Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/v1CapKifQK6F99thmZfIDacUJrE.roa
File: v1CapKifQK6F99thmZfIDacUJrE.roa (raw, json)
Hash identifier: Kd08Wyq7waTO6GUhwW/VfLWZ2EU2ONx1Y/RLYsl9b8E=
Subject key identifier: BF:50:9A:A4:A8:9F:40:AE:85:F7:DB:61:99:97:C8:0D:A7:14:26:B1
Certificate issuer: /CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
Certificate serial: 0188777675C31288D2291A61AA74F306BD1E
Authority key identifier: 8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/v1CapKifQK6F99thmZfIDacUJrE.roa
Signing time: Thu 01 Jun 2023 14:57:12 +0000
ROA not before: Thu 01 Jun 2023 14:57:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39039
IP address blocks: 5.134.68.0/22 maxlen: 22
46.31.36.0/22 maxlen: 22
77.95.48.0/21 maxlen: 21
185.170.32.0/22 maxlen: 22
83.243.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:77:76:75:c3:12:88:d2:29:1a:61:aa:74:f3:06:bd:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c0c7f2ebab7c96111cae687cedd1cd2e9bcd56a
Validity
Not Before: Jun 1 14:57:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf509aa4a89f40ae85f7db619997c80da71426b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:76:ec:05:87:67:e2:74:72:8a:c1:de:ee:02:
39:48:5d:a0:46:71:e0:1e:eb:c6:8f:2a:85:2d:da:
84:cf:cf:ee:33:b6:51:8d:af:4d:cc:17:5f:34:fb:
c7:8d:bf:8a:c0:25:aa:5e:fe:c7:63:95:9c:f4:cd:
a9:ba:f0:c9:9f:c6:ea:a6:53:a6:70:13:2b:54:2b:
c0:c3:84:43:fd:81:4f:18:ef:f9:dd:d6:61:39:64:
2b:cf:76:d1:ea:85:ab:07:8d:eb:30:26:1d:0f:ec:
90:96:97:05:24:e1:3d:e4:05:60:3c:60:d2:dd:15:
8c:64:70:03:70:57:9b:0d:9e:91:84:f6:53:f1:eb:
c8:8f:25:9f:54:39:05:7b:eb:c2:0c:7c:c9:17:ae:
45:9a:b1:5c:22:d7:84:70:d1:e5:21:1d:54:b2:5d:
95:c6:a8:63:23:f3:22:f4:04:5b:69:22:e6:4f:8a:
fe:5c:66:53:ba:ee:26:44:3f:49:21:f5:30:79:3a:
44:9d:3f:3c:0d:c4:25:68:3e:29:72:57:47:dd:82:
6f:6e:19:04:25:de:7f:ee:14:d7:94:6c:d1:38:c9:
d2:34:df:e1:eb:be:eb:6d:ba:20:85:4b:95:2b:2f:
80:74:f1:aa:08:ab:0e:d7:2d:fe:c8:de:56:6a:a3:
09:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:50:9A:A4:A8:9F:40:AE:85:F7:DB:61:99:97:C8:0D:A7:14:26:B1
X509v3 Authority Key Identifier:
keyid:8C:0C:7F:2E:BA:B7:C9:61:11:CA:E6:87:CE:DD:1C:D2:E9:BC:D5:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jAx_Lrq3yWERyuaHzt0c0um81Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/v1CapKifQK6F99thmZfIDacUJrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/c76383-591c-4cde-b2cf-251d74ed7754/1/jAx_Lrq3yWERyuaHzt0c0um81Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.68.0/22
46.31.36.0/22
