Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/C5ExdzzkTX0BrWDvn-BRLDAuBt8.roa
File: C5ExdzzkTX0BrWDvn-BRLDAuBt8.roa (raw, json)
Hash identifier: l6IKPsRhkG5jOilLo2/4z4ojeCWee4d+MyBi7nl2nYQ=
Subject key identifier: 0B:91:31:77:3C:E4:4D:7D:01:AD:60:EF:9F:E0:51:2C:30:2E:06:DF
Certificate issuer: /CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Certificate serial: 01856F428ED451CEBA6991CF68BBA9C12A88
Authority key identifier: CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/C5ExdzzkTX0BrWDvn-BRLDAuBt8.roa
Signing time: Sun 01 Jan 2023 21:35:10 +0000
ROA not before: Sun 01 Jan 2023 21:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8779
IP address blocks: 78.152.160.0/19 maxlen: 19
185.15.4.0/23 maxlen: 23
94.230.192.0/20 maxlen: 20
46.252.208.0/20 maxlen: 20
2a00:6740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:8e:d4:51:ce:ba:69:91:cf:68:bb:a9:c1:2a:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Validity
Not Before: Jan 1 21:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b9131773ce44d7d01ad60ef9fe0512c302e06df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:91:3b:6b:16:7b:08:ff:b2:e4:65:cc:69:27:
60:eb:eb:0b:b2:d4:6a:7e:5c:8b:cb:77:1a:22:00:
9b:2a:c8:e7:17:6b:0f:f2:00:2a:f5:61:e5:ce:02:
cf:2d:31:3b:82:fc:8f:93:49:1e:ec:79:05:20:17:
39:8b:fd:98:0f:b6:f0:aa:e6:04:a2:6d:a4:1c:21:
2e:81:cd:a3:3f:ad:4d:29:73:bb:14:07:aa:60:78:
91:35:a0:02:ef:ef:cd:51:a3:6c:e9:1e:af:cb:1f:
3e:eb:2a:ac:50:d2:31:fb:37:f5:12:c2:b6:34:a5:
7c:82:3b:50:fe:97:cb:7d:22:d8:72:1b:f0:de:be:
93:06:f6:65:fc:0c:5c:49:60:9b:5a:90:8b:46:56:
96:74:f9:17:ff:3b:62:a5:78:3c:66:13:0a:2a:74:
87:2a:3d:4e:6d:cb:0e:47:14:81:46:94:29:ed:fc:
8a:cc:65:77:a2:95:69:c4:12:7a:38:9f:7c:bc:b1:
35:9d:5e:9c:6f:1a:48:d8:9d:b8:d4:c5:52:64:e2:
dc:6e:92:42:86:d3:59:6e:5e:5c:51:f7:02:f7:8e:
d2:f9:12:52:94:ba:41:e1:f1:9c:ee:f0:c0:db:71:
f3:59:d8:51:d7:32:74:9a:40:6e:e8:48:ee:d5:c7:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:91:31:77:3C:E4:4D:7D:01:AD:60:EF:9F:E0:51:2C:30:2E:06:DF
X509v3 Authority Key Identifier:
keyid:CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/C5ExdzzkTX0BrWDvn-BRLDAuBt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.208.0/20
78.152.160.0/19
94.230.192.0/20
185.15.4.0/23
IPv6:
2a00:6740::/32
Signature Algorithm: sha256WithRSAEncryption
b3:67:3f:17:25:fc:1d:68:e9:57:75:03:a2:18:6c:f0:fc:de:
