Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/CFSmYPZYkpeqoguPNX0heUl5uZg.roa
File: CFSmYPZYkpeqoguPNX0heUl5uZg.roa (raw, json)
Hash identifier: o7Q9TPlFnvLRcv1DIhH5K55ERybUfnVMtlu7vhvUXUU=
Subject key identifier: 08:54:A6:60:F6:58:92:97:AA:A2:0B:8F:35:7D:21:79:49:79:B9:98
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 018CC5DBF798E644DE44056E7D39E1ADF468
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/CFSmYPZYkpeqoguPNX0heUl5uZg.roa
Signing time: Mon 01 Jan 2024 16:29:36 +0000
ROA not before: Mon 01 Jan 2024 16:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 188.231.0.0/17 maxlen: 17
Validation: Failed, certificate revoked on Wed 31 Jan 2024 09:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:f7:98:e6:44:de:44:05:6e:7d:39:e1:ad:f4:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 1 16:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0854a660f6589297aaa20b8f357d21794979b998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ce:87:17:9a:85:60:92:7b:f4:a8:f7:73:cf:
f2:82:2d:2b:bd:c6:3d:79:c9:14:78:c6:dd:b1:4c:
80:d9:77:34:61:1e:08:e7:54:2f:33:98:51:0f:af:
42:f1:b5:f1:e2:f6:dc:9e:e5:a8:fa:2b:78:f0:f7:
e1:db:15:b3:5c:24:90:bc:46:01:91:ab:44:ff:9f:
40:a4:4a:3e:03:23:b6:b9:fd:84:1a:f4:ef:ad:fa:
1d:5f:cd:6c:ed:a7:7f:e5:1e:30:60:a6:f3:0e:6b:
94:a5:62:b8:4f:82:06:c4:6b:ee:1e:f9:a3:03:de:
c4:f9:20:5e:d8:ab:98:0f:53:68:ba:a3:47:bf:43:
81:9e:19:5e:fd:ac:4a:8f:9b:69:28:03:da:8e:ed:
ea:b7:98:17:cd:67:5a:ce:7e:49:6f:65:d1:15:77:
a5:44:34:47:90:eb:a4:2c:e3:b0:6e:9d:11:db:fd:
12:44:07:d2:13:8c:50:08:42:6e:ff:3f:af:79:57:
ea:fc:8c:23:f0:d6:c2:dc:d9:52:b8:a3:dd:06:f2:
00:69:6f:96:69:eb:c7:a5:cc:5c:1e:74:97:ee:99:
fb:e1:66:86:c3:67:b2:47:61:92:25:32:02:53:f8:
a0:98:9f:9a:75:68:8b:a6:55:27:14:f9:8c:9f:5d:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:54:A6:60:F6:58:92:97:AA:A2:0B:8F:35:7D:21:79:49:79:B9:98
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/CFSmYPZYkpeqoguPNX0heUl5uZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.231.0.0/17
Signature Algorithm: sha256WithRSAEncryption
6e:ea:de:a8:0c:9c:03:92:b3:20:5a:61:fd:d7:46:26:7b:cf:
ff:76:58:35:a6:24:51:62:f1:20:5a:94:1b:c2:25:13:8e:64:
77:b6:2b:8f:85:73:a8:d4:2f:50:ac:fe:3e:7c:01:cd:32:c2:
f4:49:fc:f0:9a:9d:d1:8c:42:d5:5d:c2:fe:26:3a:42:7d:6e:
0e:de:0b:b0:16:25:05:55:4e:f3:61:80:f5:07:14:4e:d4:25:
ad:7c:99:9c:ae:5c:7e:6f:79:20:85:ee:56:dd:37:54:cf:fd:
58:8f:d9:49:78:62:b2:b7:94:cf:10:13:45:e1:63:86:01:84:
6a:78:e6:cf:ab:b9:1a:9e:6f:9b:9b:6b:b8:8b:fa:a8:94:42:
ac:6c:51:01:81:db:5e:9f:4f:36:49:f8:d2:fc:d9:b7:57:45:
9c:f2:80:34:cd:52:c4:59:3c:da:de:2b:03:72:35:06:10:82:
0a:7f:1f:3a:50:4f:2d:22:a8:28:54:b3:af:9b:2f:c4:01:9b:
f7:8c:19:0f:cb:0a:67:57:40:c3:89:47:75:a0:2e:c7:6b:4f:
f1:f2:a6:1f:ba:37:11:a9:90:ba:13:a5:de:5a:a2:1f:d2:51:
1d:3b:6b:39:04:c4:96:81:ee:2d:49:6e:2c:23:a5:ab:a4:bf:
77:09:6d:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2/eY5kTeRAVufTnhrfRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjQwMTAxMTYyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU0YTY2MGY2NTg5Mjk3YWFhMjBiOGYzNTdkMjE3OTQ5NzliOTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns6HF5qFYJJ79Kj3c8/ygi0rvcY9
eckUeMbdsUyA2Xc0YR4I51QvM5hRD69C8bXx4vbcnuWo+it48Pfh2xWzXCSQvEYB
katE/59ApEo+AyO2uf2EGvTvrfodX81s7ad/5R4wYKbzDmuUpWK4T4IGxGvuHvmj
A97E+SBe2KuYD1NouqNHv0OBnhle/axKj5tpKAPaju3qt5gXzWdazn5Jb2XRFXel
RDRHkOukLOOwbp0R2/0SRAfSE4xQCEJu/z+veVfq/Iwj8NbC3NlSuKPdBvIAaW+W
aevHpcxcHnSX7pn74WaGw2eyR2GSJTICU/igmJ+adWiLplUnFPmMn10z3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhUpmD2WJKXqqILjzV9IXlJebmYMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvQ0ZTbVlQWllrcGVxb2d1UE5YMGhlVWw1dVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWItZmU4NTVkYWJiNzVl
LzEvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHvOcAMA0G
CSqGSIb3DQEBCwUAA4IBAQBu6t6oDJwDkrMgWmH910Yme8//dlg1piRRYvEgWpQb
wiUTjmR3tiuPhXOo1C9QrP4+fAHNMsL0Sfzwmp3RjELVXcL+JjpCfW4O3guwFiUF
VU7zYYD1BxRO1CWtfJmcrlx+b3kghe5W3TdUz/1Yj9lJeGKyt5TPEBNF4WOGAYRq
eObPq7kanm+bm2u4i/qolEKsbFEBgdten082SfjS/Nm3V0Wc8oA0zVLEWTza3isD
cjUGEIIKfx86UE8tIqgoVLOvmy/EAZv3jBkPywpnV0DDiUd1oC7Ha0/x8qYfujcR
qZC6E6XeWqIf0lEdO2s5BMSWge4tSW4sI6WrpL93CW36
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:12 2024 by rpki-client on console-fra.rpki-client.org