Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CvHeHnK4jvuE3YfRTdMHnxpSKn8.roa
File: CvHeHnK4jvuE3YfRTdMHnxpSKn8.roa (raw, json)
Hash identifier: CbskobbudstrWHgwH4itIea5d8QLhVuq0FuCy4m14/s=
Subject key identifier: 0A:F1:DE:1E:72:B8:8E:FB:84:DD:87:D1:4D:D3:07:9F:1A:52:2A:7F
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 018717DB16CB50AB8F3C69B22F02D44A7291
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CvHeHnK4jvuE3YfRTdMHnxpSKn8.roa
Signing time: Sat 25 Mar 2023 08:20:46 +0000
ROA not before: Sat 25 Mar 2023 08:20:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206766
IP address blocks: 91.194.10.0/24 maxlen: 24
79.143.19.0/24 maxlen: 24
185.255.30.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:17:db:16:cb:50:ab:8f:3c:69:b2:2f:02:d4:4a:72:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Mar 25 08:20:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0af1de1e72b88efb84dd87d14dd3079f1a522a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:df:a6:d2:6a:2c:7d:5c:a8:5c:70:46:10:59:
f8:56:a6:ab:2b:14:d3:01:3c:46:a2:c9:93:d9:03:
f5:a7:05:50:b4:cb:08:7f:8f:4a:70:4e:8e:5c:8f:
c9:7b:4e:75:01:ed:c2:18:7b:01:fc:73:1f:4f:70:
0b:15:a3:5f:86:dc:91:02:8f:a8:c2:84:69:38:21:
d8:bf:70:14:4d:18:6e:21:a4:93:42:01:93:6e:dd:
43:10:c9:4e:33:8a:24:54:fb:4b:55:92:aa:a6:4e:
27:a0:cc:68:42:0c:fc:ef:4a:02:ee:38:c8:7a:f7:
64:84:4f:2a:12:2c:83:f8:06:8e:49:a0:2d:2d:58:
1e:42:6a:b7:47:c1:8f:c2:ba:29:84:80:92:be:50:
45:ca:d7:e9:6c:12:00:75:81:aa:a1:4b:92:ed:f5:
f8:18:e9:68:0f:36:1c:4a:76:d9:dd:27:6d:d3:d6:
bb:63:46:82:97:7d:83:07:47:ec:d9:68:d6:ed:f5:
75:e1:22:5c:20:96:4d:85:d9:ee:8b:ba:be:e9:f8:
23:36:e1:10:b2:67:a3:25:45:6f:d3:3c:ab:38:37:
17:2e:23:9c:f5:80:3c:65:e6:7c:3c:a3:da:0f:bf:
50:4a:a0:00:f9:33:2a:60:35:38:d2:37:da:4f:b9:
04:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F1:DE:1E:72:B8:8E:FB:84:DD:87:D1:4D:D3:07:9F:1A:52:2A:7F
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/CvHeHnK4jvuE3YfRTdMHnxpSKn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.19.0/24
91.194.10.0/24
185.255.30.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:a6:ba:ea:28:d4:1c:80:14:85:04:ef:70:4e:5f:d0:c2:56:
49:7a:2b:f6:03:78:7f:56:3f:99:19:b8:96:f6:18:ee:8c:99:
4b:a5:85:0a:08:dd:53:44:3a:a0:f4:15:86:68:c3:77:e2:8c:
92:5d:5d:3b:dc:34:82:9c:e5:10:d0:85:6b:61:57:e0:b2:f6:
eb:a6:d0:55:e6:be:e0:06:d9:27:70:d4:db:93:dc:dc:94:ef:
80:e5:97:75:82:bf:05:98:f6:9a:cb:3c:e9:a8:ed:6a:bb:f2:
e5:1a:2c:ac:04:aa:28:9d:08:51:e6:51:94:07:36:e7:1b:76:
62:16:58:0e:22:ec:b4:9b:ee:13:60:35:56:8e:85:b9:7c:14:
a7:e6:3a:c9:ef:69:5e:5d:14:27:2c:17:90:d1:4e:67:bb:06:
6d:84:b9:48:7f:50:5e:75:fa:46:3f:51:d8:61:16:89:0c:72:
35:9f:e4:43:2c:b3:63:ce:11:3e:4a:e1:ce:ff:64:e3:33:eb:
b6:af:09:15:91:d0:10:99:ae:57:11:e9:23:86:a8:95:45:f4:
fd:af:b4:d5:7c:7d:78:a4:5c:4c:0b:62:f2:6a:1a:bb:61:46:
35:4a:0d:dd:b0:9c:3d:c2:a6:e3:e1:fb:77:01:48:b8:4a:3c:
e6:02:55:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYcX2xbLUKuPPGmyLwLUSnKRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwMzI1MDgyMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYxZGUxZTcyYjg4ZWZiODRkZDg3ZDE0ZGQzMDc5ZjFhNTIyYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N+m0mosfVyoXHBGEFn4VqarKxTT
ATxGosmT2QP1pwVQtMsIf49KcE6OXI/Je051Ae3CGHsB/HMfT3ALFaNfhtyRAo+o
woRpOCHYv3AUTRhuIaSTQgGTbt1DEMlOM4okVPtLVZKqpk4noMxoQgz870oC7jjI
evdkhE8qEiyD+AaOSaAtLVgeQmq3R8GPwrophICSvlBFytfpbBIAdYGqoUuS7fX4
GOloDzYcSnbZ3Sdt09a7Y0aCl32DB0fs2WjW7fV14SJcIJZNhdnui7q+6fgjNuEQ
smejJUVv0zyrODcXLiOc9YA8ZeZ8PKPaD79QSqAA+TMqYDU40jfaT7kEpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFArx3h5yuI77hN2H0U3TB58aUip/MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvQ3ZIZUhuSzRqdnVFM1lmUlRkTUhueHBTS244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT48TAwQA
W8IKAwQAuf8eMA0GCSqGSIb3DQEBCwUAA4IBAQAKprrqKNQcgBSFBO9wTl/QwlZJ
eiv2A3h/Vj+ZGbiW9hjujJlLpYUKCN1TRDqg9BWGaMN34oySXV073DSCnOUQ0IVr
YVfgsvbrptBV5r7gBtkncNTbk9zclO+A5Zd1gr8FmPaayzzpqO1qu/LlGiysBKoo
nQhR5lGUBzbnG3ZiFlgOIuy0m+4TYDVWjoW5fBSn5jrJ72leXRQnLBeQ0U5nuwZt
hLlIf1BedfpGP1HYYRaJDHI1n+RDLLNjzhE+SuHO/2TjM+u2rwkVkdAQma5XEekj
hqiVRfT9r7TVfH14pFxMC2Lyahq7YUY1Sg3dsJw9wqbj4ft3AUi4SjzmAlUl
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:02:29 2024 by rpki-client on console-ams.rpki-client.org