Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/CFT6uv4ewK4T77fPBfaImE_jr_s.roa
File: CFT6uv4ewK4T77fPBfaImE_jr_s.roa (raw, json)
Hash identifier: lNdNoigPpqMd/PPypVBPvX+7uBCs/LOBde6KjuDfFIA=
Subject key identifier: 08:54:FA:BA:FE:1E:C0:AE:13:EF:B7:CF:05:F6:88:98:4F:E3:AF:FB
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 018CC6B91BEE81FC35C1BE2F94D7E866C4CA
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/CFT6uv4ewK4T77fPBfaImE_jr_s.roa
Signing time: Mon 01 Jan 2024 20:31:09 +0000
ROA not before: Mon 01 Jan 2024 20:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48944
IP address blocks: 109.72.192.0/21 maxlen: 21
109.72.192.0/20 maxlen: 20
109.238.176.0/20 maxlen: 20
109.72.200.0/21 maxlen: 21
109.238.184.0/24 maxlen: 24
185.246.4.0/22 maxlen: 22
5.23.112.0/21 maxlen: 21
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
95.130.58.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.56.0/24 maxlen: 24
95.130.56.0/21 maxlen: 21
95.130.59.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
2a02:d2c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 07:31:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1b:ee:81:fc:35:c1:be:2f:94:d7:e8:66:c4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: Jan 1 20:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0854fabafe1ec0ae13efb7cf05f688984fe3affb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:54:5a:79:9f:f1:e2:78:b5:80:90:5e:8f:
95:eb:1a:6a:7d:b4:5e:22:ef:84:30:c4:00:eb:39:
9b:67:38:1a:8e:6e:53:df:a7:cf:fd:60:ef:e5:88:
b0:ac:f6:6d:fb:c0:7c:22:05:47:44:cd:25:ef:48:
18:41:86:78:0d:72:ec:b2:ca:e0:44:da:ff:c8:1c:
b5:e4:fc:41:22:6c:6c:22:0d:02:96:b6:ef:ef:08:
79:6e:74:02:e3:fd:39:fc:54:21:12:76:f8:05:8c:
31:22:76:c5:c2:6b:df:7a:2f:17:58:09:2c:ae:8c:
98:f8:f9:8b:12:bf:92:24:6f:2a:7c:9b:5d:0e:89:
cb:15:11:c0:39:27:f2:7e:f9:5a:e8:a5:df:d1:e6:
68:af:99:8c:21:99:c4:94:f9:dd:6e:50:11:44:86:
f4:d0:aa:65:f8:84:7f:fb:6c:66:60:2a:e7:ae:e5:
df:c2:c3:0d:85:65:7b:a4:bb:ff:50:77:12:34:d3:
79:de:db:fa:b6:f4:c1:41:31:b4:4c:c3:5c:bd:05:
60:43:e2:d7:d4:cd:7b:55:ad:5c:80:09:9e:da:16:
e9:93:3e:ad:55:95:97:c3:bc:a5:77:8a:ba:9a:5a:
f7:92:1a:6f:c5:ef:3e:1b:a4:2f:ad:fc:51:23:7f:
ae:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:54:FA:BA:FE:1E:C0:AE:13:EF:B7:CF:05:F6:88:98:4F:E3:AF:FB
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/CFT6uv4ewK4T77fPBfaImE_jr_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:7d:a1:81:d9:74:54:c4:43:63:39:29:30:c7:d9:d1:c8:55:
ee:8f:01:d4:95:c8:c6:9a:ea:a9:bc:a3:0a:61:c9:c9:1c:d3:
61:a4:f3:0d:1f:77:3e:34:2f:fd:94:86:2e:ed:05:47:cf:62:
f0:7d:fc:cc:5c:1f:79:eb:7b:52:69:27:fe:ac:d1:32:b1:a3:
3f:4a:3f:9a:06:58:ed:06:63:b5:24:31:fe:09:1a:11:51:61:
3d:7e:7d:43:f8:e0:ee:90:93:d5:9b:cb:0a:e2:c6:a2:b9:09:
c0:82:b6:01:e4:24:a7:82:63:c1:1f:75:de:8a:5f:28:80:7b:
24:4b:91:d1:75:5c:11:7f:a0:91:ba:5f:d2:0b:b2:a3:6a:95:
61:89:1e:0e:e8:4a:5d:b4:21:a0:e7:fc:cb:7c:b0:32:29:2f:
38:31:0b:60:ad:40:b0:35:49:b9:34:62:48:e9:1f:26:a1:99:
99:fa:0d:80:2e:46:30:3e:79:02:5a:65:5b:9c:b3:ae:09:53:
6b:cc:0d:fb:98:70:f0:d1:20:ce:43:69:ef:32:02:e6:a2:5d:
7c:d3:d3:13:99:6a:6e:b5:4e:72:f3:d4:96:52:5d:a0:53:17:
5d:74:90:88:15:e7:97:cf:4d:26:a5:91:cf:d9:53:c5:b0:b4:
33:17:7c:a4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzGuRvugfw1wb4vlNfoZsTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjQwMTAxMjAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODU0ZmFiYWZlMWVjMGFlMTNlZmI3Y2YwNWY2ODg5ODRmZTNhZmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqblUWnmf8eJ4tYCQXo+V6xpqfbRe
Iu+EMMQA6zmbZzgajm5T36fP/WDv5YiwrPZt+8B8IgVHRM0l70gYQYZ4DXLsssrg
RNr/yBy15PxBImxsIg0Clrbv7wh5bnQC4/05/FQhEnb4BYwxInbFwmvfei8XWAks
royY+PmLEr+SJG8qfJtdDonLFRHAOSfyfvla6KXf0eZor5mMIZnElPndblARRIb0
0Kpl+IR/+2xmYCrnruXfwsMNhWV7pLv/UHcSNNN53tv6tvTBQTG0TMNcvQVgQ+LX
1M17Va1cgAme2hbpkz6tVZWXw7yld4q6mlr3khpvxe8+G6QvrfxRI3+u5QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFAhU+rr+HsCuE++3zwX2iJhP46/7MB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvQ0ZUNnV2NGV3SzRUNzdmUEJmYUltRV9qcl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRdwAwQD
X4I4AwQEbUjAAwQEbe6wAwQEsENAAwQCuQuwAwQCufYEMA0EAgACMAcDBQMqAtLA
MA0GCSqGSIb3DQEBCwUAA4IBAQCWfaGB2XRUxENjOSkwx9nRyFXujwHUlcjGmuqp
vKMKYcnJHNNhpPMNH3c+NC/9lIYu7QVHz2LwffzMXB9563tSaSf+rNEysaM/Sj+a
BljtBmO1JDH+CRoRUWE9fn1D+ODukJPVm8sK4saiuQnAgrYB5CSngmPBH3Xeil8o
gHskS5HRdVwRf6CRul/SC7KjapVhiR4O6EpdtCGg5/zLfLAyKS84MQtgrUCwNUm5
NGJI6R8moZmZ+g2ALkYwPnkCWmVbnLOuCVNrzA37mHDw0SDOQ2nvMgLmol1809MT
mWputU5y89SWUl2gUxdddJCIFeeXz00mpZHP2VPFsLQzF3yk
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:42:48 2025 by rpki-client