Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/cfqyPrNY9PBPFTQMOabU9M5QE1M.roa
File: cfqyPrNY9PBPFTQMOabU9M5QE1M.roa (raw, json)
Hash identifier: CsvcYHUHW64NnMbGSGY+Wi2nhE+tLBZY79pUiEdekpk=
Subject key identifier: 71:FA:B2:3E:B3:58:F4:F0:4F:15:34:0C:39:A6:D4:F4:CE:50:13:53
Certificate issuer: /CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Certificate serial: 0185723116172671B386088168C40C198A58
Authority key identifier: FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/cfqyPrNY9PBPFTQMOabU9M5QE1M.roa
Signing time: Mon 02 Jan 2023 11:14:57 +0000
ROA not before: Mon 02 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62429
IP address blocks: 185.18.90.0/24 maxlen: 24
80.87.144.0/20 maxlen: 20
185.35.116.0/22 maxlen: 22
91.195.16.0/23 maxlen: 23
91.197.160.0/22 maxlen: 22
2a00:db20::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:16:17:26:71:b3:86:08:81:68:c4:0c:19:8a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd78f13ffa92f074ebe557d2a2d29ad0da33e5d8
Validity
Not Before: Jan 2 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71fab23eb358f4f04f15340c39a6d4f4ce501353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:56:b1:58:6a:c1:fc:bb:f8:78:2c:b8:30:d1:
10:c7:a5:04:54:ff:7f:d3:79:38:68:eb:54:d1:a7:
2a:7b:4e:7d:79:cc:4a:3a:a5:b4:8d:4d:da:b3:33:
9e:79:ce:2f:73:c2:da:c5:3d:fa:47:08:f3:09:90:
34:0c:30:e6:ee:f9:d7:4d:4d:bd:64:53:8b:6b:62:
34:83:22:ec:20:c9:a5:03:83:16:58:9d:51:41:62:
c8:53:49:18:54:dc:2e:f3:1f:9c:a1:c1:c6:ba:ba:
69:32:7e:b2:0f:4e:c8:6b:01:35:69:30:36:19:3b:
16:d7:54:52:7f:50:64:d4:b7:6b:8e:6b:12:97:45:
7a:3f:fb:6d:b1:12:77:7f:34:15:a0:05:e0:50:b7:
43:ac:55:f2:4f:d2:54:e1:e0:97:c9:79:32:98:63:
be:3e:b9:62:39:63:de:1a:fd:a3:b1:e3:ee:01:79:
14:55:44:83:81:bb:d8:c3:de:22:67:b1:20:5f:d0:
eb:a7:e0:fb:5b:5e:98:31:ab:83:e8:45:c6:b5:db:
d5:61:dc:d1:d0:15:4a:34:3b:d3:e9:a5:b6:6a:3c:
3e:4b:f1:72:de:e0:df:43:2c:fa:3f:e7:78:f1:50:
e2:4b:ab:bb:4c:96:3d:f8:1a:c2:e3:0e:0e:07:7b:
f3:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:FA:B2:3E:B3:58:F4:F0:4F:15:34:0C:39:A6:D4:F4:CE:50:13:53
X509v3 Authority Key Identifier:
keyid:FD:78:F1:3F:FA:92:F0:74:EB:E5:57:D2:A2:D2:9A:D0:DA:33:E5:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_XjxP_qS8HTr5VfSotKa0Noz5dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/cfqyPrNY9PBPFTQMOabU9M5QE1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e41c34-0252-4718-9f3d-fdf0118cc016/1/_XjxP_qS8HTr5VfSotKa0Noz5dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.87.144.0/20
91.195.16.0/23
91.197.160.0/22
