Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/cKMLNn81s9pOGyrzpJytxuuC5RI.roa
File: cKMLNn81s9pOGyrzpJytxuuC5RI.roa (raw, json)
Hash identifier: EM8TcsUwpP9HrJFKi/YJ2OiTvN9oaN8hETep6w2/M/8=
Subject key identifier: 70:A3:0B:36:7F:35:B3:DA:4E:1B:2A:F3:A4:9C:AD:C6:EB:82:E5:12
Certificate issuer: /CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Certificate serial: 018570F07416A470DD4DC1379763DD41060D
Authority key identifier: 80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/cKMLNn81s9pOGyrzpJytxuuC5RI.roa
Signing time: Mon 02 Jan 2023 05:24:44 +0000
ROA not before: Mon 02 Jan 2023 05:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211391
IP address blocks: 193.3.57.0/24 maxlen: 24
194.105.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 11 May 2023 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:74:16:a4:70:dd:4d:c1:37:97:63:dd:41:06:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Validity
Not Before: Jan 2 05:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70a30b367f35b3da4e1b2af3a49cadc6eb82e512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0a:3a:1a:c4:d3:08:42:cf:de:bb:33:a5:0e:
a1:2f:2a:7f:3f:fe:79:0e:3c:7a:ce:b5:7b:d8:25:
38:48:c0:f8:e2:81:78:a6:6c:16:9e:36:da:65:76:
c7:cc:10:27:76:3e:3f:55:72:a8:cb:82:4a:50:5c:
01:ec:e7:0c:d8:d2:41:1e:d5:de:8a:c1:0a:63:08:
37:83:db:02:39:b2:88:f7:af:03:91:99:90:44:7d:
84:9a:88:62:b0:40:68:12:bc:ba:9d:88:79:25:e9:
3d:9d:43:bb:68:75:03:b0:4f:4b:58:07:84:42:d8:
47:ed:03:45:d5:45:de:8e:4a:47:cb:4c:0b:db:af:
1a:7e:1b:77:47:de:ba:78:8d:49:fc:90:ef:07:9f:
a4:28:4c:ba:c9:ee:0b:94:36:ff:61:88:7a:de:e1:
62:bd:7c:7a:24:7d:26:e3:00:d2:bf:d5:2c:12:6b:
d9:b1:d6:73:f4:a8:29:ed:e7:f0:4f:00:0f:7f:77:
49:cc:26:63:be:44:94:9f:80:89:c9:79:14:7d:f7:
3b:01:f4:d1:53:28:4d:00:8b:1a:8b:33:db:d7:ed:
71:66:63:a2:1c:f5:a1:21:d6:8e:6c:4e:db:05:88:
33:4f:cb:8a:b4:50:e9:aa:fe:39:70:00:97:0a:97:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A3:0B:36:7F:35:B3:DA:4E:1B:2A:F3:A4:9C:AD:C6:EB:82:E5:12
X509v3 Authority Key Identifier:
keyid:80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/cKMLNn81s9pOGyrzpJytxuuC5RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.3.57.0/24
194.105.36.0/22
Signature Algorithm: sha256WithRSAEncryption
71:ff:f3:2e:47:32:bb:39:e6:b9:c1:b9:28:e5:37:03:82:70:
d1:12:61:6a:6c:51:d1:9c:8c:75:14:1e:88:8a:ff:78:78:af:
6c:30:42:51:a4:cf:20:ad:77:62:c6:2b:a2:cd:19:d5:06:bb:
6c:0f:23:c5:cc:8b:11:42:86:af:0e:8e:40:01:7b:c3:c8:36:
c2:b8:00:35:07:4d:f7:46:17:98:c8:55:5f:e7:1e:b4:3f:38:
b2:8c:8e:21:5e:57:eb:d3:8e:8d:61:60:63:8b:0b:5a:63:65:
fd:7e:80:b9:54:9a:92:5b:64:48:1e:a7:9e:7d:2d:4e:bf:cb:
1c:d6:63:8d:d3:dc:68:4e:db:15:7a:7e:1d:30:4c:c1:56:9c:
52:f3:ec:74:d3:7a:37:20:77:67:e1:ce:71:68:03:87:1d:61:
a0:16:7f:29:7a:91:91:2d:24:bc:4e:fa:9c:05:ee:ea:a7:b5:
c4:6c:8f:ab:d5:25:48:5c:19:b1:8e:39:ea:82:95:78:1b:5e:
24:48:78:24:d5:fa:db:57:5a:6b:e4:88:97:cd:59:c1:55:7b:
c6:b9:63:0b:c6:a9:54:e7:11:bc:2d:62:ee:8a:ea:68:35:13:
bc:1d:62:18:43:40:ae:ee:e9:87:d6:e7:52:81:bb:82:0a:0d:
82:57:44:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8HQWpHDdTcE3l2PdQQYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMTZjY2IxYWM3N2M3YzAyYTRlZGU2MDZkZjFmN2VmOTcz
YTBiZjkwHhcNMjMwMTAyMDUyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGEzMGIzNjdmMzViM2RhNGUxYjJhZjNhNDljYWRjNmViODJlNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwo6GsTTCELP3rszpQ6hLyp/P/55
Djx6zrV72CU4SMD44oF4pmwWnjbaZXbHzBAndj4/VXKoy4JKUFwB7OcM2NJBHtXe
isEKYwg3g9sCObKI968DkZmQRH2EmohisEBoEry6nYh5Jek9nUO7aHUDsE9LWAeE
QthH7QNF1UXejkpHy0wL268afht3R966eI1J/JDvB5+kKEy6ye4LlDb/YYh63uFi
vXx6JH0m4wDSv9UsEmvZsdZz9Kgp7efwTwAPf3dJzCZjvkSUn4CJyXkUffc7AfTR
UyhNAIsaizPb1+1xZmOiHPWhIdaObE7bBYgzT8uKtFDpqv45cACXCpdDKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCjCzZ/NbPaThsq86ScrcbrguUSMB8GA1UdIwQY
MBaAFIAWzLGsd8fAKk7eYG3x9++XOgv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUt
YTk2NmFlODU2OTI2LzEvY0tNTE5uODFzOXBPR3lyenBKeXR4dXVDNVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUtYTk2NmFlODU2OTI2
LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwQM5AwQC
wmkkMA0GCSqGSIb3DQEBCwUAA4IBAQBx//MuRzK7Oea5wbko5TcDgnDREmFqbFHR
nIx1FB6Iiv94eK9sMEJRpM8grXdixiuizRnVBrtsDyPFzIsRQoavDo5AAXvDyDbC
uAA1B033RheYyFVf5x60PziyjI4hXlfr046NYWBjiwtaY2X9foC5VJqSW2RIHqee
fS1Ov8sc1mON09xoTtsVen4dMEzBVpxS8+x003o3IHdn4c5xaAOHHWGgFn8pepGR
LSS8TvqcBe7qp7XEbI+r1SVIXBmxjjnqgpV4G14kSHgk1frbV1pr5IiXzVnBVXvG
uWMLxqlU5xG8LWLuiupoNRO8HWIYQ0Cu7umH1udSgbuCCg2CV0R4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:51 2024 by rpki-client on console-ams.rpki-client.org