Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CUMILV8_QYgqx5wPDfeXBZHjwnM.roa
File: CUMILV8_QYgqx5wPDfeXBZHjwnM.roa (raw, json)
Hash identifier: txQiMnaCcttEdrOt4e9kjvToVLvKRterANrymcDDgMw=
Subject key identifier: 09:43:08:2D:5F:3F:41:88:2A:C7:9C:0F:0D:F7:97:05:91:E3:C2:73
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0186CC92BAB0398C204CEE7FFAB96F35F6CE
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CUMILV8_QYgqx5wPDfeXBZHjwnM.roa
Signing time: Fri 10 Mar 2023 17:30:13 +0000
ROA not before: Fri 10 Mar 2023 17:30:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44050
IP address blocks: 95.215.0.0/22 maxlen: 24
5.101.89.0/24 maxlen: 24
188.143.128.0/17 maxlen: 24
195.2.240.0/23 maxlen: 24
5.188.192.0/23 maxlen: 23
2a00:1d78::/32 maxlen: 48
2a0c:8700::/29 maxlen: 29
2a0d:8fc0::/29 maxlen: 29
2a00:1d78:666::/64 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:cc:92:ba:b0:39:8c:20:4c:ee:7f:fa:b9:6f:35:f6:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Mar 10 17:30:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0943082d5f3f41882ac79c0f0df7970591e3c273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:88:f6:60:86:d0:1e:a5:9c:d5:a6:e0:90:
eb:d4:c5:0d:06:20:41:ad:eb:f1:d9:f3:67:4b:1c:
16:0e:04:8f:81:50:82:b6:96:0c:59:97:ee:6e:c0:
38:49:94:68:30:5f:98:5d:28:f9:6f:44:fd:d1:60:
60:6f:fd:fc:c8:e2:ab:68:1a:ed:81:c7:c8:d0:5c:
07:80:f6:c4:44:29:65:51:6a:b7:6f:64:47:1c:25:
93:69:e6:fc:4f:a2:1a:f1:f3:f6:02:8d:d9:dd:e3:
26:92:c0:85:2e:a6:a3:27:3e:2b:0e:f5:78:fa:40:
35:3e:28:97:51:1d:a0:ba:df:6c:c2:35:3c:8a:cc:
01:d0:cd:80:bb:5e:f2:54:5f:b6:b8:1c:68:54:74:
23:b7:e5:ca:81:d4:13:5c:9e:18:e9:e3:9c:99:85:
b8:5c:ee:92:18:f8:e9:93:58:b0:98:8b:9c:df:99:
c8:05:fb:1c:8d:ed:e2:79:85:18:d5:34:10:2b:a8:
55:a6:34:25:88:46:6e:fe:c3:be:49:35:1f:d1:0a:
09:41:db:45:c8:61:d6:77:68:ae:81:4f:4a:67:09:
97:ad:a3:e4:14:a3:bc:27:dd:1a:13:9d:ff:28:3f:
3a:55:cb:ad:17:33:02:f4:8a:02:37:3c:2e:96:fb:
03:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:43:08:2D:5F:3F:41:88:2A:C7:9C:0F:0D:F7:97:05:91:E3:C2:73
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/CUMILV8_QYgqx5wPDfeXBZHjwnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.89.0/24
5.188.192.0/23
95.215.0.0/22
188.143.128.0/17
195.2.240.0/23
IPv6:
2a00:1d78::/32
2a0c:8700::/29
2a0d:8fc0::/29
Signature Algorithm: sha256WithRSAEncryption
9c:39:f1:ed:ce:f1:93:a9:c9:d4:b4:f4:99:74:11:91:49:c3:
2c:1f:3c:fd:5a:73:25:9b:96:90:1d:7a:2d:00:99:4a:84:21:
3f:7a:60:b7:fa:c4:85:6e:6e:37:a8:06:69:20:8b:14:5e:71:
49:2e:e9:d8:74:3a:93:a4:e0:97:01:47:36:72:d9:eb:3b:04:
87:5f:75:e2:22:de:da:72:dd:77:f1:53:99:1f:0f:97:fc:35:
65:d2:bb:73:22:27:42:c4:09:b1:ed:b4:6f:e4:63:13:05:e4:
b2:26:c9:9d:4c:12:6b:2a:3e:fa:93:76:00:11:f7:4b:9b:e9:
66:cc:ea:df:09:34:9c:a9:82:61:2c:75:6c:11:77:b9:21:ea:
79:db:fa:6b:66:52:38:81:10:a6:ea:e4:90:8c:7a:f6:ea:bc:
d1:34:c7:f3:1e:44:7d:8b:87:f5:84:e6:0f:88:09:69:2c:d8:
e0:38:50:d5:83:66:68:0f:cd:f9:56:89:34:47:fc:8e:2c:38:
4f:ee:4e:6a:6f:fb:bd:95:0e:2e:46:93:30:a5:b5:a5:2c:d9:
f0:82:12:88:e5:5f:4a:43:87:b6:3d:c2:c6:0d:a8:e5:b2:7f:
68:cf:e5:fe:61:b2:53:71:8f:05:b4:ff:ab:a8:3f:5a:7e:c4:
a1:d6:97:22
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYbMkrqwOYwgTO5/+rlvNfbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMzEwMTczMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQzMDgyZDVmM2Y0MTg4MmFjNzljMGYwZGY3OTcwNTkxZTNjMjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoheI9mCG0B6lnNWm4JDr1MUNBiBB
revx2fNnSxwWDgSPgVCCtpYMWZfubsA4SZRoMF+YXSj5b0T90WBgb/38yOKraBrt
gcfI0FwHgPbERCllUWq3b2RHHCWTaeb8T6Ia8fP2Ao3Z3eMmksCFLqajJz4rDvV4
+kA1PiiXUR2gut9swjU8iswB0M2Au17yVF+2uBxoVHQjt+XKgdQTXJ4Y6eOcmYW4
XO6SGPjpk1iwmIuc35nIBfscje3ieYUY1TQQK6hVpjQliEZu/sO+STUf0QoJQdtF
yGHWd2iugU9KZwmXraPkFKO8J90aE53/KD86VcutFzMC9IoCNzwulvsDRQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFAlDCC1fP0GIKsecDw33lwWR48JzMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvQ1VNSUxWOF9RWWdxeDV3UERmZVhCWkhqd25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQABWVZAwQB
BbzAAwQCX9cAAwQHvI+AAwQBwwLwMBsEAgACMBUDBQAqAB14AwUDKgyHAAMFAyoN
j8AwDQYJKoZIhvcNAQELBQADggEBAJw58e3O8ZOpydS09Jl0EZFJwywfPP1acyWb
lpAdei0AmUqEIT96YLf6xIVubjeoBmkgixRecUku6dh0OpOk4JcBRzZy2es7BIdf
deIi3tpy3XfxU5kfD5f8NWXSu3MiJ0LECbHttG/kYxMF5LImyZ1MEmsqPvqTdgAR
90ub6WbM6t8JNJypgmEsdWwRd7kh6nnb+mtmUjiBEKbq5JCMevbqvNE0x/MeRH2L
h/WE5g+ICWks2OA4UNWDZmgPzflWiTRH/I4sOE/uTmpv+72VDi5GkzCltaUs2fCC
EojlX0pDh7Y9wsYNqOWyf2jP5f5hslNxjwW0/6uoP1p+xKHWlyI=
-----END CERTIFICATE-----
Generated at Wed Dec 20 14:16:20 2023 by rpki-client on console-fra.rpki-client.org