Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/CXOmpFe6UE6483M4kuDWyZXqhyk.roa
File: CXOmpFe6UE6483M4kuDWyZXqhyk.roa (raw, json)
Hash identifier: pToX75HdP0uMuhoWgEu6VL8o5SI+aOqdDBzkiBGZGh4=
Subject key identifier: 09:73:A6:A4:57:BA:50:4E:B8:F3:73:38:92:E0:D6:C9:95:EA:87:29
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018C351988AB9AEACF6AEF851C2EF4F9DD76
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/CXOmpFe6UE6483M4kuDWyZXqhyk.roa
Signing time: Mon 04 Dec 2023 13:51:54 +0000
ROA not before: Mon 04 Dec 2023 13:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31586
IP address blocks: 185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
2a05:a282::/32 maxlen: 48
2a05:2500::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:19:88:ab:9a:ea:cf:6a:ef:85:1c:2e:f4:f9:dd:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Dec 4 13:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0973a6a457ba504eb8f3733892e0d6c995ea8729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a8:42:da:1b:7c:c2:4a:49:14:57:a2:d2:49:
f4:c6:d3:e9:d1:63:ec:5d:f9:58:54:10:84:81:fc:
fc:9b:b1:df:12:81:0b:a7:2a:cd:7c:21:92:da:40:
cf:22:5a:20:a1:bd:64:3e:a7:43:d8:52:fc:ea:1f:
b0:47:69:83:24:71:25:8a:56:67:bc:e6:8d:61:6c:
6e:7a:c6:49:43:d9:c9:fc:c9:d3:50:e8:70:6c:38:
ca:f0:89:d1:76:dc:f2:dc:4d:09:18:95:c5:44:9a:
e5:d4:33:9c:c5:5e:83:01:3e:d7:2c:4d:c9:49:4c:
20:9e:e2:24:df:8c:23:7c:23:de:01:9c:bb:ee:64:
c8:4f:86:9c:ff:19:c7:ca:c1:ca:12:ba:c2:ed:53:
1c:ba:9e:e1:b6:5d:39:33:ad:35:e2:76:3a:64:4e:
fb:ab:2d:2a:b9:3c:3c:fd:41:06:24:ac:28:a4:94:
d7:dd:dc:c0:9f:6d:fd:db:0c:4d:e6:89:0a:19:1b:
7a:4d:3c:b4:23:66:9d:fc:a5:6b:04:f0:35:d1:27:
25:d1:0f:8b:a7:75:39:57:42:cb:bc:be:e1:73:fb:
73:c9:22:e0:c3:cf:77:d3:f2:3a:21:05:99:5f:61:
fc:ba:cf:a6:2f:24:9a:af:4c:e5:51:d9:9f:0e:83:
83:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:73:A6:A4:57:BA:50:4E:B8:F3:73:38:92:E0:D6:C9:95:EA:87:29
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/CXOmpFe6UE6483M4kuDWyZXqhyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.255.180.0/22
185.69.232.0/22
185.84.72.0/22
185.105.204.0/22
185.105.216.0/22
IPv6:
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
a2:1c:47:ee:5d:b4:a6:d9:9a:2d:5e:f3:2e:60:94:15:3d:b4:
08:45:e7:57:0a:66:60:4c:b7:06:e6:37:f5:85:b9:b6:2f:3e:
e5:fc:c9:f4:6e:bd:05:bf:85:97:50:e5:e0:9c:7d:3a:02:c5:
98:24:d2:59:97:23:cd:19:9c:35:8f:3a:84:21:5c:6d:45:42:
2e:35:c2:a1:30:88:4f:63:0e:31:f3:5f:24:c9:e9:92:59:95:
15:fe:98:02:d8:05:96:de:db:9b:26:65:42:55:4c:4a:ba:29:
cf:57:94:4c:39:7f:4b:e3:b1:3a:1d:bb:5d:34:30:8e:a5:e1:
14:e6:90:56:2f:a9:e2:c4:ad:59:9a:a1:f7:31:86:86:cd:dc:
bb:ac:43:71:9e:77:b0:04:a0:94:fa:75:65:b4:02:11:c7:34:
15:3e:54:04:88:83:48:02:2b:9e:ef:18:8d:00:b0:4e:3c:0c:
e0:41:cc:01:53:24:1d:8e:80:04:86:92:4f:bf:b9:e4:bc:6a:
d6:cd:d9:c5:d7:1b:20:cc:ad:ee:ab:1d:e5:28:34:31:cb:d8:
01:36:14:d4:a7:46:ae:f8:9b:6f:7d:c3:a9:cd:7b:df:8b:46:
4a:e3:4b:90:bc:5c:0d:3d:b4:6f:d9:5d:48:04:4e:a4:db:67:
6f:70:de:67
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYw1GYirmurPau+FHC70+d12MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjMxMjA0MTM1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTczYTZhNDU3YmE1MDRlYjhmMzczMzg5MmUwZDZjOTk1ZWE4NzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6hC2ht8wkpJFFei0kn0xtPp0WPs
XflYVBCEgfz8m7HfEoELpyrNfCGS2kDPIlogob1kPqdD2FL86h+wR2mDJHElilZn
vOaNYWxuesZJQ9nJ/MnTUOhwbDjK8InRdtzy3E0JGJXFRJrl1DOcxV6DAT7XLE3J
SUwgnuIk34wjfCPeAZy77mTIT4ac/xnHysHKErrC7VMcup7htl05M6014nY6ZE77
qy0quTw8/UEGJKwopJTX3dzAn2392wxN5okKGRt6TTy0I2ad/KVrBPA10Scl0Q+L
p3U5V0LLvL7hc/tzySLgw8930/I6IQWZX2H8us+mLySar0zlUdmfDoODDwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAlzpqRXulBOuPNzOJLg1smV6ocpMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvQ1hPbXBGZTZVRTY0ODNNNGt1RFd5WlhxaHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCjf+0AwQC
uUXoAwQCuVRIAwQCuWnMAwQCuWnYMBQEAgACMA4DBQAqBSUAAwUAKgWigjANBgkq
hkiG9w0BAQsFAAOCAQEAohxH7l20ptmaLV7zLmCUFT20CEXnVwpmYEy3BuY39YW5
ti8+5fzJ9G69Bb+Fl1Dl4Jx9OgLFmCTSWZcjzRmcNY86hCFcbUVCLjXCoTCIT2MO
MfNfJMnpklmVFf6YAtgFlt7bmyZlQlVMSropz1eUTDl/S+OxOh27XTQwjqXhFOaQ
Vi+p4sStWZqh9zGGhs3cu6xDcZ53sASglPp1ZbQCEcc0FT5UBIiDSAIrnu8YjQCw
TjwM4EHMAVMkHY6ABIaST7+55Lxq1s3ZxdcbIMyt7qsd5Sg0McvYATYU1KdGrvib
b33Dqc1734tGSuNLkLxcDT20b9ldSAROpNtnb3DeZw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:01 2024 by rpki-client on console-fra.rpki-client.org