Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/b-QC0uKcslm1_LDicXR-EeiirW8.roa
File: b-QC0uKcslm1_LDicXR-EeiirW8.roa (raw, json)
Hash identifier: 9OxkyXUn26df3lJmX+I37qbpjonnaugoeQFyWafzmZ0=
Subject key identifier: 6F:E4:02:D2:E2:9C:B2:59:B5:FC:B0:E2:71:74:7E:11:E8:A2:AD:6F
Certificate issuer: /CN=cc9c41a123764cf7dc0f2db9841f732a3b961343
Certificate serial: 01863A40C26FD51BEE66CAA8C71048C8AF6F
Authority key identifier: CC:9C:41:A1:23:76:4C:F7:DC:0F:2D:B9:84:1F:73:2A:3B:96:13:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zJxBoSN2TPfcDy25hB9zKjuWE0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/b-QC0uKcslm1_LDicXR-EeiirW8.roa
Signing time: Fri 10 Feb 2023 07:36:07 +0000
ROA not before: Fri 10 Feb 2023 07:36:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201246
IP address blocks: 103.58.8.0/22 maxlen: 24
188.114.120.0/24 maxlen: 24
188.114.121.0/24 maxlen: 24
185.80.19.0/24 maxlen: 24
2a05:7980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:40:c2:6f:d5:1b:ee:66:ca:a8:c7:10:48:c8:af:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc9c41a123764cf7dc0f2db9841f732a3b961343
Validity
Not Before: Feb 10 07:36:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fe402d2e29cb259b5fcb0e271747e11e8a2ad6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d8:18:ff:22:a8:13:73:f5:06:b3:81:f5:8f:
a4:82:e4:6d:27:f2:66:63:ac:af:39:11:cc:17:84:
ce:d7:c6:b2:be:f0:41:ca:7e:8d:68:88:11:8a:91:
e1:76:c4:74:c7:25:4f:03:ef:23:a0:af:95:41:23:
48:3f:5e:24:32:1d:bb:c8:7b:b3:87:d7:d9:56:55:
a0:c0:f8:05:a9:f0:68:c8:24:9b:cf:33:90:a9:25:
9e:fa:93:85:6a:f0:41:2d:cb:ee:30:29:c7:38:23:
7a:49:43:24:5a:c8:b3:91:8f:76:17:d6:be:67:c2:
c3:3c:80:04:c7:7c:f1:2a:6b:9d:88:4a:c5:88:24:
c9:37:9c:6e:70:11:91:1b:ac:c6:40:ea:5c:62:ab:
54:06:5e:b9:d6:35:5d:a0:5d:63:a4:9f:a4:33:d2:
37:4c:37:b6:22:18:5c:7d:fa:df:37:f2:4d:48:3a:
1a:aa:53:03:4a:51:f2:6b:b3:ed:86:9d:da:2e:89:
61:8e:6c:3f:ab:46:e3:94:a8:8e:f5:13:53:d7:02:
e5:96:eb:31:7f:4b:11:6a:72:c8:57:18:ea:b4:88:
51:31:ce:5b:2c:dc:d9:30:d9:60:1c:0b:f1:e7:43:
4c:79:03:5d:8c:c2:05:59:76:2e:2a:dd:7f:97:b4:
dd:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:E4:02:D2:E2:9C:B2:59:B5:FC:B0:E2:71:74:7E:11:E8:A2:AD:6F
X509v3 Authority Key Identifier:
keyid:CC:9C:41:A1:23:76:4C:F7:DC:0F:2D:B9:84:1F:73:2A:3B:96:13:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zJxBoSN2TPfcDy25hB9zKjuWE0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/b-QC0uKcslm1_LDicXR-EeiirW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/0feb89-7d8c-4300-99b5-06247a978d69/1/zJxBoSN2TPfcDy25hB9zKjuWE0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.58.8.0/22
185.80.19.0/24
