Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5e3070-422a-4b58-800a-dba7ccac94e2/1/culpAkgbrTul_6n1YU8y4n9oq-s.roa
File: culpAkgbrTul_6n1YU8y4n9oq-s.roa (raw, json)
Hash identifier: KrnFXOCqLQIkVrmREX6YQzqQwcCbK7fhT6t+vlr3PlQ=
Subject key identifier: 72:E9:69:02:48:1B:AD:3B:A5:FF:A9:F5:61:4F:32:E2:7F:68:AB:EB
Certificate issuer: /CN=ff4ccdb12fc22eb857f86c565a8bc5151d0532b0
Certificate serial: 018BB5761B678348B7992C02A7D47085E8DC
Authority key identifier: FF:4C:CD:B1:2F:C2:2E:B8:57:F8:6C:56:5A:8B:C5:15:1D:05:32:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0zNsS_CLrhX-GxWWovFFR0FMrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5e3070-422a-4b58-800a-dba7ccac94e2/1/culpAkgbrTul_6n1YU8y4n9oq-s.roa
Signing time: Thu 09 Nov 2023 19:01:38 +0000
ROA not before: Thu 09 Nov 2023 19:01:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 553
IP address blocks: 129.206.0.0/16 maxlen: 16
147.142.0.0/16 maxlen: 16
192.100.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b5:76:1b:67:83:48:b7:99:2c:02:a7:d4:70:85:e8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4ccdb12fc22eb857f86c565a8bc5151d0532b0
Validity
Not Before: Nov 9 19:01:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72e96902481bad3ba5ffa9f5614f32e27f68abeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4a:db:29:50:88:ae:23:64:1e:54:e6:b0:70:
a8:bb:8e:02:2b:c9:31:5d:09:68:5b:75:ec:fd:34:
9c:ad:9c:51:ac:f4:4e:4b:21:94:d5:0e:41:f7:b4:
3e:63:54:8b:30:b4:c3:82:5f:8a:43:da:db:31:7f:
36:e9:01:06:95:6a:5e:ed:dc:52:b4:5a:81:d2:e2:
6c:54:ca:60:c2:ad:07:5b:05:7f:03:98:58:7b:d0:
7d:8d:b3:b4:2d:67:e6:f3:a3:a8:14:ef:13:d3:64:
6f:e1:fb:e0:d8:59:95:c3:06:13:26:25:b0:35:a9:
50:2c:01:62:19:e4:94:47:49:ff:0a:41:1d:21:61:
45:a3:8a:e0:8b:e6:e4:bb:a2:5b:ce:1e:23:0a:e9:
22:de:9b:70:a5:4e:eb:87:26:bf:9e:16:1a:00:59:
a6:51:ce:3c:79:eb:c7:80:a1:30:97:6f:69:3b:c6:
0c:44:d3:e8:88:d3:a4:40:2a:8e:c5:4f:dc:d7:d0:
89:46:1a:62:10:d5:64:80:c3:36:a6:0f:b1:21:4e:
ec:56:9a:f1:1b:22:d4:5c:41:58:f5:92:08:4a:37:
bb:85:1c:5e:10:6e:3c:10:e0:53:2e:3d:27:e6:90:
47:8c:95:fd:f7:5d:4f:3c:b0:ee:f2:cf:c2:ea:dd:
9f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E9:69:02:48:1B:AD:3B:A5:FF:A9:F5:61:4F:32:E2:7F:68:AB:EB
X509v3 Authority Key Identifier:
keyid:FF:4C:CD:B1:2F:C2:2E:B8:57:F8:6C:56:5A:8B:C5:15:1D:05:32:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0zNsS_CLrhX-GxWWovFFR0FMrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5e3070-422a-4b58-800a-dba7ccac94e2/1/culpAkgbrTul_6n1YU8y4n9oq-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5e3070-422a-4b58-800a-dba7ccac94e2/1/_0zNsS_CLrhX-GxWWovFFR0FMrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.206.0.0/16
