Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/CFqWm-kNnzXg6iDdj4M8MWiOrAw.roa
File: CFqWm-kNnzXg6iDdj4M8MWiOrAw.roa (raw, json)
Hash identifier: 7xZiUgY607H0obKbUCL6C8jzNZ8k9YnWOz4Q4lj3RUc=
Subject key identifier: 08:5A:96:9B:E9:0D:9F:35:E0:EA:20:DD:8F:83:3C:31:68:8E:AC:0C
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 0188F82A3A9AA8F9C12D61D23D0BC4010F19
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/CFqWm-kNnzXg6iDdj4M8MWiOrAw.roa
Signing time: Mon 26 Jun 2023 14:44:56 +0000
ROA not before: Mon 26 Jun 2023 14:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 192.144.52.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
193.9.36.0/22 maxlen: 24
185.220.28.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
45.83.112.0/22 maxlen: 24
194.39.68.0/22 maxlen: 24
80.254.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f8:2a:3a:9a:a8:f9:c1:2d:61:d2:3d:0b:c4:01:0f:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jun 26 14:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085a969be90d9f35e0ea20dd8f833c31688eac0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:da:f2:23:6e:d3:7b:6a:ab:d8:15:66:a9:
ad:71:7c:04:dc:13:ef:a5:c5:86:fb:e0:69:cb:45:
e3:ae:46:b6:cb:f4:a2:94:8e:90:67:09:90:4e:04:
8f:19:f5:8e:a7:bb:e1:80:23:f6:cb:1d:be:27:d3:
c7:9e:29:57:32:9a:6d:28:00:2a:34:19:8a:8d:97:
3c:6e:c4:46:4f:6a:89:7e:4e:09:03:fc:b8:87:b1:
15:54:3b:6b:3b:15:50:3a:63:3e:bd:6d:e3:25:97:
bf:e5:fe:8c:ad:89:5e:9d:fa:59:dc:12:14:06:35:
8c:45:fa:be:86:3a:0b:a7:91:75:15:72:ba:f1:ab:
04:db:ca:8b:44:f8:02:e6:fd:e3:45:f0:69:e2:a0:
1a:75:c8:c0:ef:37:5f:bd:a9:ae:c7:4e:b3:42:e7:
83:50:4f:c7:fa:e0:f7:b6:3f:cc:7c:cf:86:02:23:
d9:57:36:76:bd:2b:0e:23:3b:06:9c:d7:36:c3:fb:
f8:ad:e7:a2:d1:8b:55:31:46:b5:ea:a3:30:fb:ed:
34:d5:8a:ed:18:46:c8:88:90:87:9f:6e:40:17:ca:
06:d9:d9:5f:90:e9:12:47:96:ae:f5:7b:09:7d:67:
67:ca:7f:a9:97:a4:3d:b1:6a:49:49:19:0f:4d:ee:
69:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5A:96:9B:E9:0D:9F:35:E0:EA:20:DD:8F:83:3C:31:68:8E:AC:0C
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/CFqWm-kNnzXg6iDdj4M8MWiOrAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.112.0/22
80.254.236.0/22
185.220.28.0/22
192.144.52.0/22
193.9.36.0-193.9.43.255
193.187.168.0/22
194.39.68.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:11:0b:80:0f:e9:9a:db:ed:15:ee:c7:32:ff:a7:6c:54:36:
11:5d:fc:7d:5d:c5:2d:d2:0e:d0:b8:4f:ae:ad:a8:d6:a9:ef:
fe:88:0a:fe:66:fc:d3:de:bc:3c:71:20:95:1f:70:68:b5:57:
04:3a:79:8b:30:4b:c2:1b:a7:1a:ee:a2:a5:6d:26:ee:85:29:
21:86:1a:be:f8:71:53:5d:9c:51:76:be:73:be:b3:4c:b8:47:
a6:42:12:06:ca:28:3b:3c:ec:23:ad:4e:e2:da:b2:2a:5a:ab:
85:9d:ab:66:7a:b9:67:7b:a6:28:36:fb:88:17:05:c9:4a:84:
af:18:5d:54:fb:57:9c:e1:e1:26:87:74:19:c7:c9:db:26:98:
bd:e6:f9:51:03:57:95:ca:b4:5d:41:c2:2e:cc:b9:5d:df:88:
64:dc:03:b2:a1:51:3e:10:67:21:98:03:4a:56:b9:ae:9f:3f:
1e:d4:f3:3d:18:b3:2e:41:ce:41:cc:1b:e9:e8:d3:5b:8a:26:
0e:ef:2b:49:d4:d9:41:82:53:1f:d6:03:cb:1b:3d:6f:cb:d5:
a6:d5:ca:2e:a3:18:a4:cf:2f:c3:e6:7b:49:71:1a:23:07:e1:
0b:fa:a9:a5:f9:f1:bf:b9:f0:54:6b:1d:59:e5:d5:eb:fd:1b:
49:e9:67:07
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYj4KjqaqPnBLWHSPQvEAQ8ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwNjI2MTQ0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVhOTY5YmU5MGQ5ZjM1ZTBlYTIwZGQ4ZjgzM2MzMTY4OGVhYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCfa8iNu03tqq9gVZqmtcXwE3BPv
pcWG++Bpy0Xjrka2y/SilI6QZwmQTgSPGfWOp7vhgCP2yx2+J9PHnilXMpptKAAq
NBmKjZc8bsRGT2qJfk4JA/y4h7EVVDtrOxVQOmM+vW3jJZe/5f6MrYlenfpZ3BIU
BjWMRfq+hjoLp5F1FXK68asE28qLRPgC5v3jRfBp4qAadcjA7zdfvamux06zQueD
UE/H+uD3tj/MfM+GAiPZVzZ2vSsOIzsGnNc2w/v4reei0YtVMUa16qMw++001Yrt
GEbIiJCHn25AF8oG2dlfkOkSR5au9XsJfWdnyn+pl6Q9sWpJSRkPTe5ptQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAhalpvpDZ814Oog3Y+DPDFojqwMMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvQ0ZxV20ta05uelhnNmlEZGo0TThNV2lPckF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLVNwAwQC
UP7sAwQCudwcAwQCwJA0MAwDBALBCSQDBALBCSgDBALBu6gDBALCJ0QwDQYJKoZI
hvcNAQELBQADggEBALcRC4AP6Zrb7RXuxzL/p2xUNhFd/H1dxS3SDtC4T66tqNap
7/6ICv5m/NPevDxxIJUfcGi1VwQ6eYswS8IbpxruoqVtJu6FKSGGGr74cVNdnFF2
vnO+s0y4R6ZCEgbKKDs87COtTuLasipaq4Wdq2Z6uWd7pig2+4gXBclKhK8YXVT7
V5zh4SaHdBnHydsmmL3m+VEDV5XKtF1Bwi7MuV3fiGTcA7KhUT4QZyGYA0pWua6f
Px7U8z0Ysy5BzkHMG+no01uKJg7vK0nU2UGCUx/WA8sbPW/L1abVyi6jGKTPL8Pm
e0lxGiMH4Qv6qaX58b+58FRrHVnl1ev9G0npZwc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org