Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/CVCYlXjCgGD2QdnGVPdLu0KbeK4.roa
File: CVCYlXjCgGD2QdnGVPdLu0KbeK4.roa (raw, json)
Hash identifier: FCCIoKQd91osN339wn28pssxdHFP+WVEsiYbSjY1QmM=
Subject key identifier: 09:50:98:95:78:C2:80:60:F6:41:D9:C6:54:F7:4B:BB:42:9B:78:AE
Certificate issuer: /CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Certificate serial: 018CC64A9926290F7BEE3F38F89B02E8A264
Authority key identifier: FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/CVCYlXjCgGD2QdnGVPdLu0KbeK4.roa
Signing time: Mon 01 Jan 2024 18:30:26 +0000
ROA not before: Mon 01 Jan 2024 18:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25581
IP address blocks: 185.170.216.0/21 maxlen: 21
91.207.130.0/23 maxlen: 23
185.34.149.0/24 maxlen: 24
185.34.148.0/22 maxlen: 22
2a00:da60::/32 maxlen: 32
2a00:da60:b01::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 21 May 2024 11:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:99:26:29:0f:7b:ee:3f:38:f8:9b:02:e8:a2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbcdd117eac757b6f8f39428653ae12508cc6989
Validity
Not Before: Jan 1 18:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0950989578c28060f641d9c654f74bbb429b78ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:66:5b:37:70:18:df:0e:26:e1:ac:14:21:
9e:b9:e1:12:f7:ad:90:4d:d0:83:2a:36:1f:22:8e:
ee:f2:e4:55:d6:96:80:7b:5c:8a:ac:26:5b:c3:75:
1c:9d:83:ad:89:cb:b0:70:db:56:1a:27:2c:19:67:
41:4d:b6:92:89:00:91:93:fb:83:a6:87:79:4b:7c:
36:3b:0c:f8:26:20:af:bb:29:d6:76:43:eb:ac:54:
51:65:3d:3c:64:29:23:9a:fa:35:cf:e2:1a:cc:4b:
48:41:ff:be:6a:75:18:28:c5:db:c2:6d:d2:6c:f8:
c9:f5:dc:f4:cc:18:54:82:5d:45:09:90:c7:51:67:
65:d3:4a:59:60:f1:bc:63:eb:7f:5e:da:90:78:8f:
ea:9a:41:cc:71:d5:53:9d:47:92:08:2b:b9:e2:b9:
e9:d1:2b:75:1d:3a:9e:53:6d:3c:7c:7e:06:ef:64:
40:56:40:76:16:97:93:f2:79:c5:61:cb:2d:e5:c9:
e6:dd:89:9f:a9:3e:7d:ba:15:07:eb:e1:c9:11:17:
a2:5b:68:16:22:c0:88:8a:f1:94:9b:10:b7:ab:60:
51:81:11:6e:1a:c9:96:0c:07:73:ff:44:3e:4d:6e:
9d:7e:4d:55:03:ca:ca:6a:75:4b:c4:d6:1b:96:8f:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:50:98:95:78:C2:80:60:F6:41:D9:C6:54:F7:4B:BB:42:9B:78:AE
X509v3 Authority Key Identifier:
keyid:FB:CD:D1:17:EA:C7:57:B6:F8:F3:94:28:65:3A:E1:25:08:CC:69:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-83RF-rHV7b485QoZTrhJQjMaYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/CVCYlXjCgGD2QdnGVPdLu0KbeK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/9aa99d-be43-4d74-afc9-964425c18c6f/1/1-83RF-rHV7b485QoZTrhJQjMaYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.130.0/23
185.34.148.0/22
