Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CfzFXAuNco4ch2SfwlroACF1bVU.roa
File: CfzFXAuNco4ch2SfwlroACF1bVU.roa (raw, json)
Hash identifier: QVLvAm0qwt5AAGH++rEOItJMI2BSab+P1/xP1KnMchg=
Subject key identifier: 09:FC:C5:5C:0B:8D:72:8E:1C:87:64:9F:C2:5A:E8:00:21:75:6D:55
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0186F071AE9B021DC05B2CEF1B1ADDD013E6
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CfzFXAuNco4ch2SfwlroACF1bVU.roa
Signing time: Fri 17 Mar 2023 16:40:27 +0000
ROA not before: Fri 17 Mar 2023 16:40:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 18:31:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:f0:71:ae:9b:02:1d:c0:5b:2c:ef:1b:1a:dd:d0:13:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 17 16:40:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09fcc55c0b8d728e1c87649fc25ae80021756d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cb:57:cc:38:74:00:37:bb:9e:81:cb:d2:a6:
a7:12:17:06:d3:b8:9e:3e:cb:e3:2c:76:ae:21:60:
60:34:73:e4:1e:ee:7d:38:76:3f:f0:92:39:8b:2b:
5a:44:94:34:ee:10:78:ef:80:ee:4e:0d:0d:bd:9e:
5b:48:56:24:c2:85:6c:07:1a:94:65:78:5a:2c:91:
cc:a5:b3:85:df:99:d1:07:ee:17:e1:23:e9:2e:ee:
b4:92:9a:5a:43:17:dc:71:6d:b7:5c:6d:64:ee:d3:
40:89:e0:ef:9a:c2:c1:7e:45:2c:d9:aa:e9:33:c8:
22:d4:c6:58:84:96:4c:42:fe:96:52:60:4f:96:db:
75:ce:06:f9:ea:b3:e5:d3:5d:f5:38:47:4b:71:31:
27:1b:37:de:cc:2a:37:e6:89:21:7e:b6:33:af:59:
ab:b6:03:50:8a:6d:0c:0e:37:b4:c0:77:a6:93:61:
c1:0e:58:6f:c1:e1:39:ba:70:07:0e:8f:45:43:47:
c2:b5:29:2e:e1:05:6a:ca:9f:89:b9:e1:b8:32:d5:
30:a2:5c:9e:e8:be:2f:6a:aa:d6:ee:c1:ef:2b:f9:
1b:08:52:12:b3:8b:6f:6f:ff:f0:08:b4:75:14:ef:
fa:fd:09:76:c2:43:4f:82:2d:3a:ba:f0:92:72:18:
f9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FC:C5:5C:0B:8D:72:8E:1C:87:64:9F:C2:5A:E8:00:21:75:6D:55
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/CfzFXAuNco4ch2SfwlroACF1bVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0/24
185.199.213.0/24
185.226.183.0/24
Signature Algorithm: sha256WithRSAEncryption
38:88:73:64:ca:30:d2:0c:96:fa:ed:64:d3:2f:29:b5:c5:0b:
c9:0b:5e:a1:b5:92:27:37:06:a7:1e:f8:fa:bc:3a:06:d9:67:
e1:15:bb:58:3f:32:06:c4:08:0f:c1:7a:c8:62:9d:bf:02:83:
ba:b1:dd:cf:f7:c2:9b:e1:41:40:6e:e1:39:8d:de:be:f1:2d:
46:10:1a:1c:18:b7:9b:88:65:bb:c6:2a:ec:97:7b:4e:e0:6b:
7c:1a:2d:ca:68:1d:98:a5:38:d4:67:84:0a:96:9c:43:26:2d:
d4:0c:c9:fd:33:ad:16:b1:07:47:4b:8e:16:fb:26:40:24:04:
89:2e:f9:3e:6e:0f:84:70:de:b0:1b:6f:f7:40:4b:56:f6:38:
98:00:ad:44:e0:3e:ef:5f:b9:7a:49:9f:6f:f2:a3:8a:d5:22:
89:5f:25:ac:47:17:2f:06:03:b9:81:1c:b7:8b:40:3d:17:9d:
f0:e4:45:58:ba:d5:c3:d7:8a:b8:16:cf:80:41:6b:e3:74:47:
af:00:d8:77:45:e0:6e:ec:af:f7:9f:80:91:85:56:70:6a:03:
af:bf:df:b2:f7:3c:81:ae:3a:ae:3f:be:e2:c8:86:04:e3:95:
21:cb:91:86:08:bd:8f:b8:48:aa:4c:d8:f9:6f:56:6e:9a:0b:
41:81:21:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbwca6bAh3AWyzvGxrd0BPmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwMzE3MTY0MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZjYzU1YzBiOGQ3MjhlMWM4NzY0OWZjMjVhZTgwMDIxNzU2ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj8tXzDh0ADe7noHL0qanEhcG07ie
PsvjLHauIWBgNHPkHu59OHY/8JI5iytaRJQ07hB474DuTg0NvZ5bSFYkwoVsBxqU
ZXhaLJHMpbOF35nRB+4X4SPpLu60kppaQxfccW23XG1k7tNAieDvmsLBfkUs2arp
M8gi1MZYhJZMQv6WUmBPltt1zgb56rPl0131OEdLcTEnGzfezCo35okhfrYzr1mr
tgNQim0MDje0wHemk2HBDlhvweE5unAHDo9FQ0fCtSku4QVqyp+JueG4MtUwolye
6L4vaqrW7sHvK/kbCFISs4tvb//wCLR1FO/6/Ql2wkNPgi06uvCSchj5TwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAn8xVwLjXKOHIdkn8Ja6AAhdW1VMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQ2Z6RlhBdU5jbzRjaDJTZndscm9BQ0YxYlZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZ3RAwQA
ucfVAwQAueK3MA0GCSqGSIb3DQEBCwUAA4IBAQA4iHNkyjDSDJb67WTTLym1xQvJ
C16htZInNwanHvj6vDoG2WfhFbtYPzIGxAgPwXrIYp2/AoO6sd3P98Kb4UFAbuE5
jd6+8S1GEBocGLebiGW7xirsl3tO4Gt8Gi3KaB2YpTjUZ4QKlpxDJi3UDMn9M60W
sQdHS44W+yZAJASJLvk+bg+EcN6wG2/3QEtW9jiYAK1E4D7vX7l6SZ9v8qOK1SKJ
XyWsRxcvBgO5gRy3i0A9F53w5EVYutXD14q4Fs+AQWvjdEevANh3ReBu7K/3n4CR
hVZwagOvv9+y9zyBrjquP77iyIYE45Uhy5GGCL2PuEiqTNj5b1ZumgtBgSGr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org