Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/CZF91AO1U6fWHx4MLKU7NxzvtCU.roa
File: CZF91AO1U6fWHx4MLKU7NxzvtCU.roa (raw, json)
Hash identifier: 7g6m1KnLR6bArj61YiVXC3L+T4ppPiLs97KEVnZ1HeU=
Subject key identifier: 09:91:7D:D4:03:B5:53:A7:D6:1F:1E:0C:2C:A5:3B:37:1C:EF:B4:25
Certificate issuer: /CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Certificate serial: 018CC26D18F55450421FDFA66591559E0F39
Authority key identifier: AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/CZF91AO1U6fWHx4MLKU7NxzvtCU.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59545
IP address blocks: 185.159.250.0/23 maxlen: 24
185.159.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 14:36:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:18:f5:54:50:42:1f:df:a6:65:91:55:9e:0f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09917dd403b553a7d61f1e0c2ca53b371cefb425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ec:9b:6e:9e:2f:f2:f2:e6:07:f6:a4:61:a5:
ad:24:f3:3d:af:fd:97:70:fe:a5:b9:8b:b7:e6:42:
87:6c:f1:51:46:b0:ef:7f:f4:c1:82:c3:8c:06:c9:
da:57:c3:ec:b6:5a:d8:f9:23:4b:fc:c7:80:c2:c0:
38:8b:41:a0:a7:38:e6:27:94:2d:69:ad:11:45:2d:
85:83:3c:5f:38:7c:63:6e:89:98:2f:cb:c4:62:80:
ae:4d:4e:4b:85:c7:57:99:7b:e3:c6:23:b9:14:2a:
51:ef:38:4c:16:84:b1:30:f8:bc:c5:e5:76:1e:62:
a5:ba:b8:30:4d:0d:dd:4e:bf:4b:b5:18:3f:81:8b:
47:f2:ce:52:56:f9:7a:3d:22:2e:38:8c:e6:49:b0:
c2:fb:39:4b:55:27:ce:5b:b2:fa:ee:79:ce:b2:5b:
6e:61:37:8c:02:3f:8f:6e:4a:b2:07:b9:a1:60:9f:
2e:e9:eb:12:bb:37:31:03:2f:28:f2:66:36:ee:e0:
5c:85:fd:ce:e2:8c:62:bc:ff:c9:9c:be:13:a4:dc:
2a:34:8d:90:75:ce:81:bf:4c:2d:6d:b2:88:7e:65:
31:ce:a1:37:de:55:c4:60:7c:32:04:80:e6:80:d9:
bf:44:e4:4e:2f:7d:2f:72:a2:26:72:46:6e:8c:99:
7e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:91:7D:D4:03:B5:53:A7:D6:1F:1E:0C:2C:A5:3B:37:1C:EF:B4:25
X509v3 Authority Key Identifier:
keyid:AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/CZF91AO1U6fWHx4MLKU7NxzvtCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/qoj641tmtN4uQcpe4He17wtKtkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.248.0/22
Signature Algorithm: sha256WithRSAEncryption
05:77:71:f2:88:d9:ee:08:18:7b:51:e0:13:f0:8e:67:a3:f3:
8f:e3:de:a9:e2:70:bf:34:94:e4:66:2b:c9:a6:7c:a2:48:70:
2c:46:2e:0d:b3:cb:39:99:41:bb:3c:92:41:da:10:a0:ba:46:
af:86:82:00:b6:f7:74:69:7f:53:54:cd:7e:f3:67:44:a7:ae:
0c:80:c4:e6:7e:06:b2:61:ec:f5:1b:41:58:1d:55:95:25:e8:
75:69:d5:27:48:e4:44:51:d6:c8:88:dc:d5:10:bc:98:d1:51:
20:03:4f:ca:dc:99:05:eb:8b:fc:57:7b:65:44:ef:c0:89:2f:
72:09:4d:e5:76:63:56:83:3b:8e:a8:eb:3d:78:a9:e3:e6:fb:
c4:36:4f:a8:a7:58:b9:be:92:2e:f2:a4:7f:15:38:be:d2:5f:
2c:16:6d:44:d4:46:c3:d8:7e:ea:78:32:e9:47:34:e9:4c:d4:
5c:d8:a6:9b:96:99:e5:55:18:3a:bd:d8:62:97:bf:d1:85:45:
d9:a9:6e:2c:3c:15:6d:9b:c6:76:6b:83:71:5a:63:e5:58:85:
24:83:b3:34:e7:33:b4:d6:f0:94:47:2b:e6:f5:a1:64:aa:e5:
11:ac:ae:fe:bd:97:d0:18:1a:1c:fd:82:23:9c:33:75:8d:74:
03:b4:cb:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbRj1VFBCH9+mZZFVng85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODhmYWUzNWI2NmI0ZGUyZTQxY2E1ZWUwNzdiNWVmMGI0
YWI2NDkwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTkxN2RkNDAzYjU1M2E3ZDYxZjFlMGMyY2E1M2IzNzFjZWZiNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkeybbp4v8vLmB/akYaWtJPM9r/2X
cP6luYu35kKHbPFRRrDvf/TBgsOMBsnaV8PstlrY+SNL/MeAwsA4i0GgpzjmJ5Qt
aa0RRS2FgzxfOHxjbomYL8vEYoCuTU5LhcdXmXvjxiO5FCpR7zhMFoSxMPi8xeV2
HmKlurgwTQ3dTr9LtRg/gYtH8s5SVvl6PSIuOIzmSbDC+zlLVSfOW7L67nnOsltu
YTeMAj+PbkqyB7mhYJ8u6esSuzcxAy8o8mY27uBchf3O4oxivP/JnL4TpNwqNI2Q
dc6Bv0wtbbKIfmUxzqE33lXEYHwyBIDmgNm/ROROL30vcqImckZujJl+nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAmRfdQDtVOn1h8eDCylOzcc77QlMB8GA1UdIwQY
MBaAFKqI+uNbZrTeLkHKXuB3te8LSrZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzct
YjkyY2I2MTEzMDM1LzEvQ1pGOTFBTzFVNmZXSHg0TUxLVTdOeHp2dENVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzctYjkyY2I2MTEzMDM1
LzEvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQAFd3HyiNnuCBh7UeAT8I5no/OP496p4nC/NJTkZivJ
pnyiSHAsRi4Ns8s5mUG7PJJB2hCgukavhoIAtvd0aX9TVM1+82dEp64MgMTmfgay
Yez1G0FYHVWVJeh1adUnSOREUdbIiNzVELyY0VEgA0/K3JkF64v8V3tlRO/AiS9y
CU3ldmNWgzuOqOs9eKnj5vvENk+op1i5vpIu8qR/FTi+0l8sFm1E1EbD2H7qeDLp
RzTpTNRc2KablpnlVRg6vdhil7/RhUXZqW4sPBVtm8Z2a4NxWmPlWIUkg7M05zO0
1vCURyvm9aFkquURrK7+vZfQGBoc/YIjnDN1jXQDtMse
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:52 2024 by rpki-client on console-ams.rpki-client.org