Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/CiuPV4KMag20Q9hpOGExLvx0fEc.roa
File: CiuPV4KMag20Q9hpOGExLvx0fEc.roa (raw, json)
Hash identifier: tckpcgAflX05XN4vDgniEAV07j6QEXgp6tATsldEzI0=
Subject key identifier: 0A:2B:8F:57:82:8C:6A:0D:B4:43:D8:69:38:61:31:2E:FC:74:7C:47
Certificate issuer: /CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Certificate serial: 01875190289DE552A286005041DD4928D7E7
Authority key identifier: 0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/CiuPV4KMag20Q9hpOGExLvx0fEc.roa
Signing time: Wed 05 Apr 2023 13:16:54 +0000
ROA not before: Wed 05 Apr 2023 13:16:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 378
IP address blocks: 132.68.0.0/16 maxlen: 16
132.68.0.0/15 maxlen: 15
132.69.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:51:90:28:9d:e5:52:a2:86:00:50:41:dd:49:28:d7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f21b78ce97b0f5fb3d88bf95cfbb08b2fbea8e5
Validity
Not Before: Apr 5 13:16:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a2b8f57828c6a0db443d8693861312efc747c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4c:c1:54:31:c4:b9:33:c2:3d:38:79:6c:df:
91:b2:2d:fe:1f:4c:2b:34:61:77:5e:4f:d1:8f:22:
d1:cc:a8:31:0d:cc:95:fe:90:74:a4:f3:2e:f0:18:
28:16:9c:5d:f2:a5:9b:8b:15:e4:e9:60:08:f6:54:
3f:0f:d6:74:a6:e2:24:16:f8:51:5a:56:05:a7:91:
59:25:cd:a8:1d:f6:cb:cb:02:31:70:8c:ce:81:5f:
e9:8c:4f:6b:f3:37:fa:48:33:3d:68:52:6e:4b:ce:
54:de:b4:e3:12:eb:23:b8:b3:80:35:82:d3:1e:c5:
db:75:d1:b5:b2:1f:2e:48:24:dc:1c:6e:48:11:42:
28:8a:80:51:19:63:ae:a6:83:8d:8d:a6:38:36:9f:
20:c7:66:5b:40:db:9b:3d:fe:ef:1b:7a:08:66:8e:
a3:6e:06:51:1f:b3:1d:05:f2:94:18:4f:4f:93:78:
1d:2f:70:ef:3a:8e:df:80:fb:0f:73:6e:ad:74:b1:
19:b7:d8:c0:2c:f4:56:51:97:ed:b8:79:85:81:7f:
01:23:d7:a4:fa:55:b7:25:36:6c:82:3c:57:52:de:
6d:1a:ff:c5:57:55:4f:56:c8:db:24:df:7f:7a:f2:
e8:f3:43:e5:9d:25:5f:3d:68:35:fb:54:99:5c:96:
8b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2B:8F:57:82:8C:6A:0D:B4:43:D8:69:38:61:31:2E:FC:74:7C:47
X509v3 Authority Key Identifier:
keyid:0F:21:B7:8C:E9:7B:0F:5F:B3:D8:8B:F9:5C:FB:B0:8B:2F:BE:A8:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyG3jOl7D1-z2Iv5XPuwiy--qOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/CiuPV4KMag20Q9hpOGExLvx0fEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/0f7594-f048-473d-a39a-ddb9e4db98c6/1/DyG3jOl7D1-z2Iv5XPuwiy--qOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.68.0.0/15
