Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cfWEDF30hxQ21LSKYByxeIMxNu0.roa
File: cfWEDF30hxQ21LSKYByxeIMxNu0.roa (raw, json)
Hash identifier: js8nAAK5WEwUA5naJL3IEsDFYdasWD+hPq9WeuNOOmo=
Subject key identifier: 71:F5:84:0C:5D:F4:87:14:36:D4:B4:8A:60:1C:B1:78:83:31:36:ED
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 018BB8F21F4F26DD88873044F8BE7D17DA56
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cfWEDF30hxQ21LSKYByxeIMxNu0.roa
Signing time: Fri 10 Nov 2023 11:15:57 +0000
ROA not before: Fri 10 Nov 2023 11:15:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9105
IP address blocks: 213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
195.112.0.0/18 maxlen: 24
212.139.0.0/16 maxlen: 24
80.40.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
82.133.0.0/17 maxlen: 24
88.106.0.0/15 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
88.108.0.0/14 maxlen: 24
185.175.144.0/22 maxlen: 24
194.106.32.0/19 maxlen: 24
81.6.192.0/18 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
195.149.0.0/18 maxlen: 24
195.137.0.0/17 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b8:f2:1f:4f:26:dd:88:87:30:44:f8:be:7d:17:da:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Nov 10 11:15:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f5840c5df4871436d4b48a601cb178833136ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ad:71:90:60:81:15:a2:17:5d:3c:31:d9:42:
2b:09:33:b4:d8:72:55:b6:34:eb:e4:3b:1d:ce:80:
cf:c2:5e:92:f8:1b:5e:67:e1:8b:d1:ac:16:f0:d2:
63:fe:f8:f5:a4:07:95:00:84:e1:a6:51:9b:c1:55:
52:8e:48:d1:7c:54:71:8f:6a:b7:1d:d6:84:77:90:
8e:42:65:5f:ae:d4:39:d8:d4:56:a2:b2:7a:6c:fc:
3d:22:3e:9c:96:33:2d:00:50:74:21:8e:15:5f:9c:
29:e6:17:10:53:0b:15:e6:38:bf:6a:64:e9:5e:e8:
91:32:22:81:b6:a1:f4:42:27:3b:e4:e4:26:79:6d:
5c:65:82:c6:6a:5c:1b:65:13:ec:40:9e:be:f4:ff:
51:81:d5:bc:1e:36:3b:a3:34:fb:0a:e4:c7:c0:e4:
14:bf:2b:d8:c6:18:ac:ae:1d:08:9e:a8:59:61:37:
81:cd:51:6e:d9:2c:9b:76:4f:78:67:8f:06:f8:6a:
8f:d4:bb:84:9a:21:cd:b1:f7:e1:83:39:52:ec:69:
10:87:8e:44:47:63:1c:ae:b1:57:bb:dd:5b:db:54:
a3:f8:e0:79:c1:9f:f9:f3:55:63:84:8e:7b:ba:b3:
91:73:64:01:4c:3c:c5:f2:06:41:6c:f2:85:9c:11:
23:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F5:84:0C:5D:F4:87:14:36:D4:B4:8A:60:1C:B1:78:83:31:36:ED
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/cfWEDF30hxQ21LSKYByxeIMxNu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
88.106.0.0-88.111.255.255
89.168.128.0/17
