Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/cFnHfRDedDRJmUL33mKpI4Af5n4.roa
File: cFnHfRDedDRJmUL33mKpI4Af5n4.roa (raw, json)
Hash identifier: mU0FIBLrLKeLgLsu5RGIWK2rWF5R+R/GQaTOJ91BJIs=
Subject key identifier: 70:59:C7:7D:10:DE:74:34:49:99:42:F7:DE:62:A9:23:80:1F:E6:7E
Certificate issuer: /CN=e24bc2870de2599daf66497f5729c74b33ef993a
Certificate serial: 01856CCB03DF7A20FFC674611B49A1845BED
Authority key identifier: E2:4B:C2:87:0D:E2:59:9D:AF:66:49:7F:57:29:C7:4B:33:EF:99:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kvChw3iWZ2vZkl_VynHSzPvmTo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/cFnHfRDedDRJmUL33mKpI4Af5n4.roa
Signing time: Sun 01 Jan 2023 10:05:22 +0000
ROA not before: Sun 01 Jan 2023 10:05:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 193.178.185.0/24 maxlen: 24
2001:7f8:19::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:03:df:7a:20:ff:c6:74:61:1b:49:a1:84:5b:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e24bc2870de2599daf66497f5729c74b33ef993a
Validity
Not Before: Jan 1 10:05:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7059c77d10de7434499942f7de62a923801fe67e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:a6:65:32:98:2b:44:17:20:37:19:55:e4:
6f:17:67:e1:32:df:00:a7:76:ce:e3:3c:78:ee:bc:
fc:14:04:d7:77:5b:aa:24:35:72:7e:bb:ce:dd:0a:
3e:33:1d:08:67:0c:1c:d5:ef:2a:4c:1b:64:a8:54:
24:f3:4b:f5:25:b9:f1:f4:55:d8:e6:bb:ac:28:2a:
17:4e:a0:24:d5:6c:ea:ae:93:66:ec:55:04:d8:30:
4d:3d:6e:c2:f5:a8:d8:99:12:86:23:df:c1:b0:c3:
fe:8c:de:3e:a1:bf:62:c6:bb:a3:db:5a:e7:61:80:
c6:f2:16:f2:11:6e:27:ef:b9:df:65:56:1b:b6:7d:
c6:ca:d3:e1:44:41:bf:0e:79:7d:5b:4b:89:bd:cd:
04:7b:c2:28:07:7f:28:57:97:5b:01:3f:4b:bd:a9:
14:54:b0:01:83:c0:84:8f:0c:86:70:e0:22:db:07:
a3:c5:a7:90:48:34:2d:57:75:c7:25:3a:b0:2d:0e:
c8:cc:fb:5f:31:c4:f9:3c:da:61:a1:1c:4f:56:bb:
96:c8:56:db:53:58:63:95:b1:38:23:09:c8:dd:82:
77:1c:cc:df:dc:26:76:8d:31:18:e1:f4:8d:03:6b:
a7:91:ab:0e:0c:0d:d5:a3:3b:3c:f4:fd:37:46:bc:
c9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:59:C7:7D:10:DE:74:34:49:99:42:F7:DE:62:A9:23:80:1F:E6:7E
X509v3 Authority Key Identifier:
keyid:E2:4B:C2:87:0D:E2:59:9D:AF:66:49:7F:57:29:C7:4B:33:EF:99:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kvChw3iWZ2vZkl_VynHSzPvmTo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/cFnHfRDedDRJmUL33mKpI4Af5n4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/be1720-801e-4f9e-a5c1-68a2f0bb5b7a/1/4kvChw3iWZ2vZkl_VynHSzPvmTo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.178.185.0/24
IPv6:
2001:7f8:19::/48
