Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Cf-Lrv_lR4rOz26JmMdsu5IDWl8.roa
File: Cf-Lrv_lR4rOz26JmMdsu5IDWl8.roa (raw, json)
Hash identifier: 5RFg5hEA/PtojQW4eX3aXScxt4kqnO/ZcJE038d4KrM=
Subject key identifier: 09:FF:8B:AE:FF:E5:47:8A:CE:CF:6E:89:98:C7:6C:BB:92:03:5A:5F
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 0189498CCF58CB8A6DDAF77A1DCD74176AC9
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Cf-Lrv_lR4rOz26JmMdsu5IDWl8.roa
Signing time: Wed 12 Jul 2023 10:01:52 +0000
ROA not before: Wed 12 Jul 2023 10:01:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 37.148.218.0/23 maxlen: 24
185.11.142.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:8c:cf:58:cb:8a:6d:da:f7:7a:1d:cd:74:17:6a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jul 12 10:01:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09ff8baeffe5478acecf6e8998c76cbb92035a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a8:1a:d2:e4:e4:01:17:b5:d4:61:22:cf:a9:
83:bc:76:99:21:02:08:64:92:6d:38:95:22:4a:f9:
a1:53:ef:59:3d:cc:85:2d:b2:06:c8:c0:46:43:48:
7f:ce:45:b8:b3:2e:d5:da:ab:4a:cc:21:67:3f:cb:
12:ab:a0:ef:8d:4c:82:05:03:9e:5b:3e:b0:79:76:
29:1c:65:9b:4a:d6:26:78:ff:3d:63:4b:66:d3:17:
db:05:78:1b:75:2d:ca:a0:7b:40:8f:f9:20:9c:73:
c4:9e:a7:3d:44:fa:f5:f4:59:d5:d9:f4:00:85:57:
95:e1:03:c6:20:d7:1a:d0:6c:d5:d1:65:ee:b8:47:
52:6f:3f:1c:d5:24:ee:bb:7c:3a:f4:9b:66:b0:40:
e4:23:49:f4:af:0a:6b:3f:cf:d4:14:d4:c7:de:ed:
47:b6:15:88:f2:db:c2:1b:f0:3b:37:bb:19:e2:ff:
1c:43:23:fc:00:63:78:7b:69:a4:f9:57:97:ba:42:
ca:89:23:49:cd:37:d8:df:1f:48:a0:e3:08:67:57:
1e:b4:72:ff:d6:ec:46:56:b2:0c:cb:c9:9b:8f:3f:
cd:c1:ff:9a:e5:cf:79:16:95:da:3c:a8:8f:2b:5f:
87:2b:b1:c3:0b:f6:5a:8c:5d:a6:9f:06:29:d3:2e:
8e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:FF:8B:AE:FF:E5:47:8A:CE:CF:6E:89:98:C7:6C:BB:92:03:5A:5F
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/Cf-Lrv_lR4rOz26JmMdsu5IDWl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.218.0/23
185.11.142.0/23
Signature Algorithm: sha256WithRSAEncryption
93:d4:ee:5a:62:49:94:8a:f6:93:bf:0e:7d:a3:c0:fb:58:f8:
30:39:39:64:87:e6:f0:d5:0b:ca:f2:38:21:1b:6b:7b:79:d9:
da:ad:ba:a2:3d:29:34:f3:61:07:45:48:bb:6a:37:14:f5:76:
6b:93:91:07:ce:3c:03:b6:38:9d:76:f4:55:a7:71:4c:a0:94:
ac:ea:84:30:40:74:f7:fd:96:1a:4e:c3:26:92:c3:ea:95:66:
3e:a2:8d:7c:2b:a8:3a:ba:25:78:3d:5f:62:f3:e1:a9:ef:e3:
e1:f9:d5:14:49:b3:e4:3b:f5:00:a4:75:86:fe:06:58:96:37:
7e:d6:80:c3:40:3f:30:95:dc:61:81:11:84:e6:24:46:20:70:
fc:a2:45:2f:c6:02:bd:de:8b:ac:78:81:1f:9e:25:a3:19:bf:
14:70:34:c9:10:54:7e:a4:f8:49:be:c2:f8:a4:bc:37:e9:5b:
fb:ed:c5:e1:f4:f9:4b:fc:66:a4:01:af:52:c2:a8:38:68:4f:
26:f9:4a:e2:79:76:a6:d8:f3:15:14:33:0a:31:d8:42:8b:73:
99:b5:90:ae:3b:5b:45:84:58:93:23:f2:c0:37:12:67:1d:70:
33:45:b4:5a:fd:be:74:d2:38:06:71:9e:3c:8f:54:c4:9c:00:
b4:33:f4:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlJjM9Yy4pt2vd6Hc10F2rJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjMwNzEyMTAwMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWZmOGJhZWZmZTU0NzhhY2VjZjZlODk5OGM3NmNiYjkyMDM1YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraga0uTkARe11GEiz6mDvHaZIQII
ZJJtOJUiSvmhU+9ZPcyFLbIGyMBGQ0h/zkW4sy7V2qtKzCFnP8sSq6DvjUyCBQOe
Wz6weXYpHGWbStYmeP89Y0tm0xfbBXgbdS3KoHtAj/kgnHPEnqc9RPr19FnV2fQA
hVeV4QPGINca0GzV0WXuuEdSbz8c1STuu3w69JtmsEDkI0n0rwprP8/UFNTH3u1H
thWI8tvCG/A7N7sZ4v8cQyP8AGN4e2mk+VeXukLKiSNJzTfY3x9IoOMIZ1cetHL/
1uxGVrIMy8mbjz/Nwf+a5c95FpXaPKiPK1+HK7HDC/ZajF2mnwYp0y6OuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAn/i67/5UeKzs9uiZjHbLuSA1pfMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvQ2YtTHJ2X2xSNHJPejI2Sm1NZHN1NUlEV2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJZTaAwQB
uQuOMA0GCSqGSIb3DQEBCwUAA4IBAQCT1O5aYkmUivaTvw59o8D7WPgwOTlkh+bw
1QvK8jghG2t7ednarbqiPSk082EHRUi7ajcU9XZrk5EHzjwDtjiddvRVp3FMoJSs
6oQwQHT3/ZYaTsMmksPqlWY+oo18K6g6uiV4PV9i8+Gp7+Ph+dUUSbPkO/UApHWG
/gZYljd+1oDDQD8wldxhgRGE5iRGIHD8okUvxgK93ouseIEfniWjGb8UcDTJEFR+
pPhJvsL4pLw36Vv77cXh9PlL/GakAa9Swqg4aE8m+UrieXam2PMVFDMKMdhCi3OZ
tZCuO1tFhFiTI/LANxJnHXAzRbRa/b500jgGcZ48j1TEnAC0M/RO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:30 2024 by rpki-client on console-ams.rpki-client.org