Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/cspVCKvdVCMl1jMRPFMBT9CL6Wc.roa
File: cspVCKvdVCMl1jMRPFMBT9CL6Wc.roa (raw, json)
Hash identifier: v0pqY6Qmg2ZA9MBnbAA0a5wSGaGsdc78cke/jm9LkB4=
Subject key identifier: 72:CA:55:08:AB:DD:54:23:25:D6:33:11:3C:53:01:4F:D0:8B:E9:67
Certificate issuer: /CN=98c9c3189bec1379311bd1353fa9749a68dd992d
Certificate serial: 0185DDDB0258400ED24A0133019E19B3FA64
Authority key identifier: 98:C9:C3:18:9B:EC:13:79:31:1B:D1:35:3F:A9:74:9A:68:DD:99:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMnDGJvsE3kxG9E1P6l0mmjdmS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/cspVCKvdVCMl1jMRPFMBT9CL6Wc.roa
Signing time: Mon 23 Jan 2023 08:59:55 +0000
ROA not before: Mon 23 Jan 2023 08:59:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208164
IP address blocks: 2a0f:2880:400::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 22 Nov 2023 11:59:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:db:02:58:40:0e:d2:4a:01:33:01:9e:19:b3:fa:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c9c3189bec1379311bd1353fa9749a68dd992d
Validity
Not Before: Jan 23 08:59:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72ca5508abdd542325d633113c53014fd08be967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:00:09:45:cb:0e:04:4b:76:b7:25:3b:9f:
96:0c:1b:fd:33:b2:1e:da:2f:9e:1d:07:da:f8:27:
bc:f4:b7:d0:77:cd:4a:d7:a3:45:5c:da:d0:23:13:
34:a7:61:71:7b:cb:e1:58:f5:4e:2b:fe:fc:1d:c6:
4f:ed:72:af:3a:08:24:10:c9:b2:cd:bd:36:ed:04:
37:7f:19:6d:dc:cd:e5:22:51:fb:e9:a3:11:ff:0c:
b8:ae:71:48:db:76:7a:5c:49:d4:dd:c7:2c:f7:ba:
ca:15:79:40:e1:5a:78:ef:cf:8d:b5:22:48:ec:26:
94:f1:37:85:0c:aa:4c:18:a6:a6:32:35:e1:00:da:
bf:9c:7f:b4:a8:cc:d4:33:32:c1:1d:0a:27:77:ac:
ea:22:4f:94:1c:38:9a:a5:9a:e7:8b:4c:c5:86:f8:
6e:d0:e0:11:62:1e:90:b4:74:db:62:c4:4f:63:4b:
c1:a1:a3:19:cb:c1:1d:c5:61:a9:fe:f7:bb:fa:39:
b6:b7:32:8a:3c:7b:3e:7e:2b:41:11:3e:37:59:d3:
14:3c:55:01:c8:3f:2e:64:4f:eb:20:eb:31:5b:25:
51:7f:68:a6:c2:77:df:87:6b:9d:1d:55:6b:f6:7f:
e7:5d:b2:95:15:91:74:01:8e:5a:7b:ee:c6:48:37:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:CA:55:08:AB:DD:54:23:25:D6:33:11:3C:53:01:4F:D0:8B:E9:67
X509v3 Authority Key Identifier:
keyid:98:C9:C3:18:9B:EC:13:79:31:1B:D1:35:3F:A9:74:9A:68:DD:99:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMnDGJvsE3kxG9E1P6l0mmjdmS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/cspVCKvdVCMl1jMRPFMBT9CL6Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/70139d-1e75-40b5-916a-9c816a40490e/1/mMnDGJvsE3kxG9E1P6l0mmjdmS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:2880:400::/40
