Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/qEI_Cn8uCEQbHsLp-qR5h6TNCos.roa
File: qEI_Cn8uCEQbHsLp-qR5h6TNCos.roa (raw, json)
Hash identifier: IsVOcOkSOaZD4wjqlBZh4La1rdbziJ1snw6EmmBTv1c=
Subject key identifier: A8:42:3F:0A:7F:2E:08:44:1B:1E:C2:E9:FA:A4:79:87:A4:CD:0A:8B
Certificate issuer: /CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Certificate serial: 018ABBA79708CC2F4E2404D4F0107DAA6A15
Authority key identifier: CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/qEI_Cn8uCEQbHsLp-qR5h6TNCos.roa
Signing time: Fri 22 Sep 2023 06:50:37 +0000
ROA not before: Fri 22 Sep 2023 06:50:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12329
IP address blocks: 156.67.59.0/24 maxlen: 24
212.23.128.0/19 maxlen: 24
81.173.6.0/24 maxlen: 24
185.249.168.0/22 maxlen: 24
62.221.232.0/21 maxlen: 24
62.221.240.0/21 maxlen: 24
2001:7d8::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bb:a7:97:08:cc:2f:4e:24:04:d4:f0:10:7d:aa:6a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdb3d904b34440546b6241d7894d93300bcbd28
Validity
Not Before: Sep 22 06:50:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8423f0a7f2e08441b1ec2e9faa47987a4cd0a8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:73:9e:65:c8:40:e2:96:fe:1c:6d:11:80:37:
d2:e6:7b:b3:15:0c:86:69:1f:3c:05:02:03:fa:d0:
31:bb:90:e6:75:89:2e:72:7c:18:d5:6e:1a:b9:36:
48:df:bc:5c:42:a7:7e:c5:be:d0:80:b7:99:e1:1d:
79:c8:42:90:b0:e5:74:23:fc:c0:fe:93:e3:bc:b6:
24:fd:3a:b5:72:57:71:3b:7f:85:ed:9f:76:a4:77:
0f:f3:0e:ba:79:75:8a:3f:21:4a:2e:ab:09:73:bb:
1a:99:47:f9:fb:48:5b:8a:39:94:c2:4a:67:15:18:
8d:09:71:86:76:8d:65:36:e2:dd:f4:27:f8:d0:7b:
bf:d8:15:14:e1:53:c2:f9:33:3a:71:96:1e:2c:80:
77:cc:ef:a9:95:53:1a:bb:ad:12:97:6d:f5:e1:9d:
5e:a8:5f:9a:03:da:60:e5:95:d0:b8:2e:6c:71:8c:
ed:e9:59:0c:68:39:e8:6f:09:46:c4:d7:9e:b0:22:
6e:4f:fe:46:f4:34:10:a4:7d:66:79:e9:6b:e8:cf:
2d:e5:58:c8:55:12:a5:eb:94:f3:e6:42:ad:fc:eb:
85:42:8a:cc:a7:d6:db:e1:0c:09:a6:85:1c:ae:87:
cd:90:b7:7c:61:ee:82:d0:c0:97:5b:b2:2d:20:16:
88:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:42:3F:0A:7F:2E:08:44:1B:1E:C2:E9:FA:A4:79:87:A4:CD:0A:8B
X509v3 Authority Key Identifier:
keyid:CF:DB:3D:90:4B:34:44:05:46:B6:24:1D:78:94:D9:33:00:BC:BD:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9s9kEs0RAVGtiQdeJTZMwC8vSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/qEI_Cn8uCEQbHsLp-qR5h6TNCos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/925ab9-21fe-4bbf-ac0e-6e7561535bbd/1/z9s9kEs0RAVGtiQdeJTZMwC8vSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.221.232.0-62.221.247.255
81.173.6.0/24
