Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfrhVW0JWIF458fC9fzyKtwU4RI.roa
File: cfrhVW0JWIF458fC9fzyKtwU4RI.roa (raw, json)
Hash identifier: FEKyA6hgLBlbAl9Q/PQ65M+xbML+qBvIlQ+eprVlFUc=
Subject key identifier: 71:FA:E1:55:6D:09:58:81:78:E7:C7:C2:F5:FC:F2:2A:DC:14:E1:12
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018570E78354478E0A96B60A2793896991D2
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfrhVW0JWIF458fC9fzyKtwU4RI.roa
Signing time: Mon 02 Jan 2023 05:14:58 +0000
ROA not before: Mon 02 Jan 2023 05:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50200
IP address blocks: 185.238.188.0/24 maxlen: 24
185.238.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 22:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:83:54:47:8e:0a:96:b6:0a:27:93:89:69:91:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jan 2 05:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71fae1556d09588178e7c7c2f5fcf22adc14e112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ee:cc:22:5d:75:6a:88:cb:dd:b1:9b:47:f0:
7c:91:bb:af:e1:b1:e5:7a:a5:ce:a5:ca:59:f7:99:
d9:49:f7:bd:58:aa:b4:24:23:a9:89:c7:72:46:f1:
ab:60:ca:1f:0d:e3:b5:6a:c9:a2:29:fd:fb:23:1d:
25:96:28:b6:18:9d:cb:ec:ff:d7:88:f7:5d:50:84:
ae:7e:a6:e0:18:86:cd:0a:b8:32:97:c8:73:ae:38:
a5:9f:d8:2c:8d:dd:c9:ae:a4:92:40:ba:38:17:26:
29:e4:be:0d:1a:fe:71:e7:9a:72:5c:94:b0:67:b5:
f1:8c:ca:9f:72:a2:60:3a:bb:37:09:4e:de:e8:7d:
40:e2:bc:0a:e2:fc:51:16:3e:06:47:aa:64:1c:36:
83:34:ed:d7:ea:e7:2e:99:ed:ba:5f:e2:52:b2:e2:
da:c5:b9:cf:b0:a5:b3:a4:26:06:2c:da:72:57:43:
93:0e:50:b8:da:7a:e9:e5:0e:49:f0:76:b6:40:e7:
e2:6d:28:e9:9a:7c:0b:72:d5:bd:44:72:83:e9:e1:
a0:c3:3b:e4:78:a8:5c:da:93:21:1f:eb:78:9b:4f:
5f:5a:2a:be:a5:d4:a5:ca:59:b9:59:e8:6c:b5:7e:
30:ae:60:4b:3a:29:99:f6:ff:96:fe:0b:e2:90:58:
19:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FA:E1:55:6D:09:58:81:78:E7:C7:C2:F5:FC:F2:2A:DC:14:E1:12
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/cfrhVW0JWIF458fC9fzyKtwU4RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.188.0/24
185.238.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:9f:44:d3:15:b8:21:c8:2f:98:05:66:cf:a7:d6:db:3e:a7:
e0:4d:c2:e8:bc:68:6f:7b:bb:43:e5:2b:98:25:6c:84:d0:51:
72:c2:fa:ee:27:8c:5e:fb:3f:d4:1b:d9:8a:68:79:80:0a:ca:
5a:70:8f:f3:1c:d7:5f:ac:25:60:7a:23:7f:d2:ba:a3:87:2c:
6d:78:5a:2a:f2:5c:7b:de:5f:65:3d:ab:f2:85:fd:c0:a5:50:
0f:10:fe:96:fc:a4:63:fc:f2:5b:1c:95:b6:75:0d:26:28:78:
39:c0:5c:4a:59:2f:7a:a7:3c:61:ed:09:07:2a:74:8b:99:ae:
5c:33:89:90:2f:60:12:56:08:09:69:bb:18:be:d6:8c:54:fc:
4c:61:50:4f:89:20:20:cf:dd:74:5c:e8:b7:27:37:c0:8d:f8:
cd:d3:34:78:e1:5b:c3:56:f1:ef:c9:2b:e5:27:13:0a:1c:05:
53:fd:96:b9:98:97:2c:4d:e1:a7:04:61:17:75:47:aa:35:4b:
59:67:b0:77:57:ef:95:22:06:34:fa:97:cf:e5:c6:bc:42:6e:
f6:ad:b8:87:7e:16:cc:09:ee:33:d6:92:bc:0b:37:8d:40:39:
ac:af:ce:aa:5d:c8:02:b2:86:84:97:41:2a:1f:3e:8b:16:32:
1c:b5:4e:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw54NUR44KlrYKJ5OJaZHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwMTAyMDUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZhZTE1NTZkMDk1ODgxNzhlN2M3YzJmNWZjZjIyYWRjMTRlMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO7MIl11aojL3bGbR/B8kbuv4bHl
eqXOpcpZ95nZSfe9WKq0JCOpicdyRvGrYMofDeO1asmiKf37Ix0llii2GJ3L7P/X
iPddUISufqbgGIbNCrgyl8hzrjiln9gsjd3JrqSSQLo4FyYp5L4NGv5x55pyXJSw
Z7XxjMqfcqJgOrs3CU7e6H1A4rwK4vxRFj4GR6pkHDaDNO3X6ucume26X+JSsuLa
xbnPsKWzpCYGLNpyV0OTDlC42nrp5Q5J8Ha2QOfibSjpmnwLctW9RHKD6eGgwzvk
eKhc2pMhH+t4m09fWiq+pdSlylm5WehstX4wrmBLOimZ9v+W/gvikFgZ2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHH64VVtCViBeOfHwvX88ircFOESMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvY2ZyaFZXMEpXSUY0NThmQzlmenlLdHdVNFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue68AwQA
ue6/MA0GCSqGSIb3DQEBCwUAA4IBAQAbn0TTFbghyC+YBWbPp9bbPqfgTcLovGhv
e7tD5SuYJWyE0FFywvruJ4xe+z/UG9mKaHmACspacI/zHNdfrCVgeiN/0rqjhyxt
eFoq8lx73l9lPavyhf3ApVAPEP6W/KRj/PJbHJW2dQ0mKHg5wFxKWS96pzxh7QkH
KnSLma5cM4mQL2ASVggJabsYvtaMVPxMYVBPiSAgz910XOi3JzfAjfjN0zR44VvD
VvHvySvlJxMKHAVT/Za5mJcsTeGnBGEXdUeqNUtZZ7B3V++VIgY0+pfP5ca8Qm72
rbiHfhbMCe4z1pK8CzeNQDmsr86qXcgCsoaEl0EqHz6LFjIctU7O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:08 2024 by rpki-client on console-ams.rpki-client.org