Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/CfzXEGKfGP6d_RzeVr5VfOq7Lco.roa
File: CfzXEGKfGP6d_RzeVr5VfOq7Lco.roa (raw, json)
Hash identifier: oWwg/TtIoloKUT1x/DDxMrCdmY7LiZRPHvhDy7+RLKg=
Subject key identifier: 09:FC:D7:10:62:9F:18:FE:9D:FD:1C:DE:56:BE:55:7C:EA:BB:2D:CA
Certificate issuer: /CN=7400d5013c12852242343093cbf5148d4eaeaaf9
Certificate serial: 018CC64B442664CAAFD5B942794A9CA08945
Authority key identifier: 74:00:D5:01:3C:12:85:22:42:34:30:93:CB:F5:14:8D:4E:AE:AA:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dADVATwShSJCNDCTy_UUjU6uqvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/CfzXEGKfGP6d_RzeVr5VfOq7Lco.roa
Signing time: Mon 01 Jan 2024 18:31:10 +0000
ROA not before: Mon 01 Jan 2024 18:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212440
IP address blocks: 185.112.180.0/22 maxlen: 24
2a0e:6f00::/31 maxlen: 31
2a0e:6f00::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 14:39:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:44:26:64:ca:af:d5:b9:42:79:4a:9c:a0:89:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7400d5013c12852242343093cbf5148d4eaeaaf9
Validity
Not Before: Jan 1 18:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09fcd710629f18fe9dfd1cde56be557ceabb2dca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:af:bd:cd:aa:f4:4e:c9:1c:b4:8e:cf:84:
d0:30:4e:cc:9c:20:3c:6f:ef:38:c6:78:14:c7:b0:
b7:be:2d:b6:50:81:17:82:75:c4:47:71:bc:6b:6f:
62:3b:df:c3:51:02:94:a6:cc:4d:9c:a6:c8:10:62:
4e:c2:f8:b7:a9:9a:9a:5c:b1:66:80:77:af:87:e2:
70:0d:3f:c1:f3:10:2f:bc:64:3b:e4:63:9e:a3:e8:
ea:71:a8:03:1a:9f:39:8f:78:85:7a:19:94:ee:b7:
aa:44:ec:4e:16:4c:da:dd:ea:d5:f5:3e:68:c6:4a:
8d:a6:54:da:be:45:d2:1a:c6:81:b7:32:6a:61:71:
18:15:4e:86:62:10:31:15:29:23:31:f9:93:b1:f9:
34:c3:a9:1c:f8:f2:b2:04:03:2a:2a:e1:d8:1b:4f:
b7:2d:a2:b8:4c:4e:0a:b0:a0:70:81:79:f1:b9:71:
06:8a:c9:f9:f1:48:d7:69:f5:0f:23:0f:f5:e8:3f:
17:9d:2d:2b:f4:df:69:ef:ee:7d:11:b0:50:13:23:
bf:eb:86:d1:86:cf:3f:27:73:94:1c:c0:22:d1:e9:
e9:bd:50:1d:a0:32:6e:ce:7f:75:67:a7:c7:33:da:
a4:2a:a5:1b:24:89:5f:26:b7:58:52:97:29:74:49:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FC:D7:10:62:9F:18:FE:9D:FD:1C:DE:56:BE:55:7C:EA:BB:2D:CA
X509v3 Authority Key Identifier:
keyid:74:00:D5:01:3C:12:85:22:42:34:30:93:CB:F5:14:8D:4E:AE:AA:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dADVATwShSJCNDCTy_UUjU6uqvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/CfzXEGKfGP6d_RzeVr5VfOq7Lco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/95d71d-f41b-4171-8350-e0892a28aac9/1/dADVATwShSJCNDCTy_UUjU6uqvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.112.180.0/22
