Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Czb27FF2dBnl8pPhDvCRRPv4daE.roa
File: Czb27FF2dBnl8pPhDvCRRPv4daE.roa (raw, json)
Hash identifier: 5Al6Kb8hMBYrh5NUnanLNTW/zIJE+wb7i0MyNX8ZVhA=
Subject key identifier: 0B:36:F6:EC:51:76:74:19:E5:F2:93:E1:0E:F0:91:44:FB:F8:75:A1
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018601B9A374DE59061E0C1FC2B7E39E0009
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Czb27FF2dBnl8pPhDvCRRPv4daE.roa
Signing time: Mon 30 Jan 2023 08:09:48 +0000
ROA not before: Mon 30 Jan 2023 08:09:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57844
IP address blocks: 185.204.16.0/22 maxlen: 24
193.16.15.0/24 maxlen: 24
193.16.12.0/24 maxlen: 24
193.16.13.0/24 maxlen: 24
193.16.14.0/24 maxlen: 24
80.254.232.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:b9:a3:74:de:59:06:1e:0c:1f:c2:b7:e3:9e:00:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 30 08:09:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b36f6ec51767419e5f293e10ef09144fbf875a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:8b:bc:6a:8f:96:99:39:49:5d:80:28:e4:
a0:46:82:63:58:6e:7a:9e:99:05:6b:49:47:73:cd:
6b:2f:9e:bb:14:92:68:b5:e9:78:86:ab:4e:9c:c0:
a7:8e:d4:cf:87:58:f6:85:70:62:da:6c:e3:90:18:
e9:30:4a:a6:93:75:19:cd:6c:c6:91:54:52:1f:80:
2e:47:36:09:ad:5f:82:51:b3:61:5e:55:6c:97:0a:
d6:5e:5f:44:56:43:7c:c1:d1:c9:54:df:36:d8:63:
06:76:aa:32:ea:69:87:3b:1f:33:10:42:ec:42:c8:
be:15:5e:d6:92:db:0a:d0:90:14:ff:a2:cb:1d:8c:
8e:af:0b:99:87:ce:58:2f:ca:f7:e1:81:b9:5c:2e:
90:70:5c:71:0c:a2:f3:87:b1:f7:d9:d1:1e:ab:f0:
ce:11:ad:f5:a8:f2:09:14:e5:fc:c3:2b:53:66:95:
81:4e:88:55:f8:d2:1c:34:23:42:fa:74:8b:94:93:
ce:97:7d:60:41:a6:a2:98:40:4a:57:73:98:5f:05:
8a:30:aa:42:e2:c0:ee:38:b5:f6:f9:1f:a5:1e:8a:
4f:7d:f4:2b:14:da:9e:61:13:e4:43:16:9b:a4:a8:
7d:10:14:b5:58:a3:31:12:be:35:54:25:27:a5:60:
ac:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:36:F6:EC:51:76:74:19:E5:F2:93:E1:0E:F0:91:44:FB:F8:75:A1
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/Czb27FF2dBnl8pPhDvCRRPv4daE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.232.0/21
185.204.16.0/22
193.16.12.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:2a:a4:4a:0f:ac:f9:f6:27:6f:65:12:88:90:2a:38:db:95:
51:02:9e:de:b8:df:e8:0e:2c:47:6d:02:0e:ea:32:2b:99:01:
45:33:f5:73:7d:d3:d9:85:85:60:2a:a7:58:75:01:3a:f5:6e:
54:94:d8:72:43:21:f6:62:4e:76:64:df:39:c9:62:21:af:d0:
af:50:41:8f:32:ae:11:7e:a2:50:76:13:ac:ee:49:bb:e6:f7:
de:dd:0e:f3:b0:b9:ba:f3:83:a0:fa:a7:bd:77:42:5b:34:01:
48:0f:e6:f2:4e:29:6d:d1:31:d9:cb:01:55:c5:3b:14:12:84:
8d:cd:4f:f5:79:83:06:70:05:71:78:64:78:17:5a:31:5f:b3:
fa:54:eb:a7:ef:d1:d1:ac:16:3b:83:d5:c9:41:bd:11:f9:15:
57:3f:a0:c8:6e:3d:79:8c:f4:6a:c5:37:cb:16:ff:81:5d:e4:
48:e4:5d:ac:f8:81:52:bb:68:5f:da:da:be:a0:91:26:e8:d8:
19:5b:f3:8e:98:ae:f7:a0:72:8b:39:7d:16:38:36:93:9a:d8:
bb:9f:fd:39:98:f3:13:01:fd:57:7b:c0:b5:70:e7:c9:5a:59:
ed:27:2a:7b:17:d8:62:82:81:d5:3e:96:3d:46:ba:b6:91:8a:
35:72:3c:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYYBuaN03lkGHgwfwrfjngAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjMwMTMwMDgwOTQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjM2ZjZlYzUxNzY3NDE5ZTVmMjkzZTEwZWYwOTE0NGZiZjg3NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBOLvGqPlpk5SV2AKOSgRoJjWG56
npkFa0lHc81rL567FJJotel4hqtOnMCnjtTPh1j2hXBi2mzjkBjpMEqmk3UZzWzG
kVRSH4AuRzYJrV+CUbNhXlVslwrWXl9EVkN8wdHJVN822GMGdqoy6mmHOx8zEELs
Qsi+FV7WktsK0JAU/6LLHYyOrwuZh85YL8r34YG5XC6QcFxxDKLzh7H32dEeq/DO
Ea31qPIJFOX8wytTZpWBTohV+NIcNCNC+nSLlJPOl31gQaaimEBKV3OYXwWKMKpC
4sDuOLX2+R+lHopPffQrFNqeYRPkQxabpKh9EBS1WKMxEr41VCUnpWCsnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAs29uxRdnQZ5fKT4Q7wkUT7+HWhMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvQ3piMjdGRjJkQm5sOHBQaER2Q1JSUHY0ZGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUP7oAwQC
ucwQAwQCwRAMMA0GCSqGSIb3DQEBCwUAA4IBAQAtKqRKD6z59idvZRKIkCo425VR
Ap7euN/oDixHbQIO6jIrmQFFM/VzfdPZhYVgKqdYdQE69W5UlNhyQyH2Yk52ZN85
yWIhr9CvUEGPMq4RfqJQdhOs7km75vfe3Q7zsLm684Og+qe9d0JbNAFID+byTilt
0THZywFVxTsUEoSNzU/1eYMGcAVxeGR4F1oxX7P6VOun79HRrBY7g9XJQb0R+RVX
P6DIbj15jPRqxTfLFv+BXeRI5F2s+IFSu2hf2tq+oJEm6NgZW/OOmK73oHKLOX0W
ODaTmti7n/05mPMTAf1Xe8C1cOfJWlntJyp7F9higoHVPpY9Rrq2kYo1cjyH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:34 2024 by rpki-client on console-ams.rpki-client.org