Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/n6UJTnaFGKmUzNyaypIpAMFZFSc.roa
File: n6UJTnaFGKmUzNyaypIpAMFZFSc.roa (raw, json)
Hash identifier: QmD9QveusyU0oHHKOGqB2fyS+pbICtwErW/3qtCRHIY=
Subject key identifier: 9F:A5:09:4E:76:85:18:A9:94:CC:DC:9A:CA:92:29:00:C1:59:15:27
Certificate issuer: /CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0
Certificate serial: 018570B098573B3E53717CE6EB10C06C1BA4
Authority key identifier: CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/n6UJTnaFGKmUzNyaypIpAMFZFSc.roa
Signing time: Mon 02 Jan 2023 04:14:59 +0000
ROA not before: Mon 02 Jan 2023 04:14:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57834
IP address blocks: 185.197.124.0/24 maxlen: 24
185.197.125.0/24 maxlen: 24
185.197.126.0/24 maxlen: 24
185.197.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:98:57:3b:3e:53:71:7c:e6:eb:10:c0:6c:1b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0
Validity
Not Before: Jan 2 04:14:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9fa5094e768518a994ccdc9aca922900c1591527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:eb:d4:5a:ed:a5:a9:e4:b7:b5:de:2d:b1:c8:
81:c4:00:ce:32:34:ce:6e:19:33:29:cc:e5:2a:8c:
ec:01:e1:ab:b5:92:d4:cd:36:47:8d:62:bf:a6:33:
bb:48:bc:49:bb:51:e6:fa:76:6e:66:c2:2e:86:3b:
d9:3d:7a:21:23:e2:3f:88:96:83:0d:a1:65:6e:58:
8b:a1:53:9b:6c:71:cb:d5:36:ab:35:d3:5d:d1:02:
58:4f:f8:24:3e:2f:b1:e3:d7:37:35:2b:3e:18:9c:
22:bb:91:dc:bd:fb:49:49:79:9c:3b:2d:1a:f3:3f:
40:64:90:b9:66:9a:6a:9f:24:74:f9:56:15:63:c8:
9f:16:54:b8:b0:7d:2a:6e:41:fc:1d:14:68:37:c5:
76:9f:5e:0e:3a:50:4e:2d:2c:66:9d:fc:fc:08:b1:
a2:b9:6d:9d:38:0e:d1:f1:e5:5e:54:1b:1f:ea:fd:
8b:9c:c4:87:f2:37:af:b7:d8:53:97:33:59:29:eb:
66:e2:87:d3:42:d0:ec:a3:b3:2a:e6:f7:42:a5:59:
94:89:12:ec:2f:11:3b:c5:9d:38:f6:4e:50:c0:d0:
39:e9:e9:a1:10:5f:88:0a:7a:7e:cb:24:dd:af:7e:
34:29:64:6a:01:17:09:e0:cf:df:fc:0a:d9:16:c8:
6d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A5:09:4E:76:85:18:A9:94:CC:DC:9A:CA:92:29:00:C1:59:15:27
X509v3 Authority Key Identifier:
keyid:CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/n6UJTnaFGKmUzNyaypIpAMFZFSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.124.0/22
Signature Algorithm: sha256WithRSAEncryption
65:5b:2c:d6:02:ae:2a:3e:2c:6e:33:87:3a:ab:6a:c6:af:d0:
df:5e:3d:aa:53:a6:d9:7f:ba:20:58:42:1c:f5:54:fb:bc:3c:
e3:97:29:5a:96:b9:7a:71:33:82:b7:b3:80:06:85:1e:03:eb:
4f:af:b3:05:b5:ed:5d:f7:71:6a:88:e1:1f:1d:b2:23:e1:0f:
c7:62:40:26:9f:38:a9:dd:cf:47:09:63:b9:b8:61:96:62:03:
2e:da:24:57:bb:f4:b6:0c:a5:36:62:52:74:ed:b5:10:be:85:
9d:18:b4:7f:8f:db:ed:5b:3d:61:29:61:b9:6a:f1:81:d4:cb:
61:a3:5a:58:21:7b:99:69:5c:bb:68:a6:9c:a8:a7:55:fb:b7:
9f:7b:e0:ee:db:a8:92:ad:23:87:08:09:04:40:01:c6:6f:84:
64:81:0e:90:03:a5:3a:76:b2:25:4d:60:bd:23:65:cc:ce:b3:
2f:07:1d:de:32:8a:e0:af:08:4f:b5:c4:aa:47:15:91:b8:3f:
c6:b5:10:c1:e9:06:bc:ba:f9:c1:df:f9:13:f5:96:93:e3:76:
c8:58:c1:7b:eb:fb:41:47:1a:18:ac:be:3c:97:78:de:51:00:
bd:99:e1:96:9b:47:41:31:33:cc:21:c0:fb:ea:e0:57:f3:6a:
c1:87:03:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsJhXOz5TcXzm6xDAbBukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYmEwNDNlMWM0YjUyNDQ3YThlMzY3YmJjMTMwNzUxOWZh
NWZhZTAwHhcNMjMwMTAyMDQxNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmE1MDk0ZTc2ODUxOGE5OTRjY2RjOWFjYTkyMjkwMGMxNTkxNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+vUWu2lqeS3td4tsciBxADOMjTO
bhkzKczlKozsAeGrtZLUzTZHjWK/pjO7SLxJu1Hm+nZuZsIuhjvZPXohI+I/iJaD
DaFlbliLoVObbHHL1TarNdNd0QJYT/gkPi+x49c3NSs+GJwiu5HcvftJSXmcOy0a
8z9AZJC5ZppqnyR0+VYVY8ifFlS4sH0qbkH8HRRoN8V2n14OOlBOLSxmnfz8CLGi
uW2dOA7R8eVeVBsf6v2LnMSH8jevt9hTlzNZKetm4ofTQtDso7Mq5vdCpVmUiRLs
LxE7xZ049k5QwNA56emhEF+ICnp+yyTdr340KWRqARcJ4M/f/ArZFshtnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+lCU52hRiplMzcmsqSKQDBWRUnMB8GA1UdIwQY
MBaAFM+6BD4cS1JEeo42e7wTB1GfpfrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYt
YzBjYTgwYTA1ZTJhLzEvbjZVSlRuYUZHS21Vek55YXlwSXBBTUZaRlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYtYzBjYTgwYTA1ZTJh
LzEvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucV8MA0G
CSqGSIb3DQEBCwUAA4IBAQBlWyzWAq4qPixuM4c6q2rGr9DfXj2qU6bZf7ogWEIc
9VT7vDzjlylalrl6cTOCt7OABoUeA+tPr7MFte1d93FqiOEfHbIj4Q/HYkAmnzip
3c9HCWO5uGGWYgMu2iRXu/S2DKU2YlJ07bUQvoWdGLR/j9vtWz1hKWG5avGB1Mth
o1pYIXuZaVy7aKacqKdV+7efe+Du26iSrSOHCAkEQAHGb4RkgQ6QA6U6drIlTWC9
I2XMzrMvBx3eMorgrwhPtcSqRxWRuD/GtRDB6Qa8uvnB3/kT9ZaT43bIWMF76/tB
RxoYrL48l3jeUQC9meGWm0dBMTPMIcD76uBX82rBhwPC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:03 2024 by rpki-client on console-fra.rpki-client.org