Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/xvfouQcyzynZKw21VrZiFLNDFA0.roa
File: xvfouQcyzynZKw21VrZiFLNDFA0.roa (raw, json)
Hash identifier: cARtp20l7pCPlEmKjSTsBMQTLl1Cwf5wcr+G7mRtoAQ=
Subject key identifier: C6:F7:E8:B9:07:32:CF:29:D9:2B:0D:B5:56:B6:62:14:B3:43:14:0D
Certificate issuer: /CN=1fafca53ac54e57e52c010138a212794c670e0cd
Certificate serial: 018C17E7B858D6587D3A4D6FB0D53E92914D
Authority key identifier: 1F:AF:CA:53:AC:54:E5:7E:52:C0:10:13:8A:21:27:94:C6:70:E0:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6_KU6xU5X5SwBATiiEnlMZw4M0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/xvfouQcyzynZKw21VrZiFLNDFA0.roa
Signing time: Tue 28 Nov 2023 21:48:31 +0000
ROA not before: Tue 28 Nov 2023 21:48:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42724
IP address blocks: 194.169.120.0/24 maxlen: 24
185.235.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:17:e7:b8:58:d6:58:7d:3a:4d:6f:b0:d5:3e:92:91:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fafca53ac54e57e52c010138a212794c670e0cd
Validity
Not Before: Nov 28 21:48:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6f7e8b90732cf29d92b0db556b66214b343140d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cf:e0:7c:46:f5:12:9e:2c:35:6b:c5:cd:2c:
3f:0f:9e:76:6f:3c:8e:e7:ea:f8:83:fc:1b:4f:44:
e1:14:23:23:c5:2e:36:8b:37:48:ae:64:4e:07:bb:
02:c4:0d:80:e6:fc:8c:0f:fb:d4:ab:5f:06:e9:37:
cf:2a:ec:c9:6b:54:12:88:0d:92:ee:da:41:f6:10:
b5:61:8c:57:fd:02:79:46:67:b8:12:1d:05:8c:b4:
06:30:47:b0:59:21:f7:c4:98:59:36:79:d0:e0:de:
3d:e6:ce:23:dd:37:ef:92:a7:57:31:35:7d:66:0c:
a1:52:26:2d:3f:37:58:71:f0:12:57:4e:ca:0c:f1:
dd:89:59:62:d9:b5:d6:89:32:dc:d3:a2:f2:8e:8e:
80:a0:fe:64:05:8a:c5:cf:df:72:63:53:63:d8:ea:
30:1b:86:8b:ed:74:a5:b0:b5:e2:52:cd:e5:f2:ff:
e9:94:f6:41:0c:3e:6e:a3:a8:53:11:6c:8c:26:38:
ab:78:c2:ba:3f:0a:d4:4d:f7:83:1b:c2:9e:55:9d:
df:fd:95:a7:b5:44:13:6d:91:9e:54:6b:cc:f2:08:
8b:d9:5b:76:38:c4:ab:96:5c:20:1d:e2:13:1e:9f:
db:a1:1f:14:a6:e0:d9:8a:a5:1d:8b:43:b9:d7:d9:
46:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F7:E8:B9:07:32:CF:29:D9:2B:0D:B5:56:B6:62:14:B3:43:14:0D
X509v3 Authority Key Identifier:
keyid:1F:AF:CA:53:AC:54:E5:7E:52:C0:10:13:8A:21:27:94:C6:70:E0:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6_KU6xU5X5SwBATiiEnlMZw4M0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/xvfouQcyzynZKw21VrZiFLNDFA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/768e29-24c5-4fa7-9b36-c995d2ec9e94/1/H6_KU6xU5X5SwBATiiEnlMZw4M0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.77.0/24
194.169.120.0/24