156.67.59.0/24
185.249.168.0/22
212.23.128.0/19
IPv6:
2001:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
29:7c:1e:be:29:ea:d3:9c:77:d6:23:59:dd:00:60:ce:3e:d2:
51:39:df:cf:ae:c0:a7:0f:67:7b:47:87:a9:c2:f1:b0:bc:11:
77:3f:30:50:23:74:80:8a:0a:e7:84:61:ed:cd:62:45:f3:3d:
23:81:61:0f:38:2b:b4:f4:81:4c:86:6d:ec:d9:f4:02:e7:17:
5f:9b:d8:fa:eb:23:b7:36:5a:07:68:f6:f3:2a:1d:a4:c5:38:
8f:9d:61:54:6e:e1:69:aa:50:3a:7e:31:31:d1:9f:ab:d8:40:
ff:b1:f7:47:5d:7c:fb:df:1b:fb:30:ca:14:8a:97:f6:e9:7d:
69:f8:e8:8c:5a:fd:a8:bc:04:6d:e9:25:38:96:6d:3b:d6:36:
c6:4f:ed:34:c7:2a:18:04:dc:23:02:8d:2d:cd:fc:0b:11:9e:
43:f0:39:a6:47:bc:c4:f3:bd:4e:7a:d3:c1:21:68:b0:71:ec:
2d:e0:41:d2:85:28:21:8f:cb:fc:b5:5d:53:f7:ed:f8:13:0a:
89:2f:b5:c2:71:a5:c4:ad:ab:14:66:61:08:8d:b8:d5:29:02:
e2:5f:b8:c9:97:59:ef:42:39:f8:39:91:04:e0:9f:8a:00:05:
fc:89:50:1d:98:7f:3d:10:04:7b:2e:bc:37:53:72:b0:45:6d:
07:7b:05:55
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYq7p5cIzC9OJATU8BB9qmoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGIzZDkwNGIzNDQ0MDU0NmI2MjQxZDc4OTRkOTMzMDBi
Y2JkMjgwHhcNMjMwOTIyMDY1MDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODQyM2YwYTdmMmUwODQ0MWIxZWMyZTlmYWE0Nzk4N2E0Y2QwYThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23OeZchA4pb+HG0RgDfS5nuzFQyG
aR88BQID+tAxu5DmdYkucnwY1W4auTZI37xcQqd+xb7QgLeZ4R15yEKQsOV0I/zA
/pPjvLYk/Tq1cldxO3+F7Z92pHcP8w66eXWKPyFKLqsJc7samUf5+0hbijmUwkpn
FRiNCXGGdo1lNuLd9Cf40Hu/2BUU4VPC+TM6cZYeLIB3zO+plVMau60Sl2314Z1e
qF+aA9pg5ZXQuC5scYzt6VkMaDnobwlGxNeesCJuT/5G9DQQpH1meelr6M8t5VjI
VRKl65Tz5kKt/OuFQorMp9bb4QwJpoUcrofNkLd8Ye6C0MCXW7ItIBaIPQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFKhCPwp/LghEGx7C6fqkeYekzQqLMB8GA1UdIwQY
MBaAFM/bPZBLNEQFRrYkHXiU2TMAvL0oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUt
NmU3NTYxNTM1YmJkLzEvcUVJX0NuOHVDRVFiSHNMcC1xUjVoNlROQ29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85MjVhYjktMjFmZS00YmJmLWFjMGUtNmU3NTYxNTM1YmJk
LzEvejlzOWtFczBSQVZHdGlRZGVKVFpNd0M4dlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmMAwDBAM+3egD
BAM+3fADBABRrQYDBACcQzsDBAK5+agDBAXUF4AwDQQCAAIwBwMFACABB9gwDQYJ
KoZIhvcNAQELBQADggEBACl8Hr4p6tOcd9YjWd0AYM4+0lE538+uwKcPZ3tHh6nC
8bC8EXc/MFAjdICKCueEYe3NYkXzPSOBYQ84K7T0gUyGbezZ9ALnF1+b2PrrI7c2
Wgdo9vMqHaTFOI+dYVRu4WmqUDp+MTHRn6vYQP+x90ddfPvfG/swyhSKl/bpfWn4
6Ixa/ai8BG3pJTiWbTvWNsZP7TTHKhgE3CMCjS3N/AsRnkPwOaZHvMTzvU5608Eh
aLBx7C3gQdKFKCGPy/y1XVP37fgTCokvtcJxpcStqxRmYQiNuNUpAuJfuMmXWe9C
Ofg5kQTgn4oABfyJUB2Yfz0QBHsuvDdTcrBFbQd7BVU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:25 2024 by rpki-client on console-ams.rpki-client.org