Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/voL1n2lU2OUQnT49pqwGQrpkM6s.roa
File: voL1n2lU2OUQnT49pqwGQrpkM6s.roa (raw, json)
Hash identifier: AC0621Yv4wp9FWN1BHfVMd6PSNt+Z3RTPuxX8tnr4Sw=
Subject key identifier: BE:82:F5:9F:69:54:D8:E5:10:9D:3E:3D:A6:AC:06:42:BA:64:33:AB
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 018A3B38E773C05D2D391142948A05204C88
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/voL1n2lU2OUQnT49pqwGQrpkM6s.roa
Signing time: Mon 28 Aug 2023 08:18:19 +0000
ROA not before: Mon 28 Aug 2023 08:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49419
IP address blocks: 185.224.56.0/22 maxlen: 24
84.19.128.0/20 maxlen: 24
84.19.144.0/21 maxlen: 24
2a0b:fd80::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3b:38:e7:73:c0:5d:2d:39:11:42:94:8a:05:20:4c:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Aug 28 08:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be82f59f6954d8e5109d3e3da6ac0642ba6433ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3c:56:df:6e:e7:74:64:83:1e:9f:93:22:b2:
13:2b:75:ce:c2:ac:12:ac:52:6f:0b:73:75:75:97:
4b:78:67:a8:cb:11:0c:67:3c:a9:12:f6:8e:83:eb:
60:21:f0:4c:b3:29:8b:20:c1:82:fe:66:93:60:b2:
4c:18:c0:73:c6:96:13:5a:6c:81:1d:0d:16:4b:db:
0a:05:00:c3:df:a0:85:a6:d2:71:df:70:c9:fc:1a:
c4:61:be:a0:74:43:68:cf:26:20:7e:d6:47:d0:0c:
91:2d:e6:7c:4c:15:ae:6e:65:ad:5f:64:4e:24:b2:
6e:e4:cb:01:63:13:55:93:55:c6:5d:a0:2b:21:c8:
29:7f:42:3e:35:6a:69:5b:eb:fa:3c:cd:3b:cc:ec:
3f:6d:e6:55:82:71:2f:7f:c2:02:4a:78:b4:eb:ae:
db:ab:48:8b:74:89:20:04:9e:40:75:4b:b3:fb:15:
45:f0:17:5a:be:28:bc:51:fd:86:f4:d4:24:96:75:
ee:5d:cd:45:29:b2:6d:e1:18:66:85:87:cc:45:62:
69:37:44:78:12:e4:85:99:ed:4d:a7:2c:0f:4d:35:
49:f1:15:ca:5f:e7:87:6e:d9:06:52:ca:11:2a:b8:
03:ae:28:92:cf:bb:98:a8:ea:8c:a3:52:f5:2c:05:
d5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:82:F5:9F:69:54:D8:E5:10:9D:3E:3D:A6:AC:06:42:BA:64:33:AB
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/voL1n2lU2OUQnT49pqwGQrpkM6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.19.128.0-84.19.151.255
185.224.56.0/22
IPv6:
2a0b:fd80::/31
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
5f:a7:bc:fb:b6:25:2f:32:c4:ba:f0:34:77:5b:ac:fa:2e:1c:
d9:a7:57:d4:aa:97:0e:de:50:03:a0:d8:c1:07:a0:eb:a1:9e:
ff:6d:11:86:7d:92:54:d7:8c:f2:6c:6f:ea:64:8b:b7:fe:33:
37:9a:0b:f6:c6:7d:0d:f3:d4:e2:34:d2:02:aa:14:af:4f:1c:
30:72:42:4d:d5:9d:ce:c9:f3:54:f7:dc:0a:0b:32:0a:a1:4d:
b4:7d:0b:f0:5c:1c:c8:b2:6d:0f:27:5e:d5:c0:11:b6:cc:5d:
fb:07:08:50:55:87:c6:08:8a:3a:af:d3:e2:20:48:ae:72:3d:
cd:6b:b5:4f:6a:6b:68:dc:13:e6:55:0e:2e:9c:d3:81:9e:ce:
8c:09:72:29:a3:29:40:c3:ef:27:38:38:bd:71:91:d6:a6:a5:
f1:a0:f5:fb:ea:bd:d7:41:5d:cc:dd:05:ea:cd:7f:c8:9f:06:
dd:04:3a:19:ef:9a:d0:4f:86:f6:bd:aa:ac:5b:46:e5:30:ab:
07:ef:be:0d:5f:fe:13:0f:b9:7a:be:8a:d0:fb:e2:e7:23:96:
b0:ea:3e:00:69:4d:91:3a:f9:1f:1d:09:8c:be:2e:52:77:6d:
c5:42:ef:36:28:98:b1:bc:52:d8:c3:30:6c:9c:f0:4f:6e:46:
b4:e4:a6:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYo7OOdzwF0tORFClIoFIEyIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjMwODI4MDgxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTgyZjU5ZjY5NTRkOGU1MTA5ZDNlM2RhNmFjMDY0MmJhNjQzM2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDxW327ndGSDHp+TIrITK3XOwqwS
rFJvC3N1dZdLeGeoyxEMZzypEvaOg+tgIfBMsymLIMGC/maTYLJMGMBzxpYTWmyB
HQ0WS9sKBQDD36CFptJx33DJ/BrEYb6gdENozyYgftZH0AyRLeZ8TBWubmWtX2RO
JLJu5MsBYxNVk1XGXaArIcgpf0I+NWppW+v6PM07zOw/beZVgnEvf8ICSni0667b
q0iLdIkgBJ5AdUuz+xVF8Bdavii8Uf2G9NQklnXuXc1FKbJt4RhmhYfMRWJpN0R4
EuSFme1NpywPTTVJ8RXKX+eHbtkGUsoRKrgDriiSz7uYqOqMo1L1LAXVWwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL6C9Z9pVNjlEJ0+PaasBkK6ZDOrMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvdm9MMW4ybFUyT1VRblQ0OXBxd0dRcnBrTTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAdUE4AD
BANUE5ADBAK54DgwFAQCAAIwDgMFASoL/YADBQAqC/2HMA0GCSqGSIb3DQEBCwUA
A4IBAQBfp7z7tiUvMsS68DR3W6z6LhzZp1fUqpcO3lADoNjBB6DroZ7/bRGGfZJU
14zybG/qZIu3/jM3mgv2xn0N89TiNNICqhSvTxwwckJN1Z3OyfNU99wKCzIKoU20
fQvwXBzIsm0PJ17VwBG2zF37BwhQVYfGCIo6r9PiIEiucj3Na7VPamto3BPmVQ4u
nNOBns6MCXIpoylAw+8nODi9cZHWpqXxoPX76r3XQV3M3QXqzX/InwbdBDoZ75rQ
T4b2vaqsW0blMKsH774NX/4TD7l6vorQ++LnI5aw6j4AaU2ROvkfHQmMvi5Sd23F
Qu82KJixvFLYwzBsnPBPbka05KZ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:54 2024 by rpki-client on console-ams.rpki-client.org