147.142.0.0/16
192.100.98.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b5:7f:82:2e:b3:ec:f2:d2:f6:00:43:04:d7:db:19:53:1c:
8d:52:e0:d1:8b:c2:48:9a:a3:09:84:c4:f0:3e:a1:ce:71:74:
b9:47:7c:42:5b:cd:4b:0f:61:24:cb:6a:0a:b1:93:24:70:2b:
16:37:02:9d:ff:40:af:7c:55:6a:fb:56:22:fb:d4:b8:c6:9b:
b1:37:2c:67:39:0c:dd:8a:fa:3a:1c:e2:46:00:1e:70:68:e3:
e4:5f:6c:32:c5:ba:86:09:ec:39:ea:18:3a:bb:ce:c6:a1:74:
e2:45:56:b4:ee:23:c4:fe:5e:1f:7c:32:dc:4d:8a:87:9b:29:
db:fa:5b:dc:6c:40:e6:20:4a:02:28:04:92:83:32:0b:8a:aa:
2e:ef:09:79:48:a2:e0:da:de:c1:e2:46:22:d0:b4:38:a9:90:
b2:08:c0:2c:d2:ed:09:f7:88:0f:a0:40:7d:97:4f:54:54:40:
76:ae:c8:95:9b:33:66:36:f7:18:5c:91:1c:2e:28:74:9a:32:
b5:4a:30:66:10:3e:e1:c8:63:e6:e1:5c:10:3b:ac:41:c1:fb:
02:39:e2:b8:2a:77:9c:0f:0c:be:e8:7d:05:bc:a4:80:e5:95:
5b:d2:e1:92:81:34:5c:47:8a:b4:bc:f4:77:81:dd:b0:0d:db:
8b:37:f4:48
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAYu1dhtng0i3mSwCp9RwhejcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNGNjZGIxMmZjMjJlYjg1N2Y4NmM1NjVhOGJjNTE1MWQw
NTMyYjAwHhcNMjMxMTA5MTkwMTM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmU5NjkwMjQ4MWJhZDNiYTVmZmE5ZjU2MTRmMzJlMjdmNjhhYmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApErbKVCIriNkHlTmsHCou44CK8kx
XQloW3Xs/TScrZxRrPROSyGU1Q5B97Q+Y1SLMLTDgl+KQ9rbMX826QEGlWpe7dxS
tFqB0uJsVMpgwq0HWwV/A5hYe9B9jbO0LWfm86OoFO8T02Rv4fvg2FmVwwYTJiWw
NalQLAFiGeSUR0n/CkEdIWFFo4rgi+bku6Jbzh4jCuki3ptwpU7rhya/nhYaAFmm
Uc48eevHgKEwl29pO8YMRNPoiNOkQCqOxU/c19CJRhpiENVkgMM2pg+xIU7sVprx
GyLUXEFY9ZIISje7hRxeEG48EOBTLj0n5pBHjJX9911PPLDu8s/C6t2fwQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFHLpaQJIG607pf+p9WFPMuJ/aKvrMB8GA1UdIwQY
MBaAFP9MzbEvwi64V/hsVlqLxRUdBTKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzB6TnNTX0NMcmhYLUd4V1dvdkZGUjBGTXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81ZTMwNzAtNDIyYS00YjU4LTgwMGEt
ZGJhN2NjYWM5NGUyLzEvY3VscEFrZ2JyVHVsXzZuMVlVOHk0bjlvcS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81ZTMwNzAtNDIyYS00YjU4LTgwMGEtZGJhN2NjYWM5NGUy
LzEvXzB6TnNTX0NMcmhYLUd4V1dvdkZGUjBGTXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAATAQAwMAgc4DAwCT
jgMEAMBkYjANBgkqhkiG9w0BAQsFAAOCAQEAibV/gi6z7PLS9gBDBNfbGVMcjVLg
0YvCSJqjCYTE8D6hznF0uUd8QlvNSw9hJMtqCrGTJHArFjcCnf9Ar3xVavtWIvvU
uMabsTcsZzkM3Yr6OhziRgAecGjj5F9sMsW6hgnsOeoYOrvOxqF04kVWtO4jxP5e
H3wy3E2Kh5sp2/pb3GxA5iBKAigEkoMyC4qqLu8JeUii4NreweJGItC0OKmQsgjA
LNLtCfeID6BAfZdPVFRAdq7IlZszZjb3GFyRHC4odJoytUowZhA+4chj5uFcEDus
QcH7AjniuCp3nA8Mvuh9BbykgOWVW9LhkoE0XEeKtLz0d4HdsA3bizf0SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:09 2024 by rpki-client on console-ams.rpki-client.org