Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/cFLF4Dnz-7gZuBIhE-7a4EtZaXI.roa
File: cFLF4Dnz-7gZuBIhE-7a4EtZaXI.roa (raw, json)
Hash identifier: UeWHD5y7mvEY021IuXr3Ag/U2H9qAxeqqBBccE1bWN8=
Subject key identifier: 70:52:C5:E0:39:F3:FB:B8:19:B8:12:21:13:EE:DA:E0:4B:59:69:72
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018CC26D41EE68A825D6C6FB0341884093C6
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/cFLF4Dnz-7gZuBIhE-7a4EtZaXI.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 79.133.180.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
185.250.45.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 07:54:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:41:ee:68:a8:25:d6:c6:fb:03:41:88:40:93:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7052c5e039f3fbb819b8122113eedae04b596972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:08:45:e5:60:df:14:0c:a3:84:1c:58:93:
59:43:15:f7:1f:ed:83:dc:ba:82:53:3e:51:f8:45:
cf:60:41:b3:37:47:0b:9e:5b:43:df:55:b3:00:b9:
e1:f6:69:2a:18:56:1f:bd:3a:12:5c:58:ce:25:e5:
35:9f:6d:4e:c5:68:86:96:44:83:45:b4:6f:48:ef:
e6:96:90:b7:01:7d:e7:24:3c:85:70:4d:f3:7c:ad:
ae:30:39:d8:da:54:00:30:e3:53:2b:e9:98:ac:c2:
8f:2f:22:7f:9a:88:f8:a7:29:96:83:69:fd:32:f6:
ce:84:d8:42:07:0f:c9:04:80:a6:f9:7a:03:81:c4:
d9:07:7e:89:db:b3:3b:20:b1:8f:e7:23:e0:4c:87:
6e:35:2f:e6:92:d8:ef:a6:1c:1d:da:50:ae:8f:9f:
30:1c:ca:77:f6:01:01:e8:61:b5:1b:99:ef:7b:cd:
a6:2c:76:32:d5:b8:03:51:59:69:74:0b:dd:57:15:
d9:3b:68:67:01:ac:fe:f9:9e:8d:86:1c:08:99:12:
ab:31:90:a4:11:67:ff:d7:10:45:ea:64:99:8e:2c:
aa:a7:d5:6b:c0:53:8a:82:3c:52:cd:79:5e:1e:55:
f5:2e:77:55:5d:6a:87:8c:cf:16:ee:a1:72:88:86:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:52:C5:E0:39:F3:FB:B8:19:B8:12:21:13:EE:DA:E0:4B:59:69:72
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/cFLF4Dnz-7gZuBIhE-7a4EtZaXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.63.0/24
79.133.180.0/24
185.244.48.0/24
185.250.45.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:e1:97:36:fd:3c:f6:3e:31:ea:81:84:64:03:7b:e5:8e:2a:
34:70:ca:95:36:48:f5:b0:0d:07:bf:3a:b9:a1:07:6c:ff:f2:
d7:c4:f8:15:9a:74:fe:7a:fc:08:28:dd:f4:04:76:36:bd:a7:
7b:1f:35:fd:04:5c:c4:d3:4b:81:36:1c:b7:2d:0d:88:ff:5c:
ef:cd:9d:e1:50:9a:26:10:f2:0b:10:f6:b6:95:c3:2b:fc:f6:
4b:0c:d0:8b:83:e0:ee:14:5f:f4:a9:a8:61:ee:d6:d1:01:e4:
d6:df:55:a2:bf:ea:b8:f8:9d:b7:0b:f6:25:c8:24:c9:96:72:
1a:a5:26:b1:7f:66:68:79:42:ac:cb:59:23:6f:f0:74:48:2b:
88:aa:1c:c7:8f:29:03:4d:a7:63:b7:af:ae:50:1e:45:62:13:
ea:a5:18:df:da:96:0d:95:29:94:a6:b9:a6:02:85:27:8e:8b:
7e:11:03:17:d6:9d:b2:a3:72:ed:91:dd:61:79:ce:41:10:a3:
19:46:1f:9b:d5:7b:33:39:4b:2e:5f:75:f3:67:4b:08:5b:af:
0c:59:fb:21:2c:de:39:80:39:e3:dd:b9:4d:f0:77:a0:cc:cc:
aa:81:73:3c:b0:ab:04:1f:b0:fc:ef:66:a5:eb:b8:24:32:20:
60:28:9c:db
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbUHuaKgl1sb7A0GIQJPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDUyYzVlMDM5ZjNmYmI4MTliODEyMjExM2VlZGFlMDRiNTk2OTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWcIReVg3xQMo4QcWJNZQxX3H+2D
3LqCUz5R+EXPYEGzN0cLnltD31WzALnh9mkqGFYfvToSXFjOJeU1n21OxWiGlkSD
RbRvSO/mlpC3AX3nJDyFcE3zfK2uMDnY2lQAMONTK+mYrMKPLyJ/moj4pymWg2n9
MvbOhNhCBw/JBICm+XoDgcTZB36J27M7ILGP5yPgTIduNS/mktjvphwd2lCuj58w
HMp39gEB6GG1G5nve82mLHYy1bgDUVlpdAvdVxXZO2hnAaz++Z6NhhwImRKrMZCk
EWf/1xBF6mSZjiyqp9VrwFOKgjxSzXleHlX1LndVXWqHjM8W7qFyiIamRwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHBSxeA58/u4GbgSIRPu2uBLWWlyMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvY0ZMRjREbnotN2dadUJJaEUtN2E0RXRaYVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf0/AwQA
T4W0AwQAufQwAwQAufotMA0GCSqGSIb3DQEBCwUAA4IBAQA64Zc2/Tz2PjHqgYRk
A3vljio0cMqVNkj1sA0Hvzq5oQds//LXxPgVmnT+evwIKN30BHY2vad7HzX9BFzE
00uBNhy3LQ2I/1zvzZ3hUJomEPILEPa2lcMr/PZLDNCLg+DuFF/0qahh7tbRAeTW
31Wiv+q4+J23C/YlyCTJlnIapSaxf2ZoeUKsy1kjb/B0SCuIqhzHjykDTadjt6+u
UB5FYhPqpRjf2pYNlSmUprmmAoUnjot+EQMX1p2yo3Ltkd1hec5BEKMZRh+b1Xsz
OUsuX3XzZ0sIW68MWfshLN45gDnj3blN8HegzMyqgXM8sKsEH7D872al67gkMiBg
KJzb
-----END CERTIFICATE-----
Generated at Tue Jan 30 11:05:42 2024 by rpki-client on console-fra.rpki-client.org