Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/cfvdlv1dTxu7oFaojD75U3eUtZA.roa
File: cfvdlv1dTxu7oFaojD75U3eUtZA.roa (raw, json)
Hash identifier: xJ6VO8YlOazczfQz3OvKEZrV0nb10ScH6UrxBFqE3pw=
Subject key identifier: 71:FB:DD:96:FD:5D:4F:1B:BB:A0:56:A8:8C:3E:F9:53:77:94:B5:90
Certificate issuer: /CN=01e7c30459356a900dc63369764a754c5c1f3319
Certificate serial: 018CC26D211DA085DE071772A570B7E86C51
Authority key identifier: 01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/cfvdlv1dTxu7oFaojD75U3eUtZA.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48213
IP address blocks: 185.135.236.0/22 maxlen: 22
213.232.226.0/24 maxlen: 24
2a07:980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 08 Jul 2024 12:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:21:1d:a0:85:de:07:17:72:a5:70:b7:e8:6c:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01e7c30459356a900dc63369764a754c5c1f3319
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71fbdd96fd5d4f1bbba056a88c3ef9537794b590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:fb:f3:9d:12:23:a7:ef:34:36:48:59:c5:
34:04:c1:d8:6a:d0:bf:10:52:95:40:90:5d:c0:54:
7d:2f:ef:30:9a:b7:0f:23:04:55:9a:81:87:fd:ad:
9c:59:c3:f3:02:bd:4d:90:60:87:d9:ef:40:ee:b3:
0d:c8:28:1f:0e:83:59:54:4b:49:2a:28:0d:01:27:
a3:d6:20:a9:82:8a:fa:1f:b0:20:4f:42:b8:52:71:
37:a2:c5:bf:fb:89:5e:d9:28:35:9a:e9:a9:f8:21:
b9:dd:3d:7b:81:3c:eb:bc:e7:94:06:9b:49:74:2f:
3d:e6:7e:c7:c5:c1:14:18:cc:1e:92:cb:0f:2c:13:
ad:5b:10:e8:68:99:ec:a0:87:3c:0a:11:67:f7:d8:
44:50:ec:16:2e:e9:85:fd:6c:30:da:c6:7a:f6:16:
bb:47:1c:5a:b2:52:7e:e0:be:e8:55:a7:4b:54:a8:
57:18:0d:57:92:48:35:3a:9a:ed:68:b4:27:31:88:
18:42:1c:9a:95:5f:7a:fd:62:0d:ec:a9:5e:63:d8:
2c:eb:11:0b:ab:83:ce:4d:be:85:48:9c:2a:e0:a7:
e6:02:ac:0c:d6:2a:11:6c:53:ce:ea:45:a9:24:fe:
9f:7a:06:a3:43:95:e4:14:2d:35:ea:e1:9a:f8:30:
d4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FB:DD:96:FD:5D:4F:1B:BB:A0:56:A8:8C:3E:F9:53:77:94:B5:90
X509v3 Authority Key Identifier:
keyid:01:E7:C3:04:59:35:6A:90:0D:C6:33:69:76:4A:75:4C:5C:1F:33:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AefDBFk1apANxjNpdkp1TFwfMxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/cfvdlv1dTxu7oFaojD75U3eUtZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/19c164-eae7-46bd-a1de-bf29c4188d7e/1/AefDBFk1apANxjNpdkp1TFwfMxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.236.0/22
213.232.226.0/24
IPv6:
2a07:980::/29
Signature Algorithm: sha256WithRSAEncryption