IPv6:
2a0e:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
12:a1:a1:73:b4:d7:67:70:63:8c:71:a8:e0:85:b7:2a:74:22:
e6:05:2c:88:ff:40:42:56:be:d1:b2:ee:00:a3:f2:ab:b0:6f:
7a:09:1a:8c:1d:45:47:e8:ff:f2:d2:94:e0:6d:87:8e:5b:3b:
ff:03:ae:ca:29:12:a9:e0:1d:ec:2d:bd:39:1f:06:cb:24:87:
fc:1b:86:4f:63:d4:09:f5:70:bf:62:f1:71:1c:ee:52:42:f1:
c9:b3:0a:5a:88:d8:9c:14:ae:64:dc:29:8e:15:d4:e8:c3:05:
cc:57:30:c7:af:03:72:b1:7f:0b:ea:8b:00:76:5a:e3:72:04:
4d:a2:f4:86:1f:40:9e:e7:89:5f:22:55:8c:68:70:22:a6:8b:
e3:78:87:77:ab:e3:86:fc:48:39:68:c2:48:82:1c:95:ef:b8:
a8:e5:c9:6c:5d:a4:6a:ba:c1:62:29:5b:bf:d5:69:83:30:78:
53:ec:37:9c:15:bd:bf:fd:23:98:e5:96:d6:93:47:fe:46:41:
ab:03:c6:11:02:73:c6:94:6b:da:bb:c4:ee:64:bc:3d:44:68:
a5:bc:f1:74:3f:30:13:76:c2:67:cc:e4:a2:93:a3:09:98:ee:
17:ac:9b:f6:07:1b:fd:66:bb:d6:6c:b0:8d:f8:e7:30:0f:31:
86:19:e0:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS0QmZMqv1blCeUqcoIlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MDBkNTAxM2MxMjg1MjI0MjM0MzA5M2NiZjUxNDhkNGVh
ZWFhZjkwHhcNMjQwMTAxMTgzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZjZDcxMDYyOWYxOGZlOWRmZDFjZGU1NmJlNTU3Y2VhYmIyZGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCGvvc2q9E7JHLSOz4TQME7MnCA8
b+84xngUx7C3vi22UIEXgnXER3G8a29iO9/DUQKUpsxNnKbIEGJOwvi3qZqaXLFm
gHevh+JwDT/B8xAvvGQ75GOeo+jqcagDGp85j3iFehmU7reqROxOFkza3erV9T5o
xkqNplTavkXSGsaBtzJqYXEYFU6GYhAxFSkjMfmTsfk0w6kc+PKyBAMqKuHYG0+3
LaK4TE4KsKBwgXnxuXEGisn58UjXafUPIw/16D8XnS0r9N9p7+59EbBQEyO/64bR
hs8/J3OUHMAi0enpvVAdoDJuzn91Z6fHM9qkKqUbJIlfJrdYUpcpdEmFaQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAn81xBinxj+nf0c3la+VXzquy3KMB8GA1UdIwQY
MBaAFHQA1QE8EoUiQjQwk8v1FI1Orqr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEFEVkFUd1NoU0pDTkRDVHlfVVVqVTZ1cXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS85NWQ3MWQtZjQxYi00MTcxLTgzNTAt
ZTA4OTJhMjhhYWM5LzEvQ2Z6WEVHS2ZHUDZkX1J6ZVZyNVZmT3E3TGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS85NWQ3MWQtZjQxYi00MTcxLTgzNTAtZTA4OTJhMjhhYWM5
LzEvZEFEVkFUd1NoU0pDTkRDVHlfVVVqVTZ1cXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXC0MA0E
AgACMAcDBQMqDm8AMA0GCSqGSIb3DQEBCwUAA4IBAQASoaFztNdncGOMcajghbcq
dCLmBSyI/0BCVr7Rsu4Ao/KrsG96CRqMHUVH6P/y0pTgbYeOWzv/A67KKRKp4B3s
Lb05HwbLJIf8G4ZPY9QJ9XC/YvFxHO5SQvHJswpaiNicFK5k3CmOFdTowwXMVzDH
rwNysX8L6osAdlrjcgRNovSGH0Ce54lfIlWMaHAipovjeId3q+OG/Eg5aMJIghyV
77io5clsXaRqusFiKVu/1WmDMHhT7DecFb2//SOY5ZbWk0f+RkGrA8YRAnPGlGva
u8TuZLw9RGilvPF0PzATdsJnzOSik6MJmO4XrJv2Bxv9ZrvWbLCN+OcwDzGGGeA9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:46 2025 by rpki-client