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.208.64.0/18
Signature Algorithm: sha256WithRSAEncryption
78:28:47:8a:59:a9:65:da:d2:d8:2e:d4:73:8b:90:69:24:fe:
e3:c8:56:67:ed:2d:a3:da:02:a1:f1:3c:c2:bc:c9:29:e7:46:
00:4c:a1:5f:56:a1:87:4c:92:b3:61:a8:e1:e0:02:14:72:6c:
68:20:05:5e:ef:35:8b:6f:1a:9d:21:c7:db:c2:59:76:fc:09:
ec:05:a2:04:a7:1f:b1:c3:19:3b:af:b7:8e:5f:e6:90:41:91:
77:f5:e7:81:a3:ce:c2:df:1d:7f:cf:d4:5e:35:2c:5c:49:5d:
b5:23:62:2c:a4:19:5d:14:07:b2:e3:34:e3:b8:e0:e1:47:cd:
73:65:e6:29:ba:b4:3d:c3:8b:80:d6:f9:47:21:3e:a4:2c:5a:
22:75:b1:66:d1:89:94:a4:d7:c2:9a:20:d2:70:23:34:3d:1a:
3f:de:be:a8:12:91:e7:a7:10:03:2d:0d:a0:0c:1d:3f:08:f4:
cb:de:87:92:77:b8:0b:4e:1c:e1:85:a0:40:bc:d9:05:e0:ec:
a0:33:d3:7c:9f:f2:87:61:3f:c6:72:76:5c:d4:03:33:26:d1:
4a:1c:3c:d5:86:1f:ef:86:0c:1e:31:5a:c3:b8:d9:ea:a8:72:
ff:86:11:88:f9:ec:a4:53:d6:94:d4:85:a6:b7:2f:0b:bc:00:
2d:35:9c:f6
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYu48h9PJt2IhzBE+L59F9pWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMxMTEwMTExNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWY1ODQwYzVkZjQ4NzE0MzZkNGI0OGE2MDFjYjE3ODgzMzEzNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga1xkGCBFaIXXTwx2UIrCTO02HJV
tjTr5DsdzoDPwl6S+BteZ+GL0awW8NJj/vj1pAeVAIThplGbwVVSjkjRfFRxj2q3
HdaEd5COQmVfrtQ52NRWorJ6bPw9Ij6cljMtAFB0IY4VX5wp5hcQUwsV5ji/amTp
XuiRMiKBtqH0Qic75OQmeW1cZYLGalwbZRPsQJ6+9P9RgdW8HjY7ozT7CuTHwOQU
vyvYxhisrh0InqhZYTeBzVFu2Sybdk94Z48G+GqP1LuEmiHNsffhgzlS7GkQh45E
R2McrrFXu91b21Sj+OB5wZ/581VjhI57urORc2QBTDzF8gZBbPKFnBEjCwIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFHH1hAxd9IcUNtS0imAcsXiDMTbtMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvY2ZXRURGMzBoeFEyMUxTS1lCeXhlSU14TnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBlgQCAAEwgY8DAwJP
TAMDA1AoAwQGUQFAAwQGUQbAAwMAUVYDBAdRqgADAwFRsgMEB1KFAAMDAFNDAwMA
VAwwCgMDAVhqAwMEWGADBAdZqIADBAK5r5ADBADB2mMDBAXCaiADBAXC9+ADBAbD
cAADBAfDiQADBAbDlQADBAXUAYADBAXUSmADAwDUiwMEBtSfgAMEBtXQQDANBgkq
hkiG9w0BAQsFAAOCAQEAeChHilmpZdrS2C7Uc4uQaST+48hWZ+0to9oCofE8wrzJ
KedGAEyhX1ahh0ySs2Go4eACFHJsaCAFXu81i28anSHH28JZdvwJ7AWiBKcfscMZ
O6+3jl/mkEGRd/XngaPOwt8df8/UXjUsXEldtSNiLKQZXRQHsuM047jg4UfNc2Xm
Kbq0PcOLgNb5RyE+pCxaInWxZtGJlKTXwpog0nAjND0aP96+qBKR56cQAy0NoAwd
Pwj0y96Hkne4C04c4YWgQLzZBeDsoDPTfJ/yh2E/xnJ2XNQDMybRShw81YYf74YM
HjFaw7jZ6qhy/4YRiPnspFPWlNSFprcvC7wALTWc9g==
Generated at Fri Nov 24 02:20:50 2023 by rpki-client on console-fra.rpki-client.org