e:db:67:fb:cb:77:87:78:b6:71:6f:66:4c:f7:8f:
1f:ba:27:a5:23:a3:3c:68:e1:74:c6:bf:35:1e:97:
88:c6:ee:9b:3e:f6:ac:45:8c:01:ad:19:a3:83:b9:
ea:70:9b:1a:7c:c3:ca:e9:fd:95:f1:f9:fa:2c:f9:
79:2d:e6:fd:2a:90:a6:c5:17:6f:46:8a:93:a2:21:
1e:80:07:b6:b3:5c:52:e8:62:dc:71:82:bf:79:13:
30:0f:40:74:02:f6:1c:f4:f8:25:80:87:93:98:a5:
42:0f:d8:42:3b:6f:8e:46:ba:a3:fd:ff:1e:0c:58:
ca:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:75:9E:6D:A5:76:9B:A3:9E:6B:5B:74:E9:6C:D0:CD:5F:AE:39:6B
X509v3 Authority Key Identifier:
keyid:3D:F8:A4:0C:6A:2C:69:93:C9:FB:E8:1D:F3:EA:7D:D3:72:F9:6D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PfikDGosaZPJ--gd8-p903L5bew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/CXWebaV2m6Oea1t06WzQzV-uOWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/3e6687-7a44-40d8-993f-895a5a392438/1/PfikDGosaZPJ--gd8-p903L5bew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.128.0/19
212.4.224.0/19
Signature Algorithm: sha256WithRSAEncryption
43:d1:f9:89:ea:18:8c:62:a0:be:12:7d:64:ef:d1:12:ad:8f:
e9:3c:8a:b3:2f:d7:83:f5:c6:a2:67:13:dc:cf:c0:03:89:4f:
eb:44:44:49:76:b7:4f:da:aa:b7:ee:56:ab:a3:a1:97:7a:c5:
af:be:e8:fd:20:7a:59:a9:4a:2d:26:e2:8e:0f:92:36:4d:bf:
5b:86:1b:d0:23:49:19:04:77:c0:73:48:4f:68:04:64:e7:ca:
d3:af:b6:17:05:28:0b:00:63:7b:b9:12:0b:be:85:6b:90:c4:
95:8b:f1:34:43:a9:ff:6b:06:6b:a9:cc:65:41:f6:5c:a9:51:
d1:d1:ca:42:35:b2:a8:d6:a9:ea:2b:b7:64:ef:7e:2f:de:93:
78:d4:28:9d:20:88:90:ee:80:aa:37:ba:e3:97:6c:7d:7e:62:
0c:e1:fe:aa:5a:c5:dc:f5:61:12:45:b8:b2:ee:ac:d4:92:df:
b2:5b:6e:62:dd:80:3d:4b:dd:ad:b2:11:54:03:0f:89:59:2a:
84:46:67:de:84:d5:73:82:9c:e8:d7:2a:e2:91:29:06:7c:d5:
00:73:38:d2:70:da:4d:57:1a:21:ad:8a:fe:1e:57:1e:77:11:
40:45:44:57:1d:8c:bd:d1:43:94:21:33:b9:bd:99:f3:e1:df:
16:3e:f2:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe3Wpvrw3QzxpI6VQFrhMt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkZjhhNDBjNmEyYzY5OTNjOWZiZTgxZGYzZWE3ZGQzNzJm
OTZkZWMwHhcNMjMwNDI1MDczOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTc1OWU2ZGE1NzY5YmEzOWU2YjViNzRlOTZjZDBjZDVmYWUzOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsODZZs186/OWdXQAvubxQU72Wq+I
hrZ6VwJw5w/fX5rLxUF2rG5A4N34zTTmf/GWqhdDPLl6doE1uoZiSIkKqWMoUaK1
Pbh4mMHVIk7MKfD7zXaJFXOsudCfDjiR7JZNm4CBXWIlNyM9Qif2P7jZRf5/DhR1
fbt9FBYk5wY7KGzGcGsp4f5u22f7y3eHeLZxb2ZM948fuielI6M8aOF0xr81HpeI
xu6bPvasRYwBrRmjg7nqcJsafMPK6f2V8fn6LPl5Leb9KpCmxRdvRoqToiEegAe2
s1xS6GLccYK/eRMwD0B0AvYc9PglgIeTmKVCD9hCO2+ORrqj/f8eDFjKiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAl1nm2ldpujnmtbdOls0M1frjlrMB8GA1UdIwQY
MBaAFD34pAxqLGmTyfvoHfPqfdNy+W3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2Yt
ODk1YTVhMzkyNDM4LzEvQ1hXZWJhVjJtNk9lYTF0MDZXelF6Vi11T1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8zZTY2ODctN2E0NC00MGQ4LTk5M2YtODk1YTVhMzkyNDM4
LzEvUGZpa0RHb3NhWlBKLS1nZDgtcDkwM0w1YmV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFw+6AAwQF
1ATgMA0GCSqGSIb3DQEBCwUAA4IBAQBD0fmJ6hiMYqC+En1k79ESrY/pPIqzL9eD
9caiZxPcz8ADiU/rRERJdrdP2qq37laro6GXesWvvuj9IHpZqUotJuKOD5I2Tb9b
hhvQI0kZBHfAc0hPaARk58rTr7YXBSgLAGN7uRILvoVrkMSVi/E0Q6n/awZrqcxl
QfZcqVHR0cpCNbKo1qnqK7dk734v3pN41CidIIiQ7oCqN7rjl2x9fmIM4f6qWsXc
9WESRbiy7qzUkt+yW25i3YA9S92tshFUAw+JWSqERmfehNVzgpzo1yrikSkGfNUA
czjScNpNVxohrYr+HlcedxFARURXHYy90UOUITO5vZnz4d8WPvJ9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:28 2024 by rpki-client on console-ams.rpki-client.org