188.114.120.0/23
IPv6:
2a05:7980::/29
Signature Algorithm: sha256WithRSAEncryption
9a:5b:28:1a:ca:23:43:e7:d9:0b:d4:a7:7c:95:0e:44:7a:02:
1d:bb:0c:5e:6e:43:42:99:34:24:93:c8:9e:a9:54:17:b8:cc:
3f:4a:54:8c:e1:c9:f4:0f:6e:c4:dc:6e:23:52:1a:2b:3e:98:
f0:4a:af:89:10:85:fb:dc:c7:d4:ab:76:ec:22:95:26:f5:e0:
11:66:42:a2:c7:eb:c1:76:b1:c6:e8:03:cb:84:a0:bc:a2:71:
7e:dd:f0:36:6a:fc:4f:98:f0:f9:a2:00:26:49:62:c6:9d:2d:
cb:b3:9b:e4:6d:ce:ae:4b:2c:26:72:bf:30:b1:7e:f0:9d:8b:
80:f6:9e:a5:85:ff:13:a7:a7:80:a5:b7:85:50:ac:70:1a:07:
7c:73:e5:cf:58:18:de:f6:f8:5c:19:6f:0e:0b:a0:86:ad:de:
b7:00:2a:24:d3:5e:fe:a7:7e:67:49:d4:17:62:53:bb:99:3d:
18:0c:6d:77:a9:6b:44:18:b5:dc:b5:17:e7:5d:10:8d:eb:98:
bd:f4:eb:97:c0:9c:08:f5:1e:48:bc:93:13:c6:39:b1:44:a1:
fe:b5:56:db:64:a6:a2:80:28:22:76:45:37:98:79:32:2f:99:
47:c7:c1:d7:73:37:6e:ec:c0:5c:bf:14:0e:ca:11:3f:e5:59:
ed:f9:15:df
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYY6QMJv1RvuZsqoxxBIyK9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOWM0MWExMjM3NjRjZjdkYzBmMmRiOTg0MWY3MzJhM2I5
NjEzNDMwHhcNMjMwMjEwMDczNjA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmU0MDJkMmUyOWNiMjU5YjVmY2IwZTI3MTc0N2UxMWU4YTJhZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodgY/yKoE3P1BrOB9Y+kguRtJ/Jm
Y6yvORHMF4TO18ayvvBByn6NaIgRipHhdsR0xyVPA+8joK+VQSNIP14kMh27yHuz
h9fZVlWgwPgFqfBoyCSbzzOQqSWe+pOFavBBLcvuMCnHOCN6SUMkWsizkY92F9a+
Z8LDPIAEx3zxKmudiErFiCTJN5xucBGRG6zGQOpcYqtUBl651jVdoF1jpJ+kM9I3
TDe2IhhcffrfN/JNSDoaqlMDSlHya7Pthp3aLolhjmw/q0bjlKiO9RNT1wLllusx
f0sRanLIVxjqtIhRMc5bLNzZMNlgHAvx50NMeQNdjMIFWXYuKt1/l7Td9wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG/kAtLinLJZtfyw4nF0fhHooq1vMB8GA1UdIwQY
MBaAFMycQaEjdkz33A8tuYQfcyo7lhNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekp4Qm9TTjJUUGZjRHkyNWhCOXpLanVXRTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8wZmViODktN2Q4Yy00MzAwLTk5YjUt
MDYyNDdhOTc4ZDY5LzEvYi1RQzB1S2NzbG0xX0xEaWNYUi1FZWlpclc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8wZmViODktN2Q4Yy00MzAwLTk5YjUtMDYyNDdhOTc4ZDY5
LzEvekp4Qm9TTjJUUGZjRHkyNWhCOXpLanVXRTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZzoIAwQA
uVATAwQBvHJ4MA0EAgACMAcDBQMqBXmAMA0GCSqGSIb3DQEBCwUAA4IBAQCaWyga
yiND59kL1Kd8lQ5EegIduwxebkNCmTQkk8ieqVQXuMw/SlSM4cn0D27E3G4jUhor
PpjwSq+JEIX73MfUq3bsIpUm9eARZkKix+vBdrHG6APLhKC8onF+3fA2avxPmPD5
ogAmSWLGnS3Ls5vkbc6uSywmcr8wsX7wnYuA9p6lhf8Tp6eApbeFUKxwGgd8c+XP
WBje9vhcGW8OC6CGrd63ACok017+p35nSdQXYlO7mT0YDG13qWtEGLXctRfnXRCN
65i99OuXwJwI9R5IvJMTxjmxRKH+tVbbZKaigCgidkU3mHkyL5lHx8HXczdu7MBc
vxQOyhE/5Vnt+RXf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:10 2024 by rpki-client on console-fra.rpki-client.org