185.18.90.0/24
185.35.116.0/22
IPv6:
2a00:db20::/32
Signature Algorithm: sha256WithRSAEncryption
69:53:a3:5c:e8:84:cd:f6:af:41:20:d0:45:84:44:e0:22:8b:
98:14:d8:d0:6c:39:fd:4e:2c:e1:f2:b3:ed:ca:10:85:33:fc:
ac:cf:0d:40:12:4a:ed:ed:f1:f4:bf:03:79:5b:55:7d:e5:8d:
ef:33:74:36:b9:b4:ba:c7:f4:43:2b:ab:79:25:35:2b:1a:e2:
77:a3:c3:51:3b:84:bc:95:94:4d:e5:6a:c6:10:60:a9:36:f6:
1d:83:ac:82:18:61:77:f8:8f:a5:e2:33:1e:91:1b:f3:fe:fc:
ab:9a:c6:42:c8:11:c9:61:ee:05:41:3c:60:21:98:2d:e4:fb:
8c:86:12:bb:ed:bf:a5:ec:74:eb:9b:22:5d:d2:09:99:c8:83:
83:81:1c:91:b0:0c:e9:0a:c5:e2:68:3b:42:58:93:4e:c3:e2:
47:10:1b:9f:b2:72:1b:99:f7:1e:8d:94:c2:fa:10:e2:dd:3c:
02:47:8c:7e:f8:71:5d:5e:3e:fe:64:95:db:61:b1:c4:fe:2f:
36:50:a0:46:6a:a5:0e:3f:f1:8a:69:89:ea:d5:69:0e:53:b2:
f0:55:ad:fb:1a:de:30:5d:6b:e8:c0:e2:60:ab:6f:9c:85:5b:
65:92:fb:9d:dd:b1:9d:e3:2a:14:fa:a7:77:aa:9a:17:99:3f:
ab:72:05:1f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVyMRYXJnGzhgiBaMQMGYpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNzhmMTNmZmE5MmYwNzRlYmU1NTdkMmEyZDI5YWQwZGEz
M2U1ZDgwHhcNMjMwMTAyMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWZhYjIzZWIzNThmNGYwNGYxNTM0MGMzOWE2ZDRmNGNlNTAxMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1axWGrB/Lv4eCy4MNEQx6UEVP9/
03k4aOtU0acqe059ecxKOqW0jU3aszOeec4vc8LaxT36RwjzCZA0DDDm7vnXTU29
ZFOLa2I0gyLsIMmlA4MWWJ1RQWLIU0kYVNwu8x+cocHGurppMn6yD07IawE1aTA2
GTsW11RSf1Bk1LdrjmsSl0V6P/ttsRJ3fzQVoAXgULdDrFXyT9JU4eCXyXkymGO+
PrliOWPeGv2jsePuAXkUVUSDgbvYw94iZ7EgX9Drp+D7W16YMauD6EXGtdvVYdzR
0BVKNDvT6aW2ajw+S/Fy3uDfQyz6P+d48VDiS6u7TJY9+BrC4w4OB3vz/wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHH6sj6zWPTwTxU0DDmm1PTOUBNTMB8GA1UdIwQY
MBaAFP148T/6kvB06+VX0qLSmtDaM+XYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2Qt
ZmRmMDExOGNjMDE2LzEvY2ZxeVByTlk5UEJQRlRRTU9hYlU5TTVRRTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lNDFjMzQtMDI1Mi00NzE4LTlmM2QtZmRmMDExOGNjMDE2
LzEvX1hqeFBfcVM4SFRyNVZmU290S2EwTm96NWRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUFeQAwQB
W8MQAwQCW8WgAwQAuRJaAwQCuSN0MA0EAgACMAcDBQAqANsgMA0GCSqGSIb3DQEB
CwUAA4IBAQBpU6Nc6ITN9q9BINBFhETgIouYFNjQbDn9Tizh8rPtyhCFM/yszw1A
Ekrt7fH0vwN5W1V95Y3vM3Q2ubS6x/RDK6t5JTUrGuJ3o8NRO4S8lZRN5WrGEGCp
NvYdg6yCGGF3+I+l4jMekRvz/vyrmsZCyBHJYe4FQTxgIZgt5PuMhhK77b+l7HTr
myJd0gmZyIODgRyRsAzpCsXiaDtCWJNOw+JHEBufsnIbmfcejZTC+hDi3TwCR4x+
+HFdXj7+ZJXbYbHE/i82UKBGaqUOP/GKaYnq1WkOU7LwVa37Gt4wXWvowOJgq2+c
hVtlkvud3bGd4yoU+qd3qpoXmT+rcgUf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:40 2024 by rpki-client on console-fra.rpki-client.org