185.170.216.0/21
IPv6:
2a00:da60::/32
Signature Algorithm: sha256WithRSAEncryption
1f:d7:e8:e9:3b:c7:bf:c8:3b:f8:ed:ae:53:9f:dc:7e:e5:18:
2e:5f:62:60:60:59:e5:43:34:01:77:5a:13:de:31:af:2f:ec:
d8:a5:6d:a3:37:e2:69:3f:b0:c7:33:68:b9:0b:37:21:1c:1b:
87:a5:e4:2c:6d:4a:88:e8:1d:e0:72:5c:6b:73:9f:c3:89:c8:
8b:a7:99:47:93:5a:e7:ae:4c:dd:3d:8a:7e:c3:92:81:6f:c1:
81:e2:45:d5:d4:24:e1:bd:d4:c8:5c:e0:66:50:89:5b:86:35:
b7:9f:be:0a:6a:8b:2e:0b:0a:6a:56:53:b4:b2:17:7c:62:8b:
0f:52:f5:3b:b0:fd:7f:cb:40:30:ec:c8:21:61:d3:2f:61:54:
c3:0a:f4:ac:bf:81:20:ce:0c:68:8e:8f:6b:3c:04:26:f2:fc:
bb:08:0f:24:59:a3:9e:89:66:06:c0:40:6e:36:5e:fe:3e:85:
3d:51:d0:18:b3:b1:d2:6f:16:62:ad:1a:0a:da:8e:f0:be:7d:
98:7a:0d:b1:09:de:35:e4:06:c5:2c:67:db:66:d4:fe:bf:ae:
b9:31:35:85:f9:bd:6e:6a:82:ef:c6:63:10:54:fe:98:c0:21:
45:f1:3b:93:31:05:bf:78:2a:2c:3e:01:4c:ef:78:84:36:66:
a9:0b:d3:3e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzGSpkmKQ977j84+JsC6KJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiY2RkMTE3ZWFjNzU3YjZmOGYzOTQyODY1M2FlMTI1MDhj
YzY5ODkwHhcNMjQwMTAxMTgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTUwOTg5NTc4YzI4MDYwZjY0MWQ5YzY1NGY3NGJiYjQyOWI3OGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdtmWzdwGN8OJuGsFCGeueES962Q
TdCDKjYfIo7u8uRV1paAe1yKrCZbw3UcnYOticuwcNtWGicsGWdBTbaSiQCRk/uD
pod5S3w2Owz4JiCvuynWdkPrrFRRZT08ZCkjmvo1z+IazEtIQf++anUYKMXbwm3S
bPjJ9dz0zBhUgl1FCZDHUWdl00pZYPG8Y+t/XtqQeI/qmkHMcdVTnUeSCCu54rnp
0St1HTqeU208fH4G72RAVkB2FpeT8nnFYcst5cnm3YmfqT59uhUH6+HJEReiW2gW
IsCIivGUmxC3q2BRgRFuGsmWDAdz/0Q+TW6dfk1VA8rKanVLxNYblo+sPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAlQmJV4woBg9kHZxlT3S7tCm3iuMB8GA1UdIwQY
MBaAFPvN0Rfqx1e2+POUKGU64SUIzGmJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS04M1JGLXJIVjdiNDg1UW9aVHJoSlFqTWFZay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5
LTk2NDQyNWMxOGM2Zi8xL0NWQ1lsWGpDZ0dEMlFkbkdWUGRMdTBLYmVLNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWIvOWFhOTlkLWJlNDMtNGQ3NC1hZmM5LTk2NDQyNWMxOGM2
Zi8xLzEtODNSRi1ySFY3YjQ4NVFvWlRyaEpRak1hWWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAFbz4ID
BAK5IpQDBAO5qtgwDQQCAAIwBwMFACoA2mAwDQYJKoZIhvcNAQELBQADggEBAB/X
6Ok7x7/IO/jtrlOf3H7lGC5fYmBgWeVDNAF3WhPeMa8v7NilbaM34mk/sMczaLkL
NyEcG4el5CxtSojoHeByXGtzn8OJyIunmUeTWueuTN09in7DkoFvwYHiRdXUJOG9
1Mhc4GZQiVuGNbefvgpqiy4LCmpWU7SyF3xiiw9S9Tuw/X/LQDDsyCFh0y9hVMMK
9Ky/gSDODGiOj2s8BCby/LsIDyRZo56JZgbAQG42Xv4+hT1R0BizsdJvFmKtGgra
jvC+fZh6DbEJ3jXkBsUsZ9tm1P6/rrkxNYX5vW5qgu/GYxBU/pjAIUXxO5MxBb94
Kiw+AUzveIQ2ZqkL0z4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:46 2024 by rpki-client on console-ams.rpki-client.org