Signature Algorithm: sha256WithRSAEncryption
92:9c:5e:fc:f7:f1:5a:55:af:83:4c:93:13:60:91:1c:bb:7a:
d6:75:83:50:1c:05:f1:85:ae:dc:00:cf:7c:ac:3c:7d:02:dc:
82:d9:4f:94:de:7e:fd:4d:42:e9:d6:a0:1e:a6:6d:e8:ee:09:
05:88:41:a1:3b:98:1c:36:ff:5d:2c:f1:ab:d9:20:fb:12:b4:
c7:da:1a:65:c2:36:fe:3d:27:27:96:ca:8a:cb:78:3d:89:aa:
d0:57:21:b9:15:0c:f5:ee:68:0f:0a:34:c7:b5:18:61:6e:0a:
ca:28:3a:8d:56:5d:8e:5e:9c:5c:bc:cf:6b:42:7f:b1:1e:b6:
a3:7e:c1:2d:36:e3:77:f4:e1:e0:14:46:fe:0c:b5:29:59:1f:
c8:d1:96:c7:93:10:27:94:0a:c2:69:b0:c2:27:55:a7:04:78:
96:4f:a9:ab:8d:2c:da:90:bc:cf:f9:56:b2:ae:61:be:4b:74:
52:84:2c:06:bd:59:a3:e4:6e:bf:99:02:9e:6a:0e:a8:2d:0b:
fc:b6:40:3b:f6:54:57:5e:93:06:6c:34:4e:cd:58:5f:db:69:
46:54:51:7e:ab:67:18:7b:77:2b:dc:28:55:64:7b:41:e9:89:
5f:1c:cd:4d:23:5f:92:47:c6:93:ad:2a:7b:2d:3e:45:b5:05:
6f:9d:83:e3
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYdRkCid5VKihgBQQd1JKNfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjFiNzhjZTk3YjBmNWZiM2Q4OGJmOTVjZmJiMDhiMmZi
ZWE4ZTUwHhcNMjMwNDA1MTMxNjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTJiOGY1NzgyOGM2YTBkYjQ0M2Q4NjkzODYxMzEyZWZjNzQ3YzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkzBVDHEuTPCPTh5bN+Rsi3+H0wr
NGF3Xk/RjyLRzKgxDcyV/pB0pPMu8BgoFpxd8qWbixXk6WAI9lQ/D9Z0puIkFvhR
WlYFp5FZJc2oHfbLywIxcIzOgV/pjE9r8zf6SDM9aFJuS85U3rTjEusjuLOANYLT
HsXbddG1sh8uSCTcHG5IEUIoioBRGWOupoONjaY4Np8gx2ZbQNubPf7vG3oIZo6j
bgZRH7MdBfKUGE9Pk3gdL3DvOo7fgPsPc26tdLEZt9jALPRWUZftuHmFgX8BI9ek
+lW3JTZsgjxXUt5tGv/FV1VPVsjbJN9/evLo80PlnSVfPWg1+1SZXJaLPwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAorj1eCjGoNtEPYaThhMS78dHxHMB8GA1UdIwQY
MBaAFA8ht4zpew9fs9iL+Vz7sIsvvqjlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEt
ZGRiOWU0ZGI5OGM2LzEvQ2l1UFY0S01hZzIwUTlocE9HRXhMdngwZkVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC8wZjc1OTQtZjA0OC00NzNkLWEzOWEtZGRiOWU0ZGI5OGM2
LzEvRHlHM2pPbDdEMS16Mkl2NVhQdXdpeS0tcU9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBhEQwDQYJ
KoZIhvcNAQELBQADggEBAJKcXvz38VpVr4NMkxNgkRy7etZ1g1AcBfGFrtwAz3ys
PH0C3ILZT5Tefv1NQunWoB6mbejuCQWIQaE7mBw2/10s8avZIPsStMfaGmXCNv49
JyeWyorLeD2JqtBXIbkVDPXuaA8KNMe1GGFuCsooOo1WXY5enFy8z2tCf7EetqN+
wS0243f04eAURv4MtSlZH8jRlseTECeUCsJpsMInVacEeJZPqauNLNqQvM/5VrKu
Yb5LdFKELAa9WaPkbr+ZAp5qDqgtC/y2QDv2VFdekwZsNE7NWF/baUZUUX6rZxh7
dyvcKFVke0HpiV8czU0jX5JHxpOtKnstPkW1BW+dg+M=
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:42 2024 by rpki-client on console-fra.rpki-client.org