Signature Algorithm: sha256WithRSAEncryption
3f:72:74:e1:35:32:37:3a:81:5e:e1:69:ad:c3:b5:0e:43:6d:
6b:2c:03:bf:ce:21:cd:3b:4a:69:6a:72:10:50:ef:3e:f2:db:
24:6d:c7:e4:89:49:00:ee:f2:a5:ca:e7:32:45:4d:6d:b1:83:
f2:df:ab:20:3e:c7:9e:ae:3d:cc:2a:4a:11:08:d7:28:16:81:
ea:94:e3:56:be:6e:f6:e3:6f:45:8a:5d:f5:7e:bd:fd:e7:68:
0b:03:cf:4a:54:53:6d:92:4e:d9:c3:83:3f:70:41:dd:b7:6b:
25:7d:bf:81:bb:79:d9:47:98:5b:17:d1:dc:35:fe:a7:7a:b1:
c1:9d:e2:53:1b:76:13:8e:d2:94:00:19:79:31:38:48:34:fc:
35:67:90:0d:48:ae:60:8f:53:5f:5f:86:78:c6:22:a2:f5:99:
e5:69:67:c0:99:37:f9:14:20:89:63:4f:dc:72:65:66:bd:2f:
af:81:60:98:d4:d7:99:b6:5e:63:6a:d2:c6:0e:33:e2:15:bd:
4b:f0:a0:57:a2:0e:d7:bc:8c:2c:88:65:fb:14:18:36:6f:73:
dc:aa:fc:20:95:67:13:7a:86:c1:97:5f:9c:3a:55:70:b2:b5:
cb:cb:a6:15:2a:1c:fe:e7:48:4d:52:14:7e:b8:98:80:39:51:
e3:76:41:a0
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYXd2wJYQA7SSgEzAZ4Zs/pkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzljMzE4OWJlYzEzNzkzMTFiZDEzNTNmYTk3NDlhNjhk
ZDk5MmQwHhcNMjMwMTIzMDg1OTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmNhNTUwOGFiZGQ1NDIzMjVkNjMzMTEzYzUzMDE0ZmQwOGJlOTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqIACUXLDgRLdrclO5+WDBv9M7Ie
2i+eHQfa+Ce89LfQd81K16NFXNrQIxM0p2Fxe8vhWPVOK/78HcZP7XKvOggkEMmy
zb027QQ3fxlt3M3lIlH76aMR/wy4rnFI23Z6XEnU3ccs97rKFXlA4Vp478+NtSJI
7CaU8TeFDKpMGKamMjXhANq/nH+0qMzUMzLBHQond6zqIk+UHDiapZrni0zFhvhu
0OARYh6QtHTbYsRPY0vBoaMZy8EdxWGp/ve7+jm2tzKKPHs+fitBET43WdMUPFUB
yD8uZE/rIOsxWyVRf2imwnffh2udHVVr9n/nXbKVFZF0AY5ae+7GSDd4mwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHLKVQir3VQjJdYzETxTAU/Qi+lnMB8GA1UdIwQY
MBaAFJjJwxib7BN5MRvRNT+pdJpo3ZktMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1uREdKdnNFM2t4RzlFMVA2bDBtbWpkbVMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83MDEzOWQtMWU3NS00MGI1LTkxNmEt
OWM4MTZhNDA0OTBlLzEvY3NwVkNLdmRWQ01sMWpNUlBGTUJUOUNMNldjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83MDEzOWQtMWU3NS00MGI1LTkxNmEtOWM4MTZhNDA0OTBl
LzEvbU1uREdKdnNFM2t4RzlFMVA2bDBtbWpkbVMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg8ogAQw
DQYJKoZIhvcNAQELBQADggEBAD9ydOE1Mjc6gV7haa3DtQ5DbWssA7/OIc07Smlq
chBQ7z7y2yRtx+SJSQDu8qXK5zJFTW2xg/LfqyA+x56uPcwqShEI1ygWgeqU41a+
bvbjb0WKXfV+vf3naAsDz0pUU22STtnDgz9wQd23ayV9v4G7edlHmFsX0dw1/qd6
scGd4lMbdhOO0pQAGXkxOEg0/DVnkA1IrmCPU19fhnjGIqL1meVpZ8CZN/kUIIlj
T9xyZWa9L6+BYJjU15m2XmNq0sYOM+IVvUvwoFeiDte8jCyIZfsUGDZvc9yq/CCV
ZxN6hsGXX5w6VXCytcvLphUqHP7nSE1SFH64mIA5UeN2QaA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:30 2024 by rpki-client on console-ams.rpki-client.org