Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/00CvyBzbenYU2-vAsbLr1N8lQLI.roa
File: 00CvyBzbenYU2-vAsbLr1N8lQLI.roa (raw, json)
Hash identifier: rkuvfW/Fq6Uke9zXPAQ7aA/TrSJzrwcLSIAvtYmv1cU=
Subject key identifier: D3:40:AF:C8:1C:DB:7A:76:14:DB:EB:C0:B1:B2:EB:D4:DF:25:40:B2
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01883A4426186A1E96F9A2933F20A86A9EA8
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/00CvyBzbenYU2-vAsbLr1N8lQLI.roa
Signing time: Sat 20 May 2023 17:45:24 +0000
ROA not before: Sat 20 May 2023 17:45:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 194.113.238.0/24 maxlen: 24
194.113.239.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
45.80.228.0/22 maxlen: 24
185.232.18.0/24 maxlen: 24
185.232.19.0/24 maxlen: 24
185.246.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Jul 2023 14:51:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:3a:44:26:18:6a:1e:96:f9:a2:93:3f:20:a8:6a:9e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: May 20 17:45:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d340afc81cdb7a7614dbebc0b1b2ebd4df2540b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b2:32:25:56:3a:87:f2:42:dd:3d:64:33:54:
0e:9d:9b:3d:a4:e8:da:30:e8:4d:d0:90:e5:99:ef:
51:fc:5c:93:0d:52:c4:65:b7:78:5d:37:23:6a:14:
05:ef:47:ea:7b:bc:20:4e:db:5c:b7:35:44:6d:27:
7d:68:43:92:f4:de:78:05:5e:86:4c:75:43:65:c9:
08:99:bb:0d:da:b5:da:8e:e3:c1:fc:17:2f:9b:07:
30:1e:7a:89:62:99:8f:fd:48:4b:81:26:11:10:c6:
35:60:87:ab:56:cb:82:f0:c7:19:d1:34:59:9a:56:
d7:7b:6d:a6:38:fb:21:b6:80:26:db:d6:61:22:3d:
a5:4e:8b:f6:20:25:b1:64:d6:72:01:19:52:7f:c0:
80:4b:17:97:96:22:51:59:69:f0:39:a3:c0:1f:f4:
19:02:18:6e:4e:b5:dd:8e:c1:99:1b:c0:0b:b1:d5:
bc:5a:76:1f:6b:07:c6:82:2f:c2:ce:de:55:92:10:
f2:c8:10:65:fa:31:36:eb:d2:3f:a4:69:09:21:a6:
bf:94:b1:59:26:98:ab:54:b3:23:5f:27:2a:10:44:
87:aa:65:61:43:9a:13:ee:bc:31:89:fd:78:49:45:
ac:f8:7d:cc:76:31:45:aa:df:66:f8:0f:47:ac:9b:
50:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:40:AF:C8:1C:DB:7A:76:14:DB:EB:C0:B1:B2:EB:D4:DF:25:40:B2
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/00CvyBzbenYU2-vAsbLr1N8lQLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.228.0/22
185.221.196.0/23
185.232.18.0/23
185.238.88.0/22
185.246.216.0/24
194.113.238.0/23
Signature Algorithm: sha256WithRSAEncryption
49:33:f3:75:69:fa:6a:4b:db:9b:be:dd:c3:5d:74:1d:46:71:
1a:92:09:1a:10:b7:b4:4b:7e:13:91:51:a5:50:8d:3d:bf:3d:
e2:26:73:ca:49:d6:a5:fd:3b:7e:96:51:25:23:e0:44:1e:ba:
f6:a2:43:2b:64:4b:28:5a:e2:6e:b0:fc:34:32:8c:62:41:40:
3d:33:12:d8:23:06:5d:63:11:09:80:48:4c:41:9f:0b:6e:f4:
77:4f:ce:2c:c2:08:b8:4b:07:28:93:3f:fd:56:b2:91:7d:ec:
60:dc:c9:3b:c4:fa:f1:d9:7d:af:e4:1e:13:b3:40:8b:03:31:
3c:0f:3f:98:06:77:1d:d8:ae:db:c8:f6:74:38:bd:59:73:b0:
a8:4d:5d:71:92:57:bb:52:f6:9e:51:ba:bd:82:44:4f:f6:d5:
3e:2b:c7:96:93:6c:60:bf:bd:51:9a:19:74:32:f1:a5:d7:b0:
13:1d:94:eb:e5:9b:fd:26:05:ae:21:13:02:43:35:27:ac:7b:
07:13:3a:77:8a:96:03:f4:af:6a:05:92:09:d5:69:83:53:d4:
ba:b6:29:0f:50:83:39:fd:b0:f9:26:5a:62:37:7a:16:5b:99:
da:f6:67:6f:a1:8c:bd:12:59:eb:33:0d:00:ac:54:8a:09:d8:
26:a3:37:b2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYg6RCYYah6W+aKTPyCoap6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwNTIwMTc0NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzQwYWZjODFjZGI3YTc2MTRkYmViYzBiMWIyZWJkNGRmMjU0MGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07IyJVY6h/JC3T1kM1QOnZs9pOja
MOhN0JDlme9R/FyTDVLEZbd4XTcjahQF70fqe7wgTttctzVEbSd9aEOS9N54BV6G
THVDZckImbsN2rXajuPB/BcvmwcwHnqJYpmP/UhLgSYREMY1YIerVsuC8McZ0TRZ
mlbXe22mOPshtoAm29ZhIj2lTov2ICWxZNZyARlSf8CASxeXliJRWWnwOaPAH/QZ
AhhuTrXdjsGZG8ALsdW8WnYfawfGgi/Czt5VkhDyyBBl+jE269I/pGkJIaa/lLFZ
JpirVLMjXycqEESHqmVhQ5oT7rwxif14SUWs+H3MdjFFqt9m+A9HrJtQlwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNNAr8gc23p2FNvrwLGy69TfJUCyMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvMDBDdnlCemJlbllVMi12QXNiTHIxTjhsUUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVDkAwQB
ud3EAwQBuegSAwQCue5YAwQAufbYAwQBwnHuMA0GCSqGSIb3DQEBCwUAA4IBAQBJ
M/N1afpqS9ubvt3DXXQdRnEakgkaELe0S34TkVGlUI09vz3iJnPKSdal/Tt+llEl
I+BEHrr2okMrZEsoWuJusPw0MoxiQUA9MxLYIwZdYxEJgEhMQZ8LbvR3T84swgi4
Swcokz/9VrKRfexg3Mk7xPrx2X2v5B4Ts0CLAzE8Dz+YBncd2K7byPZ0OL1Zc7Co
TV1xkle7UvaeUbq9gkRP9tU+K8eWk2xgv71Rmhl0MvGl17ATHZTr5Zv9JgWuIRMC
QzUnrHsHEzp3ipYD9K9qBZIJ1WmDU9S6tikPUIM5/bD5JlpiN3oWW5na9mdvoYy9
ElnrMw0ArFSKCdgmozey
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org