Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/CFwm1a73T1ofHZL4aOGgHUYlz1A.roa
File: CFwm1a73T1ofHZL4aOGgHUYlz1A.roa (raw, json)
Hash identifier: fgLkQmGNWgHDJ2uiM7JsMSOlKCnU7Gkuk5I3JU1uVqk=
Subject key identifier: 08:5C:26:D5:AE:F7:4F:5A:1F:1D:92:F8:68:E1:A0:1D:46:25:CF:50
Certificate issuer: /CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Certificate serial: 01856D53F2F4CBE2EE5251D08B0C2E96BA94
Authority key identifier: 57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/CFwm1a73T1ofHZL4aOGgHUYlz1A.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200970
IP address blocks: 185.145.16.0/22 maxlen: 22
185.145.16.0/24 maxlen: 24
185.145.17.0/24 maxlen: 24
185.145.18.0/24 maxlen: 24
185.145.19.0/24 maxlen: 24
185.89.160.0/24 maxlen: 24
185.89.161.0/24 maxlen: 24
185.89.162.0/24 maxlen: 24
185.89.160.0/22 maxlen: 22
185.89.163.0/24 maxlen: 24
2a05:d9c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f2:f4:cb:e2:ee:52:51:d0:8b:0c:2e:96:ba:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57be8fc79c93504fc21ff70fba469a4cbbe2f029
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085c26d5aef74f5a1f1d92f868e1a01d4625cf50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0a:f5:6f:13:52:f1:db:08:a0:88:2b:54:27:
7b:f5:53:26:75:94:6a:f5:be:fa:e6:5f:3f:66:0d:
a2:e1:c4:e8:47:ba:f7:d8:4c:7a:61:9f:99:a0:3b:
23:05:cf:98:22:14:a6:db:a2:c7:5c:8e:91:37:bd:
38:e6:21:8e:8d:3f:58:5a:5b:55:20:ac:8d:4f:ab:
10:2e:c1:bd:61:5b:2c:ce:d5:ef:b3:68:a7:3c:c8:
0a:2a:56:91:29:b5:3e:dc:94:0d:ed:99:a4:3f:63:
88:21:6f:95:41:cd:33:8e:45:96:fb:82:28:a8:1e:
d5:d5:aa:46:e1:2c:5f:ea:59:17:76:38:44:5b:0f:
bf:3a:c9:68:97:f8:3a:3c:20:65:d0:1a:ec:0f:59:
15:35:fb:50:ae:0b:65:09:58:50:e2:66:db:0e:30:
58:e0:37:cb:14:4e:78:ff:47:3c:b5:34:9f:5f:17:
13:45:bb:72:a8:5a:ad:3b:7c:91:87:ca:61:30:a8:
b8:de:06:a4:a6:1e:61:76:99:51:03:65:0f:a0:af:
d9:35:15:e6:28:98:06:3a:72:f7:2a:35:55:25:f9:
ba:ea:af:8c:4a:bb:c8:33:f7:57:ca:72:70:73:c5:
c6:06:01:19:c8:4e:6e:f2:10:35:96:be:5c:64:ac:
63:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5C:26:D5:AE:F7:4F:5A:1F:1D:92:F8:68:E1:A0:1D:46:25:CF:50
X509v3 Authority Key Identifier:
keyid:57:BE:8F:C7:9C:93:50:4F:C2:1F:F7:0F:BA:46:9A:4C:BB:E2:F0:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V76Px5yTUE_CH_cPukaaTLvi8Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/CFwm1a73T1ofHZL4aOGgHUYlz1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/18be97-df3a-4e1d-b561-53c69c1ce50c/1/V76Px5yTUE_CH_cPukaaTLvi8Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.160.0/22
185.145.16.0/22
IPv6:
2a05:d9c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:f4:e1:b7:df:13:25:6c:29:a8:be:ab:e9:80:84:c4:13:71:
b8:61:df:a1:bf:8e:47:2a:dd:5d:0b:18:c6:33:de:69:16:5f:
3f:3b:3c:3e:aa:36:47:75:4a:bf:7b:48:cb:aa:ca:5d:b7:66:
a2:21:e5:3d:32:1f:5e:a0:a6:fb:37:e0:16:13:e2:6f:8c:50:
2a:37:3b:ca:b7:3e:bc:2e:c3:0c:00:50:79:ef:85:82:f7:82:
b8:2a:9b:1e:b1:8c:49:f3:b3:5f:7d:7f:33:df:5b:e1:85:d2:
55:4c:ff:6b:65:02:f1:d3:d4:ba:b7:19:ce:11:1a:79:c9:d5:
49:aa:4b:76:d7:73:a0:1a:37:f9:d0:12:02:01:4c:97:b9:de:
86:e2:f8:fa:09:93:79:e4:77:d5:d5:41:9a:68:17:4c:4c:5d:
59:be:56:77:0c:cb:6a:3a:46:9b:65:51:ac:d2:91:fc:ed:cb:
04:fb:f9:78:25:d3:db:c3:d7:a0:c6:91:30:86:3b:e0:da:95:
ed:2d:9e:38:1d:84:58:e9:26:bb:b5:0e:7d:fd:18:65:a4:10:
25:fb:9d:44:18:63:e3:9e:ed:5c:0e:ef:20:71:46:f5:bc:34:
52:08:c9:59:dc:db:a6:10:2d:b3:97:0e:b3:ac:87:79:9b:54:
ea:06:6b:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtU/L0y+LuUlHQiwwulrqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YmU4ZmM3OWM5MzUwNGZjMjFmZjcwZmJhNDY5YTRjYmJl
MmYwMjkwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVjMjZkNWFlZjc0ZjVhMWYxZDkyZjg2OGUxYTAxZDQ2MjVjZjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngr1bxNS8dsIoIgrVCd79VMmdZRq
9b765l8/Zg2i4cToR7r32Ex6YZ+ZoDsjBc+YIhSm26LHXI6RN7045iGOjT9YWltV
IKyNT6sQLsG9YVssztXvs2inPMgKKlaRKbU+3JQN7ZmkP2OIIW+VQc0zjkWW+4Io
qB7V1apG4Sxf6lkXdjhEWw+/Oslol/g6PCBl0BrsD1kVNftQrgtlCVhQ4mbbDjBY
4DfLFE54/0c8tTSfXxcTRbtyqFqtO3yRh8phMKi43gakph5hdplRA2UPoK/ZNRXm
KJgGOnL3KjVVJfm66q+MSrvIM/dXynJwc8XGBgEZyE5u8hA1lr5cZKxjWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAhcJtWu909aHx2S+GjhoB1GJc9QMB8GA1UdIwQY
MBaAFFe+j8eck1BPwh/3D7pGmky74vApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjc2UHg1eVRVRV9DSF9jUHVrYWFUTHZpOENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xOGJlOTctZGYzYS00ZTFkLWI1NjEt
NTNjNjljMWNlNTBjLzEvQ0Z3bTFhNzNUMW9mSFpMNGFPR2dIVVlsejFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xOGJlOTctZGYzYS00ZTFkLWI1NjEtNTNjNjljMWNlNTBj
LzEvVjc2UHg1eVRVRV9DSF9jUHVrYWFUTHZpOENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVmgAwQC
uZEQMA0EAgACMAcDBQMqBdnAMA0GCSqGSIb3DQEBCwUAA4IBAQBO9OG33xMlbCmo
vqvpgITEE3G4Yd+hv45HKt1dCxjGM95pFl8/Ozw+qjZHdUq/e0jLqspdt2aiIeU9
Mh9eoKb7N+AWE+JvjFAqNzvKtz68LsMMAFB574WC94K4KpsesYxJ87NffX8z31vh
hdJVTP9rZQLx09S6txnOERp5ydVJqkt213OgGjf50BICAUyXud6G4vj6CZN55HfV
1UGaaBdMTF1ZvlZ3DMtqOkabZVGs0pH87csE+/l4JdPbw9egxpEwhjvg2pXtLZ44
HYRY6Sa7tQ59/RhlpBAl+51EGGPjnu1cDu8gcUb1vDRSCMlZ3NumEC2zlw6zrId5
m1TqBmuZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:59 2024 by rpki-client on console-ams.rpki-client.org