Signature Algorithm: sha256WithRSAEncryption
5a:10:3b:db:6a:41:d8:68:97:22:c8:2f:4c:d0:bb:45:62:e2:
11:a1:a3:f7:c4:fb:c3:a3:3d:66:2b:a1:ce:32:95:65:12:7e:
a8:73:26:51:2e:c0:68:2c:70:6c:c7:32:14:4e:cb:71:2c:60:
ff:c1:e7:7e:06:d2:aa:0d:f4:e1:58:75:9e:20:a1:84:80:6b:
bb:83:d2:28:7b:7b:61:60:b6:8c:5b:e0:68:ef:a0:57:98:1e:
8d:e3:8f:85:47:cf:28:4d:8a:88:8b:8e:38:46:85:2a:60:ea:
b8:4e:7b:99:d8:11:f5:31:73:34:21:a5:31:9e:b9:54:cb:63:
60:f0:d8:b6:d9:43:e0:78:e3:fb:07:56:28:22:a1:f3:c8:f5:
f7:99:06:0e:c2:f0:1f:99:ca:03:61:5a:a6:03:ef:7e:d6:60:
6a:8c:a2:46:08:90:e2:c5:48:c5:fd:4c:5d:26:1d:24:25:5c:
ae:4c:da:48:10:1c:c2:cb:98:15:cf:f1:fd:cc:8e:7b:eb:49:
53:39:17:b0:eb:30:46:a7:dd:1d:d2:91:40:e1:09:32:cf:5d:
58:68:20:7b:50:8b:7c:63:ec:8f:e2:f9:88:97:93:c3:11:60:
6a:6b:ee:ba:f6:88:30:39:12:78:fe:c8:12:63:f2:f7:30:dd:
af:e2:61:cb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsywPfeiD/xnRhG0mhhFvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNGJjMjg3MGRlMjU5OWRhZjY2NDk3ZjU3MjljNzRiMzNl
Zjk5M2EwHhcNMjMwMTAxMTAwNTIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU5Yzc3ZDEwZGU3NDM0NDk5OTQyZjdkZTYyYTkyMzgwMWZlNjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssKmZTKYK0QXIDcZVeRvF2fhMt8A
p3bO4zx47rz8FATXd1uqJDVyfrvO3Qo+Mx0IZwwc1e8qTBtkqFQk80v1Jbnx9FXY
5rusKCoXTqAk1WzqrpNm7FUE2DBNPW7C9ajYmRKGI9/BsMP+jN4+ob9ixruj21rn
YYDG8hbyEW4n77nfZVYbtn3GytPhREG/Dnl9W0uJvc0Ee8IoB38oV5dbAT9LvakU
VLABg8CEjwyGcOAi2wejxaeQSDQtV3XHJTqwLQ7IzPtfMcT5PNphoRxPVruWyFbb
U1hjlbE4IwnI3YJ3HMzf3CZ2jTEY4fSNA2unkasODA3Vozs89P03RrzJBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHBZx30Q3nQ0SZlC995iqSOAH+Z+MB8GA1UdIwQY
MBaAFOJLwocN4lmdr2ZJf1cpx0sz75k6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGt2Q2h3M2lXWjJ2WmtsX1Z5bkhTelB2bVRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9iZTE3MjAtODAxZS00ZjllLWE1YzEt
NjhhMmYwYmI1YjdhLzEvY0ZuSGZSRGVkRFJKbVVMMzNtS3BJNEFmNW40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9iZTE3MjAtODAxZS00ZjllLWE1YzEtNjhhMmYwYmI1Yjdh
LzEvNGt2Q2h3M2lXWjJ2WmtsX1Z5bkhTelB2bVRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbK5MA8E
AgACMAkDBwAgAQf4ABkwDQYJKoZIhvcNAQELBQADggEBAFoQO9tqQdholyLIL0zQ
u0Vi4hGho/fE+8OjPWYroc4ylWUSfqhzJlEuwGgscGzHMhROy3EsYP/B534G0qoN
9OFYdZ4goYSAa7uD0ih7e2Fgtoxb4GjvoFeYHo3jj4VHzyhNioiLjjhGhSpg6rhO
e5nYEfUxczQhpTGeuVTLY2Dw2LbZQ+B44/sHVigiofPI9feZBg7C8B+ZygNhWqYD
737WYGqMokYIkOLFSMX9TF0mHSQlXK5M2kgQHMLLmBXP8f3MjnvrSVM5F7DrMEan
3R3SkUDhCTLPXVhoIHtQi3xj7I/i+YiXk8MRYGpr7rr2iDA5Enj+yBJj8vcw3a/i
Ycs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:44 2024 by rpki-client on console-fra.rpki-client.org