77.95.48.0/21
83.243.32.0/21
185.170.32.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:03:d0:56:2e:29:27:b4:f3:92:03:28:c3:a3:e8:69:37:2c:
37:8d:ca:aa:6a:73:b8:8e:a0:25:4d:35:3a:ae:83:0b:07:bc:
1a:14:ce:3d:31:7f:a6:5d:e2:ee:e8:f1:d8:d4:26:97:b8:a4:
44:b5:54:9f:de:14:7c:82:85:5a:64:26:93:27:f5:35:68:9f:
27:e2:9c:ca:04:69:dd:36:91:6e:d0:18:50:bf:ee:4f:ec:0a:
c0:08:3a:94:26:19:e5:d6:b4:4b:b4:6d:1a:32:66:12:72:2e:
6a:69:f5:5e:d3:c3:c5:13:a0:82:0a:26:ad:98:a8:c8:35:6f:
b8:99:4d:fb:ad:ef:e7:4d:b8:01:d8:9e:47:ea:61:4d:d9:f3:
10:be:3b:1a:a2:23:41:c7:d8:08:2f:33:e4:98:89:31:ff:81:
1f:59:89:61:d9:db:2a:e1:0f:49:b1:57:81:10:7f:20:95:b2:
a8:eb:2d:5e:88:a5:a6:8a:4d:71:a4:21:4f:d0:25:e5:f9:62:
89:71:5f:b5:04:cc:21:13:88:56:55:f1:33:e2:af:49:a5:38:
03:73:42:e4:68:33:87:2b:a7:7d:e6:29:b8:31:1b:43:3b:5a:
00:e4:68:f6:99:f2:93:36:ed:e4:a7:10:ba:fa:a8:60:6a:10:
7d:71:aa:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYh3dnXDEojSKRphqnTzBr0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMGM3ZjJlYmFiN2M5NjExMWNhZTY4N2NlZGQxY2QyZTli
Y2Q1NmEwHhcNMjMwNjAxMTQ1NzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjUwOWFhNGE4OWY0MGFlODVmN2RiNjE5OTk3YzgwZGE3MTQyNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13bsBYdn4nRyisHe7gI5SF2gRnHg
HuvGjyqFLdqEz8/uM7ZRja9NzBdfNPvHjb+KwCWqXv7HY5Wc9M2puvDJn8bqplOm
cBMrVCvAw4RD/YFPGO/53dZhOWQrz3bR6oWrB43rMCYdD+yQlpcFJOE95AVgPGDS
3RWMZHADcFebDZ6RhPZT8evIjyWfVDkFe+vCDHzJF65FmrFcIteEcNHlIR1Usl2V
xqhjI/Mi9ARbaSLmT4r+XGZTuu4mRD9JIfUweTpEnT88DcQlaD4pcldH3YJvbhkE
Jd5/7hTXlGzROMnSNN/h677rbboghUuVKy+AdPGqCKsO1y3+yN5WaqMJiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL9QmqSon0CuhffbYZmXyA2nFCaxMB8GA1UdIwQY
MBaAFIwMfy66t8lhEcrmh87dHNLpvNVqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2Yt
MjUxZDc0ZWQ3NzU0LzEvdjFDYXBLaWZRSzZGOTl0aG1aZklEYWNVSnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9jNzYzODMtNTkxYy00Y2RlLWIyY2YtMjUxZDc0ZWQ3NzU0
LzEvakF4X0xycTN5V0VSeXVhSHp0MGMwdW04MVdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBYZEAwQC
Lh8kAwQDTV8wAwQDU/MgAwQCuaogMA0GCSqGSIb3DQEBCwUAA4IBAQAPA9BWLikn
tPOSAyjDo+hpNyw3jcqqanO4jqAlTTU6roMLB7waFM49MX+mXeLu6PHY1CaXuKRE
tVSf3hR8goVaZCaTJ/U1aJ8n4pzKBGndNpFu0BhQv+5P7ArACDqUJhnl1rRLtG0a
MmYSci5qafVe08PFE6CCCiatmKjINW+4mU37re/nTbgB2J5H6mFN2fMQvjsaoiNB
x9gILzPkmIkx/4EfWYlh2dsq4Q9JsVeBEH8glbKo6y1eiKWmik1xpCFP0CXl+WKJ
cV+1BMwhE4hWVfEz4q9JpTgDc0LkaDOHK6d95im4MRtDO1oA5Gj2mfKTNu3kpxC6
+qhgahB9carZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:25 2024 by rpki-client on console-ams.rpki-client.org