Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/CFJFCRCoER9pioq9Z2_h85orPQA.roa
File: CFJFCRCoER9pioq9Z2_h85orPQA.roa (raw, json)
Hash identifier: nFIa5TDeXgqwaZEt2jXYp6jPYghanEsZxe4wJEGhKz0=
Subject key identifier: 08:52:45:09:10:A8:11:1F:69:8A:8A:BD:67:6F:E1:F3:9A:2B:3D:00
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 0189E421A7BD8D07D51761BF7B6F9010757C
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/CFJFCRCoER9pioq9Z2_h85orPQA.roa
Signing time: Fri 11 Aug 2023 10:25:57 +0000
ROA not before: Fri 11 Aug 2023 10:25:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 185.63.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 25 Aug 2023 09:50:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:21:a7:bd:8d:07:d5:17:61:bf:7b:6f:90:10:75:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Aug 11 10:25:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0852450910a8111f698a8abd676fe1f39a2b3d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:28:65:3c:85:81:02:e3:69:b1:b3:1b:3d:
9a:a9:b8:0d:02:58:f9:53:4f:67:fe:61:4a:6d:cc:
a2:51:e9:61:a3:5b:a6:ab:6b:ff:a0:c0:1c:8a:d7:
1d:8e:b5:1c:34:d9:6f:e1:34:65:fa:3c:83:d9:c3:
2f:79:fd:ca:c9:69:14:58:25:09:51:43:05:64:29:
32:a9:44:2b:18:fd:e8:4f:71:f5:7d:ad:e3:c1:5f:
4d:89:7d:12:b3:4f:3e:a1:c5:09:7b:bf:00:61:57:
83:ab:fc:d4:43:48:83:78:de:d9:7f:6f:5d:16:ad:
ea:4a:b6:3b:48:56:89:f9:e6:fa:8b:ed:07:b1:5a:
d0:82:03:68:02:be:ae:d7:9b:f9:fb:77:5d:d4:12:
3a:40:26:b4:d8:a3:5c:97:91:be:41:a7:6b:3a:74:
b5:9a:53:b5:eb:c4:96:98:04:b8:bb:a9:b5:52:40:
4b:25:84:2e:19:22:11:02:ba:c7:2c:9b:1a:f3:fc:
c3:3c:a1:4c:a4:e3:c7:62:13:2a:dc:c5:aa:c3:24:
63:8c:c8:e2:a5:8b:f4:33:af:ab:bf:71:dc:52:6e:
4a:70:42:6f:35:f6:4f:99:06:df:2d:01:3e:2a:a2:
be:49:e6:52:56:58:7e:5c:b9:47:c9:55:54:51:de:
07:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:52:45:09:10:A8:11:1F:69:8A:8A:BD:67:6F:E1:F3:9A:2B:3D:00
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/CFJFCRCoER9pioq9Z2_h85orPQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.33.0/24
Signature Algorithm: sha256WithRSAEncryption
48:44:0b:ce:b4:e3:8c:01:6a:65:a0:91:4e:cc:4e:0f:dc:e6:
8e:77:73:5a:45:d5:9b:52:a9:0f:7f:d1:0b:aa:c4:e6:97:67:
7a:27:a1:82:ec:ef:b9:1b:59:7f:09:c1:87:79:e4:5b:4e:e7:
78:55:f7:9f:e1:91:21:e4:9d:61:3f:c4:9c:5e:ff:a2:61:bd:
84:0b:89:de:10:7d:ed:1c:95:00:59:a3:dd:56:74:05:da:eb:
25:af:f0:b4:61:9c:86:2f:2a:03:55:47:32:cb:31:c7:cf:c5:
44:ce:21:51:57:bf:4f:b0:f1:33:7d:e1:da:73:b2:8f:e8:fd:
b4:d8:c8:3e:48:e2:79:a9:9b:a1:4d:3b:da:f5:90:ec:a5:31:
37:94:87:62:e6:61:ec:c9:bf:32:eb:cb:3c:b7:25:2a:54:9f:
e2:7c:66:71:a6:ec:32:12:0b:e4:07:2e:f7:a8:ee:73:51:19:
30:d3:7f:cf:4b:4c:d3:e8:5d:78:6e:7a:9f:ee:8f:37:2d:ab:
8e:f1:2e:08:d6:e4:52:d9:59:d5:bb:7c:ad:18:3a:8f:04:f4:
28:7e:b0:56:27:36:cf:06:8f:91:48:8f:26:4c:dc:f1:4e:3a:
2c:16:21:dd:79:89:52:85:8a:a8:84:b3:bc:10:28:37:f9:28:
f0:4f:68:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnkIae9jQfVF2G/e2+QEHV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjMwODExMTAyNTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUyNDUwOTEwYTgxMTFmNjk4YThhYmQ2NzZmZTFmMzlhMmIzZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOIoZTyFgQLjabGzGz2aqbgNAlj5
U09n/mFKbcyiUelho1umq2v/oMAcitcdjrUcNNlv4TRl+jyD2cMvef3KyWkUWCUJ
UUMFZCkyqUQrGP3oT3H1fa3jwV9NiX0Ss08+ocUJe78AYVeDq/zUQ0iDeN7Zf29d
Fq3qSrY7SFaJ+eb6i+0HsVrQggNoAr6u15v5+3dd1BI6QCa02KNcl5G+QadrOnS1
mlO168SWmAS4u6m1UkBLJYQuGSIRArrHLJsa8/zDPKFMpOPHYhMq3MWqwyRjjMji
pYv0M6+rv3HcUm5KcEJvNfZPmQbfLQE+KqK+SeZSVlh+XLlHyVVUUd4HYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhSRQkQqBEfaYqKvWdv4fOaKz0AMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvQ0ZKRkNSQ29FUjlwaW9xOVoyX2g4NW9yUFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT8hMA0G
CSqGSIb3DQEBCwUAA4IBAQBIRAvOtOOMAWploJFOzE4P3OaOd3NaRdWbUqkPf9EL
qsTml2d6J6GC7O+5G1l/CcGHeeRbTud4Vfef4ZEh5J1hP8ScXv+iYb2EC4neEH3t
HJUAWaPdVnQF2uslr/C0YZyGLyoDVUcyyzHHz8VEziFRV79PsPEzfeHac7KP6P20
2Mg+SOJ5qZuhTTva9ZDspTE3lIdi5mHsyb8y68s8tyUqVJ/ifGZxpuwyEgvkBy73
qO5zURkw03/PS0zT6F14bnqf7o83LauO8S4I1uRS2VnVu3ytGDqPBPQofrBWJzbP
Bo+RSI8mTNzxTjosFiHdeYlShYqohLO8ECg3+SjwT2jM
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:48 2024 by rpki-client on console-fra.rpki-client.org