Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/rmSHX5co5WkwBmSL1sKrXcS0M0c.roa
File: rmSHX5co5WkwBmSL1sKrXcS0M0c.roa (raw, json)
Hash identifier: iLyAlgjg+8wOQFVJbNcvHj3QK/k6fKxwOv5ZtBjY3W4=
Subject key identifier: AE:64:87:5F:97:28:E5:69:30:06:64:8B:D6:C2:AB:5D:C4:B4:33:47
Certificate issuer: /CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Certificate serial: 01880A41E01DD5D4765C58CCFA54E046141D
Authority key identifier: 80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/rmSHX5co5WkwBmSL1sKrXcS0M0c.roa
Signing time: Thu 11 May 2023 10:01:09 +0000
ROA not before: Thu 11 May 2023 10:01:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211391
IP address blocks: 193.3.57.0/24 maxlen: 24
194.105.36.0/22 maxlen: 22
109.236.168.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:41:e0:1d:d5:d4:76:5c:58:cc:fa:54:e0:46:14:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8016ccb1ac77c7c02a4ede606df1f7ef973a0bf9
Validity
Not Before: May 11 10:01:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae64875f9728e5693006648bd6c2ab5dc4b43347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c2:8c:0b:18:d6:51:f8:1f:7f:21:76:77:75:
6c:13:68:05:45:c3:46:6d:d2:eb:83:13:d0:f6:5d:
e0:f4:42:1d:14:c9:fb:86:f6:90:f2:ef:5d:15:9d:
8c:76:f9:99:4c:db:38:c1:88:61:b1:73:fc:db:fa:
6c:b1:16:ab:08:dc:3d:94:16:78:e2:d4:f4:73:91:
fc:1d:7e:41:69:b4:9a:5e:6f:76:c3:95:e6:dd:7e:
7e:e7:3e:b4:19:3b:21:65:8e:1d:03:6d:41:f6:17:
40:c9:9c:39:91:ad:56:f3:f7:73:a8:e5:a0:38:48:
3d:80:4c:bd:0f:c3:7b:27:46:fa:2f:91:db:0b:e5:
bf:dd:2b:90:35:fd:8b:19:52:ff:8e:f5:a2:d7:ca:
2d:f7:4e:78:2f:15:5e:6a:6d:c5:0f:54:69:2b:ce:
bf:6f:04:15:8a:1c:ee:85:2a:72:c8:c9:ad:3f:d6:
34:60:0b:ef:82:ee:c6:10:40:59:13:ab:b8:43:e1:
b4:8c:4b:4c:2b:80:4d:c7:4f:13:4c:2e:87:15:1d:
e0:d0:13:6c:4a:f3:4a:4c:33:10:84:92:04:42:75:
2e:93:1d:4f:a9:24:0c:c6:b0:72:71:4d:7c:c5:5a:
d3:d0:3b:75:f8:10:f5:20:1a:d9:67:e9:aa:96:f1:
a1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:64:87:5F:97:28:E5:69:30:06:64:8B:D6:C2:AB:5D:C4:B4:33:47
X509v3 Authority Key Identifier:
keyid:80:16:CC:B1:AC:77:C7:C0:2A:4E:DE:60:6D:F1:F7:EF:97:3A:0B:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gBbMsax3x8AqTt5gbfH375c6C_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/rmSHX5co5WkwBmSL1sKrXcS0M0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/abc0f8-1f1f-4c65-bb85-a966ae856926/1/gBbMsax3x8AqTt5gbfH375c6C_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.168.0/21
193.3.57.0/24
