Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/cfZDmoQlg3GdPX9uq_pv3SceFJw.roa
File: cfZDmoQlg3GdPX9uq_pv3SceFJw.roa (raw, json)
Hash identifier: zlAYkePULbcRUR/VVEmDRi+iKsphHWUag/jJAdgpW3s=
Subject key identifier: 71:F6:43:9A:84:25:83:71:9D:3D:7F:6E:AB:FA:6F:DD:27:1E:14:9C
Certificate issuer: /CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Certificate serial: 0187B32AD5A90ACF2F5E32F38BEA1C6C9115
Authority key identifier: 6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/cfZDmoQlg3GdPX9uq_pv3SceFJw.roa
Signing time: Mon 24 Apr 2023 12:09:01 +0000
ROA not before: Mon 24 Apr 2023 12:09:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202908
IP address blocks: 194.147.69.0/24 maxlen: 24
194.124.190.0/24 maxlen: 24
194.124.191.0/24 maxlen: 24
2a0a:aec0::/29 maxlen: 48
2a0a:aec0:100b::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Apr 2023 14:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b3:2a:d5:a9:0a:cf:2f:5e:32:f3:8b:ea:1c:6c:91:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Validity
Not Before: Apr 24 12:09:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f6439a842583719d3d7f6eabfa6fdd271e149c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:03:ba:0b:5e:f8:d1:8f:cf:45:83:01:1b:7a:
bc:35:c4:f1:4b:06:29:93:1a:80:a7:06:cc:74:03:
c9:f0:72:a7:54:d1:b0:25:55:4e:67:3b:88:4c:69:
fa:77:7a:17:54:52:f2:7c:97:f2:ab:c3:85:f7:b4:
93:7e:d1:4b:4d:a4:13:5a:ea:07:a3:ad:82:1e:5b:
7d:1e:d9:ca:80:ba:19:2e:e6:a6:33:52:1e:15:94:
60:32:8f:4c:f6:7c:ee:0a:2e:66:d6:46:98:96:4a:
ba:8e:62:44:80:76:06:da:2d:a2:e6:f9:89:60:d9:
1c:03:a8:6f:3d:a6:b2:d4:47:7e:0e:09:a2:a6:37:
ab:50:c8:67:62:40:f2:13:a0:9e:b9:9c:a2:c4:41:
7f:bb:f2:bb:55:e5:05:e1:e7:1f:11:d2:ed:64:fd:
c6:14:90:d0:a1:c5:44:cf:97:98:1c:49:db:85:fe:
06:c9:3a:bb:c1:36:78:0d:18:34:a1:ae:fb:cb:51:
08:b7:ba:3a:5b:a1:47:b6:f8:5e:58:4f:cf:3f:13:
24:bb:88:3f:0a:3b:36:07:03:bc:62:3b:b1:c4:38:
7b:d3:d2:97:e6:98:76:89:24:a1:1e:54:cc:46:02:
4f:2a:0c:a2:cb:61:a2:6d:46:1f:5a:81:5f:7c:3a:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F6:43:9A:84:25:83:71:9D:3D:7F:6E:AB:FA:6F:DD:27:1E:14:9C
X509v3 Authority Key Identifier:
keyid:6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/cfZDmoQlg3GdPX9uq_pv3SceFJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.190.0/23
194.147.69.0/24
IPv6:
2a0a:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:e6:9c:f2:36:21:94:98:c1:9b:9f:96:44:b6:d6:a6:1a:b0:
0d:1f:cf:d2:66:f4:79:35:e2:aa:e3:d3:7b:f6:62:fe:25:8d:
07:bb:2b:c2:d4:66:c8:01:5e:a1:0f:68:d4:97:80:ae:4a:0f:
56:af:40:72:53:85:76:5f:79:d0:d5:45:7b:20:4e:08:87:49:
fa:44:82:1e:c0:7a:2f:82:7c:ba:18:77:38:94:ad:38:1f:76:
73:25:5a:fa:14:c9:6a:f9:61:72:69:93:f1:13:db:65:70:5d:
e9:42:5b:01:4d:49:2e:2c:b8:75:a1:14:65:c0:57:8a:1b:3f:
2d:25:b0:2e:92:4c:71:73:99:56:3f:aa:23:e6:02:8a:e5:3e:
37:ea:f3:50:a9:33:c2:5e:95:d8:e9:5a:51:52:31:6f:fe:a8:
58:a7:e0:60:9e:de:00:c9:82:0c:60:84:3d:3d:59:05:e6:5b:
9f:78:0d:e2:b4:b6:4e:dc:47:0c:37:c3:36:65:f9:64:e8:6e:
25:a2:00:4a:6c:d7:5c:e5:6b:7d:5e:4d:bc:b4:81:8d:b9:75:
8e:7f:2d:2e:b3:e7:ab:e8:69:57:b5:0a:52:e5:6f:22:a4:df:
fa:e1:f6:32:18:4c:80:10:6d:a2:d8:09:ac:85:53:41:17:60:
04:46:28:09
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYezKtWpCs8vXjLzi+ocbJEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGIzZTZhN2M4NzgzZmM4YTU3MTlmYmQ5ZjM3YjMyYzhj
N2M1Y2EwHhcNMjMwNDI0MTIwOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY2NDM5YTg0MjU4MzcxOWQzZDdmNmVhYmZhNmZkZDI3MWUxNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgO6C1740Y/PRYMBG3q8NcTxSwYp
kxqApwbMdAPJ8HKnVNGwJVVOZzuITGn6d3oXVFLyfJfyq8OF97STftFLTaQTWuoH
o62CHlt9HtnKgLoZLuamM1IeFZRgMo9M9nzuCi5m1kaYlkq6jmJEgHYG2i2i5vmJ
YNkcA6hvPaay1Ed+DgmipjerUMhnYkDyE6CeuZyixEF/u/K7VeUF4ecfEdLtZP3G
FJDQocVEz5eYHEnbhf4GyTq7wTZ4DRg0oa77y1EIt7o6W6FHtvheWE/PPxMku4g/
Cjs2BwO8YjuxxDh709KX5ph2iSShHlTMRgJPKgyiy2GibUYfWoFffDrDEQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHH2Q5qEJYNxnT1/bqv6b90nHhScMB8GA1UdIwQY
MBaAFGtLPmp8h4P8ilcZ+9nzezLIx8XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmIt
NDMzMmM5NTdhMjJmLzEvY2ZaRG1vUWxnM0dkUFg5dXFfcHYzU2NlRkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmItNDMzMmM5NTdhMjJm
LzEvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwny+AwQA
wpNFMA0EAgACMAcDBQMqCq7AMA0GCSqGSIb3DQEBCwUAA4IBAQBv5pzyNiGUmMGb
n5ZEttamGrANH8/SZvR5NeKq49N79mL+JY0HuyvC1GbIAV6hD2jUl4CuSg9Wr0By
U4V2X3nQ1UV7IE4Ih0n6RIIewHovgny6GHc4lK04H3ZzJVr6FMlq+WFyaZPxE9tl
cF3pQlsBTUkuLLh1oRRlwFeKGz8tJbAukkxxc5lWP6oj5gKK5T436vNQqTPCXpXY
6VpRUjFv/qhYp+Bgnt4AyYIMYIQ9PVkF5lufeA3itLZO3EcMN8M2Zflk6G4logBK
bNdc5Wt9Xk28tIGNuXWOfy0us+er6GlXtQpS5W8ipN/64fYyGEyAEG2i2AmshVNB
F2AERigJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org