05:62:d4:d6:f0:f5:0f:60:85:d9:89:a6:2c:17:bb:bf:b8:fa:
42:14:ca:e2:5c:ec:99:21:48:63:25:10:74:85:72:ba:da:33:
be:da:09:8b:04:4b:0e:c2:a2:63:0b:4b:6f:b3:c4:05:38:64:
30:1b:2a:87:c5:3c:70:3e:e1:63:aa:4d:03:a0:c4:20:ad:64:
ef:75:82:18:a0:1d:47:1f:00:7f:58:eb:45:78:ce:e3:39:83:
19:dc:cb:8a:e2:7a:22:3c:b8:09:c0:2d:f4:95:28:1d:11:4a:
88:0f:87:01:76:d2:00:8f:70:cb:a1:ca:43:03:32:41:6b:ee:
31:1a:88:be:3b:7b:fa:75:a3:80:98:f8:b8:e3:86:f9:3e:32:
a5:61:e7:bf:0d:19:5e:6e:45:d0:76:48:68:ad:3f:bb:54:90:
c9:b5:1c:07:58:06:e4:1a:ae:65:1a:16:92:31:3e:3e:39:76:
f6:ea:f6:a8:31:3d:cb:aa:ab:56:6d:d8:c8:0a:9a:b1:89:93:
1b:9e:c9:83:5f:09:6c:6f:b4:9a:0d:eb:a2:78:43:0b:04:09:
84:b8:11:81:cb:6c:40:55:29:94:8c:af:bd:16:cb:91:a5:a4:
c9:f7:47:aa:15:ac:62:01:b5:52:8f:2b:2a:e6:12:d2:1a:37:
96:d1:54:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbSEdoIXeBxdypXC36GxRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZTdjMzA0NTkzNTZhOTAwZGM2MzM2OTc2NGE3NTRjNWMx
ZjMzMTkwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZiZGQ5NmZkNWQ0ZjFiYmJhMDU2YTg4YzNlZjk1Mzc3OTRiNTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIf7850SI6fvNDZIWcU0BMHYatC/
EFKVQJBdwFR9L+8wmrcPIwRVmoGH/a2cWcPzAr1NkGCH2e9A7rMNyCgfDoNZVEtJ
KigNASej1iCpgor6H7AgT0K4UnE3osW/+4le2Sg1mump+CG53T17gTzrvOeUBptJ
dC895n7HxcEUGMwekssPLBOtWxDoaJnsoIc8ChFn99hEUOwWLumF/Www2sZ69ha7
RxxaslJ+4L7oVadLVKhXGA1Xkkg1OprtaLQnMYgYQhyalV96/WIN7KleY9gs6xEL
q4POTb6FSJwq4KfmAqwM1ioRbFPO6kWpJP6fegajQ5XkFC016uGa+DDULQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHH73Zb9XU8bu6BWqIw++VN3lLWQMB8GA1UdIwQY
MBaAFAHnwwRZNWqQDcYzaXZKdUxcHzMZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWVmREJGazFhcEFOeGpOcGRrcDFURndmTXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8xOWMxNjQtZWFlNy00NmJkLWExZGUt
YmYyOWM0MTg4ZDdlLzEvY2Z2ZGx2MWRUeHU3b0Zhb2pENzVVM2VVdFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8xOWMxNjQtZWFlNy00NmJkLWExZGUtYmYyOWM0MTg4ZDdl
LzEvQWVmREJGazFhcEFOeGpOcGRrcDFURndmTXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYfsAwQA
1ejiMA0EAgACMAcDBQMqBwmAMA0GCSqGSIb3DQEBCwUAA4IBAQAFYtTW8PUPYIXZ
iaYsF7u/uPpCFMriXOyZIUhjJRB0hXK62jO+2gmLBEsOwqJjC0tvs8QFOGQwGyqH
xTxwPuFjqk0DoMQgrWTvdYIYoB1HHwB/WOtFeM7jOYMZ3MuK4noiPLgJwC30lSgd
EUqID4cBdtIAj3DLocpDAzJBa+4xGoi+O3v6daOAmPi444b5PjKlYee/DRlebkXQ
dkhorT+7VJDJtRwHWAbkGq5lGhaSMT4+OXb26vaoMT3LqqtWbdjICpqxiZMbnsmD
Xwlsb7SaDeuieEMLBAmEuBGBy2xAVSmUjK+9FsuRpaTJ90eqFaxiAbVSjysq5hLS
GjeW0VT2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:10 2025 by rpki-client