Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/cfuLvGeWG3K1aQR5SszJ70pKXqY.roa
File: cfuLvGeWG3K1aQR5SszJ70pKXqY.roa (raw, json)
Hash identifier: Zgor1RI90GC5puDqKRTuPkFkX22Jobw/C6c+NR6V5Kc=
Subject key identifier: 71:FB:8B:BC:67:96:1B:72:B5:69:04:79:4A:CC:C9:EF:4A:4A:5E:A6
Certificate issuer: /CN=1bf14e8d0b3defb0304270130d1147ae0dd92d8b
Certificate serial: 018CC64B02BA31C9C6C520B9F922B7B986C0
Authority key identifier: 1B:F1:4E:8D:0B:3D:EF:B0:30:42:70:13:0D:11:47:AE:0D:D9:2D:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_FOjQs977AwQnATDRFHrg3ZLYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/cfuLvGeWG3K1aQR5SszJ70pKXqY.roa
Signing time: Mon 01 Jan 2024 18:30:53 +0000
ROA not before: Mon 01 Jan 2024 18:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 185.223.104.0/22 maxlen: 24
141.91.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 11:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:02:ba:31:c9:c6:c5:20:b9:f9:22:b7:b9:86:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf14e8d0b3defb0304270130d1147ae0dd92d8b
Validity
Not Before: Jan 1 18:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=71fb8bbc67961b72b56904794accc9ef4a4a5ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:f8:ea:4f:ed:27:e7:31:38:ae:60:fb:cb:5d:
a7:ec:08:b4:80:86:3f:aa:98:1a:99:fa:e2:48:6b:
85:71:96:81:25:cb:37:8c:f6:12:12:c9:66:7b:d4:
53:6c:c0:48:04:03:26:69:81:ca:8e:96:33:2a:1e:
7c:63:48:4f:b9:1c:4d:b6:55:c4:09:f9:db:63:b4:
65:a8:48:29:75:87:1a:8b:7f:70:17:d5:5e:6f:b0:
76:bb:d3:73:95:db:58:27:de:b0:95:d0:b0:fa:67:
2d:cc:aa:8d:e3:b8:e5:c8:4d:8b:50:0c:2d:b1:7a:
27:a6:15:aa:52:c5:0d:f8:fa:2b:63:23:dd:28:41:
7e:79:e6:eb:cf:db:dd:5f:61:3b:b7:2e:9e:0c:b8:
17:ed:34:ec:89:cf:41:8e:fe:b5:92:5e:7f:fa:11:
72:ef:a0:64:ae:2d:e9:7d:38:98:31:9f:bd:f1:41:
36:08:df:c0:49:90:1c:a5:38:15:63:3e:16:23:89:
a8:53:b8:d4:d9:03:32:a8:96:fd:c9:fb:17:9e:48:
f7:6c:6c:1d:97:7e:4d:4a:06:11:e2:16:51:6a:c4:
1c:d1:16:2c:a2:3b:ce:1b:1e:88:0e:9d:c7:5a:81:
ea:b0:f5:ee:41:c9:96:df:73:b8:06:cc:1c:12:57:
aa:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FB:8B:BC:67:96:1B:72:B5:69:04:79:4A:CC:C9:EF:4A:4A:5E:A6
X509v3 Authority Key Identifier:
keyid:1B:F1:4E:8D:0B:3D:EF:B0:30:42:70:13:0D:11:47:AE:0D:D9:2D:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_FOjQs977AwQnATDRFHrg3ZLYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/cfuLvGeWG3K1aQR5SszJ70pKXqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eadafe-6c9d-4ae0-8733-819a253225cc/1/G_FOjQs977AwQnATDRFHrg3ZLYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.91.0.0/16
