Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/CzxcXKbsSted90bi-MYksA-BeCI.roa
File: CzxcXKbsSted90bi-MYksA-BeCI.roa (raw, json)
Hash identifier: q+UCj6RrjQChXcRaNbTjTLk3u3gXdd/YZ/Y97CzT8Mg=
Subject key identifier: 0B:3C:5C:5C:A6:EC:4A:D7:9D:F7:46:E2:F8:C6:24:B0:0F:81:78:22
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018BBF353617976A10B6FC08D76E36B5CBC4
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/CzxcXKbsSted90bi-MYksA-BeCI.roa
Signing time: Sat 11 Nov 2023 16:26:57 +0000
ROA not before: Sat 11 Nov 2023 16:26:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202580
IP address blocks: 185.196.223.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:bf:35:36:17:97:6a:10:b6:fc:08:d7:6e:36:b5:cb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Nov 11 16:26:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3c5c5ca6ec4ad79df746e2f8c624b00f817822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:86:7a:26:ab:75:27:c5:02:a6:b3:34:5a:da:
52:67:cf:38:5f:74:e5:a7:9f:6e:c6:eb:9b:34:4d:
9e:b4:c6:66:76:8e:f7:5b:ba:89:2e:d2:1d:51:c1:
57:df:98:db:b9:21:17:45:79:ee:b6:89:70:90:f5:
59:35:be:49:f1:ea:cb:0e:ee:4e:4d:8f:f2:2b:cd:
10:4b:ac:2b:bf:54:a8:f1:76:41:93:70:c6:1c:13:
04:74:07:40:b1:90:53:40:5a:59:31:bd:7e:45:14:
76:00:f3:43:f5:d7:df:02:f6:a7:5d:4d:95:5c:30:
48:dc:2a:8c:87:10:a1:12:d4:d5:6c:44:ab:6f:e7:
72:a5:3f:fd:cf:99:4e:08:17:22:e7:6e:b8:8c:81:
3a:90:45:f4:fb:29:29:97:e1:f3:53:5a:dd:f1:7a:
1d:be:60:32:70:1b:10:21:f7:34:bc:16:b2:d7:86:
96:28:01:35:8c:9a:17:45:bb:ac:ca:a0:f5:5c:ea:
e4:27:de:0b:a3:3e:83:16:05:99:94:e6:08:69:a0:
bf:dc:fd:e3:77:38:07:08:e0:f2:aa:2a:44:b2:fe:
b9:80:d2:ca:b6:50:bf:5e:a4:17:03:6e:4f:69:3c:
70:2b:6a:9f:41:b1:ab:70:13:15:63:71:91:ed:61:
f7:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3C:5C:5C:A6:EC:4A:D7:9D:F7:46:E2:F8:C6:24:B0:0F:81:78:22
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/CzxcXKbsSted90bi-MYksA-BeCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.223.0/24
Signature Algorithm: sha256WithRSAEncryption
04:46:4c:40:6c:1d:d2:cc:13:d1:f3:0c:c8:57:14:56:f8:da:
2f:53:b9:2f:ab:8b:2a:8a:58:93:cd:8e:a1:5e:c5:cc:85:e6:
34:52:a7:28:9b:43:59:1d:4b:7a:6b:4c:5a:46:16:2c:f2:27:
55:fe:be:b1:19:30:2a:90:db:65:77:88:0d:4f:7c:02:80:6d:
50:ab:f0:23:4a:1e:65:56:27:db:11:78:1b:b8:4b:39:3e:c6:
a2:64:81:df:eb:74:39:1b:28:dc:22:bc:bf:c3:77:46:60:d5:
d5:fd:1a:ef:c1:22:cd:6c:d8:6e:0d:bc:57:b0:d6:87:dc:ca:
64:76:e7:97:18:37:78:71:6b:10:7b:c7:7f:70:2a:e1:83:39:
dc:bf:68:6b:17:7e:3d:98:01:9f:85:f8:bd:b8:c7:c7:a3:2f:
f4:c4:f7:30:4e:8a:80:f1:14:b9:ef:ee:98:8f:55:be:cb:58:
99:16:80:55:7b:35:a2:72:1d:88:b6:02:1c:4a:ee:16:f5:16:
7a:37:df:a6:d6:92:0e:46:08:94:f4:b4:31:20:e5:06:69:27:
2e:8d:c7:97:02:2e:ca:2b:ad:b8:09:2c:d3:be:7c:d9:bf:f7:
33:6a:7a:ec:2a:87:e7:f1:8a:3b:60:33:60:b2:e1:8d:c7:58:
76:49:8a:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYu/NTYXl2oQtvwI1242tcvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjMxMTExMTYyNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNjNWM1Y2E2ZWM0YWQ3OWRmNzQ2ZTJmOGM2MjRiMDBmODE3ODIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04Z6Jqt1J8UCprM0WtpSZ884X3Tl
p59uxuubNE2etMZmdo73W7qJLtIdUcFX35jbuSEXRXnutolwkPVZNb5J8erLDu5O
TY/yK80QS6wrv1So8XZBk3DGHBMEdAdAsZBTQFpZMb1+RRR2APND9dffAvanXU2V
XDBI3CqMhxChEtTVbESrb+dypT/9z5lOCBci5264jIE6kEX0+ykpl+HzU1rd8Xod
vmAycBsQIfc0vBay14aWKAE1jJoXRbusyqD1XOrkJ94Loz6DFgWZlOYIaaC/3P3j
dzgHCODyqipEsv65gNLKtlC/XqQXA25PaTxwK2qfQbGrcBMVY3GR7WH3bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs8XFym7ErXnfdG4vjGJLAPgXgiMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvQ3p4Y1hLYnNTdGVkOTBiaS1NWWtzQS1CZUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucTfMA0G
CSqGSIb3DQEBCwUAA4IBAQAERkxAbB3SzBPR8wzIVxRW+NovU7kvq4sqiliTzY6h
XsXMheY0Uqcom0NZHUt6a0xaRhYs8idV/r6xGTAqkNtld4gNT3wCgG1Qq/AjSh5l
VifbEXgbuEs5PsaiZIHf63Q5GyjcIry/w3dGYNXV/RrvwSLNbNhuDbxXsNaH3Mpk
dueXGDd4cWsQe8d/cCrhgzncv2hrF349mAGfhfi9uMfHoy/0xPcwToqA8RS57+6Y
j1W+y1iZFoBVezWich2ItgIcSu4W9RZ6N9+m1pIORgiU9LQxIOUGaScujceXAi7K
K624CSzTvnzZv/czanrsKofn8Yo7YDNgsuGNx1h2SYpN
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:39 2024 by rpki-client on console-fra.rpki-client.org