Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/C2BfA_oDuF9DPIDg7KFDtY7ThPg.roa
File: C2BfA_oDuF9DPIDg7KFDtY7ThPg.roa (raw, json)
Hash identifier: KHLpanpWf6tmFjEy7uCgpFfj/v9R5BdWos0zymFmjyE=
Subject key identifier: 0B:60:5F:03:FA:03:B8:5F:43:3C:80:E0:EC:A1:43:B5:8E:D3:84:F8
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A0268931BF2634F4E87BF55F0B35BA5FA
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/C2BfA_oDuF9DPIDg7KFDtY7ThPg.roa
Signing time: Thu 17 Aug 2023 07:32:02 +0000
ROA not before: Thu 17 Aug 2023 07:32:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57829
IP address blocks: 195.78.37.0/24 maxlen: 24
185.114.104.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
45.137.208.0/22 maxlen: 24
2a00:e900::/29 maxlen: 48
2a0b:fd82::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 21 Aug 2023 11:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:68:93:1b:f2:63:4f:4e:87:bf:55:f0:b3:5b:a5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 17 07:32:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b605f03fa03b85f433c80e0eca143b58ed384f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:9d:1d:f2:f1:5a:5f:68:70:13:5c:de:3e:
a5:23:e0:56:16:31:20:ad:58:9c:ab:ba:ef:90:96:
78:c9:a1:bd:a6:70:ea:bc:60:10:53:21:2f:39:f3:
2b:72:f2:c3:1b:a2:f3:e4:95:63:9d:1f:c2:32:bb:
58:d9:d1:d0:d8:92:df:96:54:86:ca:59:66:55:97:
a4:c1:6f:3f:50:9b:3e:2c:a9:a6:d4:df:5a:3c:f2:
ad:25:a1:1b:31:d1:6d:92:85:6c:c6:b3:84:54:10:
e2:58:de:52:10:0a:62:2b:4c:9f:7e:ef:2f:39:79:
0d:00:a6:08:53:9b:f0:32:84:19:c0:b3:91:bc:4a:
97:f1:0a:2f:64:c9:30:de:b2:92:31:e6:83:1d:9e:
c7:90:ea:c6:65:5c:24:cb:41:90:0f:d8:5f:f5:bc:
06:9a:7e:9a:c9:4d:10:62:54:97:ed:6c:2c:60:ac:
e2:af:c1:3c:6d:94:8d:81:71:59:b2:2f:d7:bf:84:
80:18:5f:bb:ff:6f:56:6f:8d:08:4c:6a:06:22:35:
74:8d:8f:59:77:59:21:64:16:3a:5d:ab:12:a4:be:
3e:cb:62:5d:e8:7f:5f:ee:1a:28:de:d3:00:54:47:
e3:16:81:f3:1b:56:c4:68:ce:7e:bf:65:76:04:6e:
f9:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:60:5F:03:FA:03:B8:5F:43:3C:80:E0:EC:A1:43:B5:8E:D3:84:F8
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/C2BfA_oDuF9DPIDg7KFDtY7ThPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
185.114.104.0/22
195.78.37.0/24
IPv6:
2a00:e900::/29
2a0b:fd82::/32
Signature Algorithm: sha256WithRSAEncryption
58:2b:09:06:f3:23:4c:8e:2c:f3:fc:af:f9:e2:7d:19:68:9a:
c5:3f:22:46:06:6e:cb:45:5e:e6:19:43:92:13:87:98:5a:c7:
fc:51:85:b3:d5:38:33:e5:8c:d0:a5:5e:26:8e:58:c7:ac:86:
17:7a:75:58:6e:45:94:44:2e:32:b4:9b:de:98:8e:15:27:09:
cf:c3:6c:e3:e2:3b:48:bc:a7:dc:e5:32:31:42:b7:36:a4:2a:
62:50:fa:83:64:85:d3:08:7e:ac:b2:dd:e2:f3:cd:0d:68:58:
1d:bf:e8:df:0d:f5:c4:d5:5b:b4:73:c6:84:88:e8:ed:53:b3:
b9:1b:c3:c9:50:01:da:8a:7e:1b:9e:12:ee:70:f5:58:0c:cf:
e9:1f:36:a6:eb:67:76:ad:48:a2:4d:cd:0a:93:dc:56:10:ab:
8b:b6:cf:02:a9:ab:3d:f1:10:35:51:85:6d:ed:ac:40:b2:09:
31:96:0e:6e:18:63:08:c6:1b:52:2b:05:b0:d2:54:9a:cf:45:
97:7e:b6:6d:40:0d:df:10:b0:39:40:ae:73:38:d5:da:cd:81:
87:84:dc:db:45:7c:15:e0:7d:ec:d3:d0:c8:14:fe:e6:f1:41:
d6:84:a4:be:ee:72:1e:90:21:f7:8c:94:cf:c4:16:f2:1e:2f:
ea:71:1d:77
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYoCaJMb8mNPToe/VfCzW6X6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODE3MDczMjAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjYwNWYwM2ZhMDNiODVmNDMzYzgwZTBlY2ExNDNiNThlZDM4NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSKdHfLxWl9ocBNc3j6lI+BWFjEg
rVicq7rvkJZ4yaG9pnDqvGAQUyEvOfMrcvLDG6Lz5JVjnR/CMrtY2dHQ2JLfllSG
yllmVZekwW8/UJs+LKmm1N9aPPKtJaEbMdFtkoVsxrOEVBDiWN5SEApiK0yffu8v
OXkNAKYIU5vwMoQZwLORvEqX8QovZMkw3rKSMeaDHZ7HkOrGZVwky0GQD9hf9bwG
mn6ayU0QYlSX7WwsYKzir8E8bZSNgXFZsi/Xv4SAGF+7/29Wb40ITGoGIjV0jY9Z
d1khZBY6XasSpL4+y2Jd6H9f7hoo3tMAVEfjFoHzG1bEaM5+v2V2BG751QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAtgXwP6A7hfQzyA4OyhQ7WO04T4MB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvQzJCZkFfb0R1RjlEUElEZzdLRkR0WTdUaFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYnQAwQE
UcnQAwQCuXJoAwQAw04lMBQEAgACMA4DBQMqAOkAAwUAKgv9gjANBgkqhkiG9w0B
AQsFAAOCAQEAWCsJBvMjTI4s8/yv+eJ9GWiaxT8iRgZuy0Ve5hlDkhOHmFrH/FGF
s9U4M+WM0KVeJo5Yx6yGF3p1WG5FlEQuMrSb3piOFScJz8Ns4+I7SLyn3OUyMUK3
NqQqYlD6g2SF0wh+rLLd4vPNDWhYHb/o3w31xNVbtHPGhIjo7VOzuRvDyVAB2op+
G54S7nD1WAzP6R82putndq1Iok3NCpPcVhCri7bPAqmrPfEQNVGFbe2sQLIJMZYO
bhhjCMYbUisFsNJUms9Fl362bUAN3xCwOUCuczjV2s2Bh4Tc20V8FeB97NPQyBT+
5vFB1oSkvu5yHpAh94yUz8QW8h4v6nEddw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:34 2024 by rpki-client on console-fra.rpki-client.org