Signature Algorithm: sha256WithRSAEncryption
38:db:78:4f:83:60:e0:ae:38:04:8c:b7:98:65:57:a1:a0:d5:
49:60:2e:a6:9b:65:0f:5d:65:78:4c:2d:a4:5d:b9:e7:98:6f:
85:79:93:75:b1:19:a7:7d:c9:9a:dc:62:07:f7:6a:3d:d8:d8:
72:50:40:09:90:9d:d8:b6:48:15:e0:98:53:ad:21:8b:f8:a5:
b4:02:ad:4b:91:4d:60:fc:86:02:88:3b:1b:0b:fe:12:d3:72:
b7:07:c0:5d:f9:e3:85:58:8d:e5:53:c3:8a:c3:43:85:27:88:
41:b1:6d:f8:df:19:63:34:a0:08:bd:3d:2a:09:64:5f:d6:e5:
2a:8b:e1:16:66:1b:59:2e:2b:e9:8b:32:06:c8:7c:02:ed:17:
3e:40:44:d6:4a:50:a7:6b:07:89:54:1f:15:d9:e0:e6:8b:af:
f9:cb:e9:75:68:e3:c3:3d:ae:54:97:2a:a7:f0:33:a3:83:66:
df:31:92:d8:a5:0c:b9:cc:ec:cf:92:d0:01:23:e1:4a:2d:66:
25:23:6e:9f:cb:43:36:a0:03:fa:b1:c8:50:4c:eb:f0:12:c1:
94:ab:f0:12:74:88:04:c0:74:48:e2:40:d3:28:82:db:09:5e:
07:f7:19:61:30:3c:a9:86:41:81:04:ec:fa:c9:d1:3d:10:e9:
d0:59:2f:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYwX57hY1lh9Ok1vsNU+kpFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYWZjYTUzYWM1NGU1N2U1MmMwMTAxMzhhMjEyNzk0YzY3
MGUwY2QwHhcNMjMxMTI4MjE0ODMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmY3ZThiOTA3MzJjZjI5ZDkyYjBkYjU1NmI2NjIxNGIzNDMxNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8/gfEb1Ep4sNWvFzSw/D552bzyO
5+r4g/wbT0ThFCMjxS42izdIrmROB7sCxA2A5vyMD/vUq18G6TfPKuzJa1QSiA2S
7tpB9hC1YYxX/QJ5Rme4Eh0FjLQGMEewWSH3xJhZNnnQ4N495s4j3TfvkqdXMTV9
ZgyhUiYtPzdYcfASV07KDPHdiVli2bXWiTLc06Lyjo6AoP5kBYrFz99yY1Nj2Oow
G4aL7XSlsLXiUs3l8v/plPZBDD5uo6hTEWyMJjireMK6PwrUTfeDG8KeVZ3f/ZWn
tUQTbZGeVGvM8giL2Vt2OMSrllwgHeITHp/boR8UpuDZiqUdi0O519lGCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMb36LkHMs8p2SsNtVa2YhSzQxQNMB8GA1UdIwQY
MBaAFB+vylOsVOV+UsAQE4ohJ5TGcODNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZfS1U2eFU1WDVTd0JBVGlpRW5sTVp3NE0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83NjhlMjktMjRjNS00ZmE3LTliMzYt
Yzk5NWQyZWM5ZTk0LzEveHZmb3VRY3l6eW5aS3cyMVZyWmlGTE5ERkEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83NjhlMjktMjRjNS00ZmE3LTliMzYtYzk5NWQyZWM5ZTk0
LzEvSDZfS1U2eFU1WDVTd0JBVGlpRW5sTVp3NE0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuetNAwQA
wql4MA0GCSqGSIb3DQEBCwUAA4IBAQA423hPg2DgrjgEjLeYZVehoNVJYC6mm2UP
XWV4TC2kXbnnmG+FeZN1sRmnfcma3GIH92o92NhyUEAJkJ3YtkgV4JhTrSGL+KW0
Aq1LkU1g/IYCiDsbC/4S03K3B8Bd+eOFWI3lU8OKw0OFJ4hBsW343xljNKAIvT0q
CWRf1uUqi+EWZhtZLivpizIGyHwC7Rc+QETWSlCnaweJVB8V2eDmi6/5y+l1aOPD
Pa5Ulyqn8DOjg2bfMZLYpQy5zOzPktABI+FKLWYlI26fy0M2oAP6schQTOvwEsGU
q/ASdIgEwHRI4kDTKILbCV4H9xlhMDyphkGBBOz6ydE9EOnQWS+x
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:57 2024 by rpki-client on console-fra.rpki-client.org