194.105.36.0/22
Signature Algorithm: sha256WithRSAEncryption
28:74:b1:bd:3d:a4:a1:7f:f1:f9:3c:e0:8f:04:73:ec:a1:02:
19:e1:57:4d:a8:95:14:79:0e:24:7d:45:7e:37:bb:1a:0e:7d:
e5:ef:df:85:40:f0:f7:f8:25:24:12:88:6c:59:60:40:a4:e6:
3b:e2:bf:10:11:e4:16:08:10:d8:82:4e:c5:0b:23:be:40:52:
7a:47:80:c8:d5:e4:6c:83:15:7a:0c:5a:96:7b:85:60:e5:7f:
55:15:c2:d4:91:d8:93:c4:36:d0:55:f7:28:b9:8e:7f:86:ad:
a5:4f:ff:1f:6a:ed:68:2f:7d:0d:79:46:48:0c:eb:64:61:92:
5e:71:f7:9e:0f:de:0e:c0:45:ce:51:bb:fe:db:2c:30:7c:5a:
85:42:8c:5e:84:cc:a7:5c:c0:7e:18:90:1a:db:cb:ca:da:c5:
81:4b:06:c0:30:53:24:b5:2a:31:81:e6:de:2b:13:34:10:c2:
3a:19:f1:df:a9:6d:64:30:37:04:3a:18:91:ea:d3:84:67:97:
2b:9e:84:f9:0d:39:e9:a4:3f:8a:96:b4:bd:1e:23:e3:b0:77:
3f:2f:06:f9:46:84:2d:7a:10:18:a0:cd:ad:96:c7:9a:9e:61:
0c:3f:c0:87:04:d0:0f:1b:c1:58:58:0d:c9:0f:b3:6a:30:07:
e4:b9:07:80
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgKQeAd1dR2XFjM+lTgRhQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMTZjY2IxYWM3N2M3YzAyYTRlZGU2MDZkZjFmN2VmOTcz
YTBiZjkwHhcNMjMwNTExMTAwMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTY0ODc1Zjk3MjhlNTY5MzAwNjY0OGJkNmMyYWI1ZGM0YjQzMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMKMCxjWUfgffyF2d3VsE2gFRcNG
bdLrgxPQ9l3g9EIdFMn7hvaQ8u9dFZ2MdvmZTNs4wYhhsXP82/pssRarCNw9lBZ4
4tT0c5H8HX5BabSaXm92w5Xm3X5+5z60GTshZY4dA21B9hdAyZw5ka1W8/dzqOWg
OEg9gEy9D8N7J0b6L5HbC+W/3SuQNf2LGVL/jvWi18ot9054LxVeam3FD1RpK86/
bwQVihzuhSpyyMmtP9Y0YAvvgu7GEEBZE6u4Q+G0jEtMK4BNx08TTC6HFR3g0BNs
SvNKTDMQhJIEQnUukx1PqSQMxrBycU18xVrT0Dt1+BD1IBrZZ+mqlvGh4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK5kh1+XKOVpMAZki9bCq13EtDNHMB8GA1UdIwQY
MBaAFIAWzLGsd8fAKk7eYG3x9++XOgv5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUt
YTk2NmFlODU2OTI2LzEvcm1TSFg1Y281V2t3Qm1TTDFzS3JYY1MwTTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hYmMwZjgtMWYxZi00YzY1LWJiODUtYTk2NmFlODU2OTI2
LzEvZ0JiTXNheDN4OEFxVHQ1Z2JmSDM3NWM2Q19rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbeyoAwQA
wQM5AwQCwmkkMA0GCSqGSIb3DQEBCwUAA4IBAQAodLG9PaShf/H5POCPBHPsoQIZ
4VdNqJUUeQ4kfUV+N7saDn3l79+FQPD3+CUkEohsWWBApOY74r8QEeQWCBDYgk7F
CyO+QFJ6R4DI1eRsgxV6DFqWe4Vg5X9VFcLUkdiTxDbQVfcouY5/hq2lT/8fau1o
L30NeUZIDOtkYZJecfeeD94OwEXOUbv+2ywwfFqFQoxehMynXMB+GJAa28vK2sWB
SwbAMFMktSoxgebeKxM0EMI6GfHfqW1kMDcEOhiR6tOEZ5crnoT5DTnppD+KlrS9
HiPjsHc/Lwb5RoQtehAYoM2tlseanmEMP8CHBNAPG8FYWA3JD7NqMAfkuQeA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:51 2024 by rpki-client on console-ams.rpki-client.org