185.223.104.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:21:6e:71:45:27:35:3e:c9:9e:11:06:d2:9a:40:b8:4e:32:
eb:c3:42:9f:07:49:ef:22:ac:30:c9:02:4e:43:11:e8:6c:bb:
e8:95:25:59:98:06:87:15:3c:f7:e5:e9:6f:7a:95:f0:b8:74:
28:09:a7:8b:90:e8:cf:0e:02:5a:d0:cc:59:1d:50:72:80:02:
b3:71:d3:49:95:90:64:db:97:24:e2:07:fc:52:39:6e:84:c0:
61:5a:cd:19:ae:dc:be:45:4d:03:11:8c:d1:00:5e:02:ed:61:
4f:f6:b3:7e:97:14:b4:a2:14:23:bc:93:3b:36:76:c5:45:6b:
e9:26:3a:4c:83:8e:7e:87:59:81:f9:fb:17:ff:c9:ea:63:7e:
63:25:9e:2f:4f:ad:d5:ce:68:10:f3:b1:da:1f:22:dd:e1:34:
82:cd:9f:f7:c6:e9:0b:90:29:97:c1:c1:db:45:5e:6d:ae:40:
5f:b4:85:43:b8:58:dd:28:08:47:a9:31:b5:5b:f4:bd:30:c4:
25:9b:b3:f1:cc:3d:84:f1:05:97:ed:64:ef:78:68:15:70:1c:
42:97:cc:93:62:a4:0a:d4:e7:88:83:e7:ed:3c:2b:64:90:5c:
80:a2:c6:a0:e2:3e:77:d6:e0:ea:e8:7b:a0:d1:1f:85:cc:e9:
d4:54:f4:9e
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYzGSwK6McnGxSC5+SK3uYbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjE0ZThkMGIzZGVmYjAzMDQyNzAxMzBkMTE0N2FlMGRk
OTJkOGIwHhcNMjQwMTAxMTgzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZiOGJiYzY3OTYxYjcyYjU2OTA0Nzk0YWNjYzllZjRhNGE1ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/jqT+0n5zE4rmD7y12n7Ai0gIY/
qpgamfriSGuFcZaBJcs3jPYSEslme9RTbMBIBAMmaYHKjpYzKh58Y0hPuRxNtlXE
CfnbY7RlqEgpdYcai39wF9Veb7B2u9NzldtYJ96wldCw+mctzKqN47jlyE2LUAwt
sXonphWqUsUN+PorYyPdKEF+eebrz9vdX2E7ty6eDLgX7TTsic9Bjv61kl5/+hFy
76Bkri3pfTiYMZ+98UE2CN/ASZAcpTgVYz4WI4moU7jU2QMyqJb9yfsXnkj3bGwd
l35NSgYR4hZRasQc0RYsojvOGx6IDp3HWoHqsPXuQcmW33O4BswcEleqGQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFHH7i7xnlhtytWkEeUrMye9KSl6mMB8GA1UdIwQY
MBaAFBvxTo0LPe+wMEJwEw0RR64N2S2LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19GT2pRczk3N0F3UW5BVERSRkhyZzNaTFlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lYWRhZmUtNmM5ZC00YWUwLTg3MzMt
ODE5YTI1MzIyNWNjLzEvY2Z1THZHZVdHM0sxYVFSNVNzeko3MHBLWHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lYWRhZmUtNmM5ZC00YWUwLTg3MzMtODE5YTI1MzIyNWNj
LzEvR19GT2pRczk3N0F3UW5BVERSRkhyZzNaTFlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAjVsDBAK5
32gwDQYJKoZIhvcNAQELBQADggEBAIshbnFFJzU+yZ4RBtKaQLhOMuvDQp8HSe8i
rDDJAk5DEehsu+iVJVmYBocVPPfl6W96lfC4dCgJp4uQ6M8OAlrQzFkdUHKAArNx
00mVkGTblyTiB/xSOW6EwGFazRmu3L5FTQMRjNEAXgLtYU/2s36XFLSiFCO8kzs2
dsVFa+kmOkyDjn6HWYH5+xf/yepjfmMlni9PrdXOaBDzsdofIt3hNILNn/fG6QuQ
KZfBwdtFXm2uQF+0hUO4WN0oCEepMbVb9L0wxCWbs/HMPYTxBZftZO94aBVwHEKX
zJNipArU54iD5+08K2SQXICixqDiPnfW4Oroe6DRH4XM6dRU9J4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:28 2025 by rpki-client