Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPMARDBKix7S740-mZtRPBIF5GY.roa
File: CPMARDBKix7S740-mZtRPBIF5GY.roa (raw, json)
Hash identifier: eAHDzzkGWFtuKGH9iyLyd7K8ArPT0rm4TlSs2YT5xtM=
Subject key identifier: 08:F3:00:44:30:4A:8B:1E:D2:EF:8D:3E:99:9B:51:3C:12:05:E4:66
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018AEA4E13D76EBE5D2E574B1FB30BB66D12
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPMARDBKix7S740-mZtRPBIF5GY.roa
Signing time: Sun 01 Oct 2023 08:15:00 +0000
ROA not before: Sun 01 Oct 2023 08:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 195.133.202.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
194.58.64.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:4e:13:d7:6e:be:5d:2e:57:4b:1f:b3:0b:b6:6d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Oct 1 08:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08f30044304a8b1ed2ef8d3e999b513c1205e466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:07:54:af:ff:85:f8:a0:26:41:ff:5d:f5:
ca:fe:10:3d:4d:b5:03:83:d5:e1:10:53:91:c3:25:
98:23:15:37:e7:74:f9:78:d0:73:1d:fe:04:45:64:
db:f2:6d:8f:52:3a:98:c2:4f:1e:c2:18:33:a5:28:
53:07:24:72:b0:90:c5:88:a5:e5:22:d9:ca:d8:2d:
3d:ab:0e:f1:f8:fb:c1:f7:c0:c4:74:76:fb:93:1f:
32:c6:a3:35:bb:7d:72:99:bc:eb:bb:5e:05:1f:1d:
95:0f:01:8b:39:9b:81:6f:99:8a:04:bf:52:ff:e2:
67:65:70:b9:2b:70:91:7e:b3:7e:aa:ed:22:fd:ef:
a9:dc:2c:64:bf:93:8d:06:e5:ef:0b:b2:b5:77:88:
ed:ee:77:92:f1:90:f8:9d:f3:a2:27:5b:21:e8:b4:
3f:d2:fc:7c:f1:b5:22:a9:41:7d:b0:34:e8:7c:7a:
bf:12:fa:fe:a7:f2:5d:21:a6:df:f6:95:57:4f:04:
83:12:28:58:01:30:5a:17:cf:00:44:b4:c5:30:f6:
f1:5e:b9:a2:5b:f5:c7:6e:5c:6a:40:86:e2:7b:07:
cd:5b:2c:5e:7a:b1:d1:39:e4:ca:45:0c:be:c6:75:
67:d9:03:2d:70:7f:d3:13:ee:12:28:a5:63:8e:8c:
0a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F3:00:44:30:4A:8B:1E:D2:EF:8D:3E:99:9B:51:3C:12:05:E4:66
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPMARDBKix7S740-mZtRPBIF5GY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.64.0/23
195.133.202.0/23
195.133.208.0/23
Signature Algorithm: sha256WithRSAEncryption
29:82:ff:e6:92:61:b2:38:1f:87:6b:fa:dc:b7:49:9f:73:0a:
7b:19:f2:c1:20:65:f7:02:a8:28:c0:9b:03:ab:51:76:43:25:
bc:c6:95:fe:9b:7b:23:70:95:d7:a2:66:40:55:21:2d:5d:13:
4d:4a:2c:1f:9f:42:60:17:86:d3:6b:f6:44:c4:e1:a1:c8:27:
02:c0:cb:09:54:b5:a8:89:dd:9d:04:2e:5a:49:11:c3:96:de:
b7:c7:7e:3f:3d:0d:1b:a2:2e:62:3b:93:23:55:b9:9f:cd:0e:
e2:34:f8:bb:a9:e3:e3:09:6f:fa:cf:e3:7a:58:72:e0:ce:1a:
9b:61:c7:43:af:b7:64:1d:7e:57:03:d7:d6:0e:86:a2:80:aa:
90:1c:41:5f:5f:a1:f9:15:ce:08:63:3c:c0:eb:1c:c4:38:57:
36:3a:6b:10:cb:d8:dc:7c:fa:34:f6:32:47:cd:97:55:57:e1:
c6:58:32:44:63:8d:cc:d2:ad:97:e9:ae:65:48:6c:e9:db:16:
ca:a4:71:66:01:c5:17:04:65:48:1a:32:3c:e7:c5:f6:f7:30:
86:a4:a1:56:cc:44:9a:5e:b8:1a:48:56:ee:f0:87:1e:62:11:
4a:9d:8b:19:a2:f2:6e:2f:07:36:f2:7c:6e:e2:50:7e:44:1c:
9e:2d:78:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrqThPXbr5dLldLH7MLtm0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMDAxMDgxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGYzMDA0NDMwNGE4YjFlZDJlZjhkM2U5OTliNTEzYzEyMDVlNDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhUHVK//hfigJkH/XfXK/hA9TbUD
g9XhEFORwyWYIxU353T5eNBzHf4ERWTb8m2PUjqYwk8ewhgzpShTByRysJDFiKXl
ItnK2C09qw7x+PvB98DEdHb7kx8yxqM1u31ymbzru14FHx2VDwGLOZuBb5mKBL9S
/+JnZXC5K3CRfrN+qu0i/e+p3Cxkv5ONBuXvC7K1d4jt7neS8ZD4nfOiJ1sh6LQ/
0vx88bUiqUF9sDTofHq/Evr+p/JdIabf9pVXTwSDEihYATBaF88ARLTFMPbxXrmi
W/XHblxqQIbiewfNWyxeerHROeTKRQy+xnVn2QMtcH/TE+4SKKVjjowKMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAjzAEQwSose0u+NPpmbUTwSBeRmMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQ1BNQVJEQktpeDdTNzQwLW1adFJQQklGNUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwjpAAwQB
w4XKAwQBw4XQMA0GCSqGSIb3DQEBCwUAA4IBAQApgv/mkmGyOB+Ha/rct0mfcwp7
GfLBIGX3AqgowJsDq1F2QyW8xpX+m3sjcJXXomZAVSEtXRNNSiwfn0JgF4bTa/ZE
xOGhyCcCwMsJVLWoid2dBC5aSRHDlt63x34/PQ0boi5iO5MjVbmfzQ7iNPi7qePj
CW/6z+N6WHLgzhqbYcdDr7dkHX5XA9fWDoaigKqQHEFfX6H5Fc4IYzzA6xzEOFc2
OmsQy9jcfPo09jJHzZdVV+HGWDJEY43M0q2X6a5lSGzp2xbKpHFmAcUXBGVIGjI8
58X29zCGpKFWzESaXrgaSFbu8IceYhFKnYsZovJuLwc28nxu4lB+RByeLXiP
-----END CERTIFICATE-----
Generated at Wed Nov 1 08:43:22 2023 by rpki-client on console-fra.rpki-client.org