Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/cQmpygPI_fLhr-3-qBqpM0LSNG0.roa
File: cQmpygPI_fLhr-3-qBqpM0LSNG0.roa (raw, json)
Hash identifier: 4P1GKncLSww3EmMLVP/aL+bYkD3IDuSDMXVZ2fqehgY=
Subject key identifier: 71:09:A9:CA:03:C8:FD:F2:E1:AF:ED:FE:A8:1A:A9:33:42:D2:34:6D
Certificate issuer: /CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90
Certificate serial: 018572312633E542A9A8E9E6C32118E957A7
Authority key identifier: 23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/cQmpygPI_fLhr-3-qBqpM0LSNG0.roa
Signing time: Mon 02 Jan 2023 11:15:01 +0000
ROA not before: Mon 02 Jan 2023 11:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207143
IP address blocks: 213.167.224.0/24 maxlen: 24
213.167.226.0/24 maxlen: 24
213.167.225.0/24 maxlen: 24
213.167.227.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:26:33:e5:42:a9:a8:e9:e6:c3:21:18:e9:57:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e22f8bdedcbe19bb33fce14fc1db6ae3a40e90
Validity
Not Before: Jan 2 11:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7109a9ca03c8fdf2e1afedfea81aa93342d2346d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:f0:94:cf:45:41:2e:b9:19:1a:ae:8d:52:24:
77:52:a7:aa:66:57:5a:d2:ca:3e:e2:8c:06:ef:f2:
82:92:09:75:dc:d2:0c:83:b8:1b:0b:59:0e:10:44:
fb:cc:a9:bc:4d:7e:ba:d6:d5:a8:41:8c:ab:87:e0:
ba:f0:99:a8:be:38:9e:b9:02:6c:17:71:54:74:8e:
68:b6:da:70:ab:40:d4:04:51:1d:20:20:f9:d3:fa:
a8:35:3c:88:16:c2:3a:2a:29:da:9c:c0:a7:c5:53:
4e:b7:0f:d0:85:fc:26:9e:2c:55:c8:a9:77:1f:f1:
cd:be:7f:66:8a:1c:a2:2e:69:68:64:6a:86:34:91:
28:5b:45:fd:8f:7d:61:fc:a2:f7:3f:19:4b:c6:4d:
d2:d9:b7:fe:a4:47:ea:d9:f9:8f:a5:a3:da:55:51:
ff:cf:10:ca:31:d4:44:2b:cb:1c:42:f0:40:0a:33:
a0:7d:74:bf:26:82:6e:40:83:c2:22:f2:9f:91:51:
d2:ee:a1:bf:c8:25:35:40:86:59:a0:db:d0:e7:5c:
1c:82:b5:eb:8a:ec:02:8d:65:43:ee:38:f7:a9:f6:
7d:8e:64:e7:e3:ec:c3:bb:d7:84:a9:85:9f:2b:f7:
bf:b9:63:05:46:0e:bd:33:d4:6f:dc:c3:b6:a1:67:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:09:A9:CA:03:C8:FD:F2:E1:AF:ED:FE:A8:1A:A9:33:42:D2:34:6D
X509v3 Authority Key Identifier:
keyid:23:E2:2F:8B:DE:DC:BE:19:BB:33:FC:E1:4F:C1:DB:6A:E3:A4:0E:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-Ivi97cvhm7M_zhT8HbauOkDpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/cQmpygPI_fLhr-3-qBqpM0LSNG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/e6a0db-c766-4991-b72c-74bd045b2af7/1/I-Ivi97cvhm7M_zhT8HbauOkDpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.167.224.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:a1:b2:0b:10:de:9d:21:07:ed:ce:45:e3:c6:73:f0:d9:10:
68:ea:24:84:54:ea:0f:c1:33:a2:29:2e:8a:11:64:e4:6c:53:
8b:ef:17:27:bf:cd:55:48:5d:d8:c9:2c:07:4f:8a:0e:0e:ea:
26:93:ab:73:92:fb:a2:ca:46:4a:03:36:ce:1c:56:d1:ae:02:
c2:4c:21:59:d0:8d:dc:8d:d0:c3:27:05:54:32:0c:b2:94:95:
cb:cd:8d:08:70:6e:80:4f:94:20:d7:5c:64:7a:95:b3:c6:c8:
ef:02:3a:21:2e:fd:1e:5b:a5:19:21:04:f0:b3:49:06:22:68:
d1:94:df:fe:d0:52:f2:31:4e:fa:74:e9:d7:e9:3b:15:8a:b9:
26:14:52:cf:46:b5:e1:5c:51:1c:ed:bd:8c:3b:f6:40:44:41:
d2:c4:1e:b3:3b:d3:01:00:0d:4b:64:e8:46:f8:73:f5:a1:d6:
3f:1c:72:6d:34:69:e1:75:dd:f6:66:d1:39:8d:99:05:7e:02:
4b:4d:bf:97:32:e5:3c:c1:a1:e7:fa:5a:62:76:b1:26:b5:22:
bd:0b:e4:7e:85:60:a5:06:51:21:f7:95:2a:a8:a5:86:34:6d:
ea:d1:88:aa:ce:43:b9:41:27:ba:4d:ee:e1:f1:83:a2:e2:85:
bf:6f:fb:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMSYz5UKpqOnmwyEY6VenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTIyZjhiZGVkY2JlMTliYjMzZmNlMTRmYzFkYjZhZTNh
NDBlOTAwHhcNMjMwMTAyMTExNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTA5YTljYTAzYzhmZGYyZTFhZmVkZmVhODFhYTkzMzQyZDIzNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+PCUz0VBLrkZGq6NUiR3UqeqZlda
0so+4owG7/KCkgl13NIMg7gbC1kOEET7zKm8TX661tWoQYyrh+C68JmovjieuQJs
F3FUdI5ottpwq0DUBFEdICD50/qoNTyIFsI6KinanMCnxVNOtw/QhfwmnixVyKl3
H/HNvn9mihyiLmloZGqGNJEoW0X9j31h/KL3PxlLxk3S2bf+pEfq2fmPpaPaVVH/
zxDKMdREK8scQvBACjOgfXS/JoJuQIPCIvKfkVHS7qG/yCU1QIZZoNvQ51wcgrXr
iuwCjWVD7jj3qfZ9jmTn4+zDu9eEqYWfK/e/uWMFRg69M9Rv3MO2oWe1kQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHEJqcoDyP3y4a/t/qgaqTNC0jRtMB8GA1UdIwQY
MBaAFCPiL4ve3L4ZuzP84U/B22rjpA6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1Jdmk5N2N2aG03TV96aFQ4SGJhdU9rRHBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9lNmEwZGItYzc2Ni00OTkxLWI3MmMt
NzRiZDA0NWIyYWY3LzEvY1FtcHlnUElfZkxoci0zLXFCcXBNMExTTkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9lNmEwZGItYzc2Ni00OTkxLWI3MmMtNzRiZDA0NWIyYWY3
LzEvSS1Jdmk5N2N2aG03TV96aFQ4SGJhdU9rRHBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1afgMA0G
CSqGSIb3DQEBCwUAA4IBAQDPobILEN6dIQftzkXjxnPw2RBo6iSEVOoPwTOiKS6K
EWTkbFOL7xcnv81VSF3YySwHT4oODuomk6tzkvuiykZKAzbOHFbRrgLCTCFZ0I3c
jdDDJwVUMgyylJXLzY0IcG6AT5Qg11xkepWzxsjvAjohLv0eW6UZIQTws0kGImjR
lN/+0FLyMU76dOnX6TsVirkmFFLPRrXhXFEc7b2MO/ZAREHSxB6zO9MBAA1LZOhG
+HP1odY/HHJtNGnhdd32ZtE5jZkFfgJLTb+XMuU8waHn+lpidrEmtSK9C+R+hWCl
BlEh95UqqKWGNG3q0YiqzkO5QSe6Te7h8YOi4oW/b/ud
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:22 2024 by rpki-client on console-fra.rpki-client.org