12:21:12:67:5d:17:4a:55:32:54:8d:25:e0:05:67:45:47:02:
e0:2f:ea:02:d5:34:80:35:54:66:37:80:64:09:b6:01:b4:34:
d9:cc:8d:e0:d7:3d:d8:5d:41:92:2b:60:61:75:46:1b:d8:d7:
8d:4f:25:d5:ab:00:9f:63:52:a6:19:1a:ef:a9:eb:b5:99:e0:
02:8e:8d:65:03:19:3b:47:49:41:4c:32:62:c1:a0:e7:52:ce:
59:50:9f:cd:4e:fe:a6:a8:e1:81:c2:91:d3:f1:d3:50:dd:5f:
18:47:e7:36:d2:cb:1b:32:f8:73:06:93:b0:66:c4:c8:d6:e4:
9a:ad:d1:ac:1e:60:31:12:b7:c4:8d:05:ec:41:cd:08:d4:95:
ae:71:95:3d:6b:be:3d:3f:5a:79:20:32:8a:86:a3:70:92:68:
4e:ef:27:b8:9e:eb:03:9a:9f:55:d7:4e:ec:ac:64:03:3d:93:
60:d3:93:3c:91:ff:04:a2:e1:40:d1:ea:3b:12:2f:e4:b5:21:
9d:66:06:d1:8f:93:a8:db:93:5b:ab:10:27:09:14:9d:91:4b:
1a:d0:e9:82:8b:59:f7:84:f8:f7:0d:f4:43:0f:2c:35:4e:76:
8d:60:2d:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVvQo7UUc66aZHPaLupwSqIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODljYjg4OWY5OTIxMmU4YmY1M2QwNmU0NWQ4N2FiYjkx
Njk1MDYwHhcNMjMwMTAxMjEzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjkxMzE3NzNjZTQ0ZDdkMDFhZDYwZWY5ZmUwNTEyYzMwMmUwNmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpE7axZ7CP+y5GXMaSdg6+sLstRq
flyLy3caIgCbKsjnF2sP8gAq9WHlzgLPLTE7gvyPk0ke7HkFIBc5i/2YD7bwquYE
om2kHCEugc2jP61NKXO7FAeqYHiRNaAC7+/NUaNs6R6vyx8+6yqsUNIx+zf1EsK2
NKV8gjtQ/pfLfSLYchvw3r6TBvZl/AxcSWCbWpCLRlaWdPkX/ztipXg8ZhMKKnSH
Kj1ObcsORxSBRpQp7fyKzGV3opVpxBJ6OJ98vLE1nV6cbxpI2J241MVSZOLcbpJC
htNZbl5cUfcC947S+RJSlLpB4fGc7vDA23HzWdhR1zJ0mkBu6Eju1ceaMwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAuRMXc85E19Aa1g75/gUSwwLgbfMB8GA1UdIwQY
MBaAFM+Jy4ifmSEui/U9BuRdh6u5FpUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjct
ZDlhNDBjNGQzMjkxLzEvQzVFeGR6emtUWDBCcldEdm4tQlJMREF1QnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8wYjg5NTEtMjY5OS00NGIzLTkwNjctZDlhNDBjNGQzMjkx
LzEvejRuTGlKLVpJUzZMOVQwRzVGMkhxN2tXbFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQELvzQAwQF
TpigAwQEXubAAwQBuQ8EMA0EAgACMAcDBQAqAGdAMA0GCSqGSIb3DQEBCwUAA4IB
AQCzZz8XJfwdaOlXdQOiGGzw/N4SIRJnXRdKVTJUjSXgBWdFRwLgL+oC1TSANVRm
N4BkCbYBtDTZzI3g1z3YXUGSK2BhdUYb2NeNTyXVqwCfY1KmGRrvqeu1meACjo1l
Axk7R0lBTDJiwaDnUs5ZUJ/NTv6mqOGBwpHT8dNQ3V8YR+c20ssbMvhzBpOwZsTI
1uSardGsHmAxErfEjQXsQc0I1JWucZU9a749P1p5IDKKhqNwkmhO7ye4nusDmp9V
107srGQDPZNg05M8kf8EouFA0eo7Ei/ktSGdZgbRj5Oo25NbqxAnCRSdkUsa0OmC
i1n3hPj3DfRDDyw1TnaNYC3J
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:58 2024 by rpki-client on console-ams.rpki-client.org