Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/czhNrx9n-lA7-gNwm_3NoCNZQIk.roa
File: czhNrx9n-lA7-gNwm_3NoCNZQIk.roa (raw, json)
Hash identifier: XFBJdpqOWqHABPXx4rt5mjW5fIEM9dYVbgcYG+a7GYE=
Subject key identifier: 73:38:4D:AF:1F:67:FA:50:3B:FA:03:70:9B:FD:CD:A0:23:59:40:89
Certificate issuer: /CN=df0198a7b3afdcdd7003562a0871878e238760ad
Certificate serial: 018CE9092895BD7E60A5AA8AC5660CBE208C
Authority key identifier: DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/czhNrx9n-lA7-gNwm_3NoCNZQIk.roa
Signing time: Mon 08 Jan 2024 12:25:40 +0000
ROA not before: Mon 08 Jan 2024 12:25:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1299
IP address blocks: 195.184.160.0/19 maxlen: 24
94.44.0.0/16 maxlen: 24
89.223.128.0/17 maxlen: 24
212.48.240.0/20 maxlen: 24
37.220.192.0/18 maxlen: 24
212.96.32.0/19 maxlen: 24
5.63.192.0/18 maxlen: 24
213.222.128.0/18 maxlen: 24
5.206.128.0/18 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 17:12:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:09:28:95:bd:7e:60:a5:aa:8a:c5:66:0c:be:20:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df0198a7b3afdcdd7003562a0871878e238760ad
Validity
Not Before: Jan 8 12:25:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73384daf1f67fa503bfa03709bfdcda023594089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e7:53:7b:f4:23:90:ce:63:64:cf:76:b7:58:
28:e6:a3:fd:c0:52:60:8c:9b:4e:e4:fd:18:cb:44:
3d:60:09:d8:56:46:7f:ba:8a:ba:ba:de:15:45:9c:
96:a9:82:77:49:56:c4:db:13:9d:77:f7:d0:a7:d1:
3f:50:f9:f8:13:f7:8b:dd:1c:d0:39:00:31:75:ff:
01:15:5a:28:be:97:63:c3:d7:49:27:63:a2:04:72:
a5:1f:9a:9d:da:a2:98:2d:07:2f:09:6c:fa:fc:3a:
0c:f3:c7:c0:8a:af:b0:a6:53:2a:59:72:b3:40:37:
4d:ff:fd:ad:3d:1b:be:94:f5:7e:af:4b:8b:f1:61:
de:1f:3e:cc:ce:4b:77:f8:10:e4:93:03:1a:9c:4a:
15:33:3e:ce:f6:43:83:7c:4e:a9:69:f5:c9:3e:0d:
bc:9b:0b:96:49:0c:73:3b:11:26:a6:e6:78:0e:94:
ed:23:f7:41:3b:a2:8e:6c:be:0a:2a:a4:28:45:01:
ee:61:8f:cf:3d:58:ef:6b:63:d7:37:56:5c:79:7e:
87:b0:fb:04:26:59:a7:5d:0d:79:34:31:41:40:45:
2a:93:46:3c:56:a5:67:e9:21:8b:06:a2:53:c1:f2:
9d:ef:83:7c:b2:0e:01:e8:0c:0f:cb:71:25:de:60:
3e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:38:4D:AF:1F:67:FA:50:3B:FA:03:70:9B:FD:CD:A0:23:59:40:89
X509v3 Authority Key Identifier:
keyid:DF:01:98:A7:B3:AF:DC:DD:70:03:56:2A:08:71:87:8E:23:87:60:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/czhNrx9n-lA7-gNwm_3NoCNZQIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/d3fca6-ecb5-43aa-8c9d-0fcc6c3011fc/1/3wGYp7Ov3N1wA1YqCHGHjiOHYK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.192.0/18
5.206.128.0/18
37.220.192.0/18
89.223.128.0/17
94.44.0.0/16
195.184.160.0/19
212.48.240.0/20
212.96.32.0/19
213.222.128.0/18
Signature Algorithm: sha256WithRSAEncryption
c7:b8:fb:fa:86:f3:b8:55:8c:3a:f7:c4:96:bd:c1:70:d0:5e:
32:8d:d9:cb:9b:ef:fb:05:01:ad:2d:4a:ed:4c:7e:00:2a:bd:
4e:40:e1:4e:4d:7d:bc:0c:46:4b:fe:12:4d:c1:db:ad:45:04:
23:8d:80:b4:a3:4f:6d:81:78:e6:10:2c:97:a2:bb:37:22:28:
ce:6b:89:3c:97:a7:a2:17:5b:6e:aa:81:69:c9:7a:89:d6:b3:
ca:cb:fd:31:93:5c:28:13:c1:1d:f5:91:e9:a0:6e:b7:f4:63:
50:60:a8:31:0e:9d:34:b2:f1:f7:0d:a1:d9:7f:96:d7:8b:4b:
de:75:73:cd:9e:96:b4:02:37:1b:6a:24:54:4c:21:e9:55:3f:
6c:95:f2:db:95:a5:79:16:68:10:fe:78:3a:f1:f1:67:c7:73:
6a:21:59:d6:22:a3:5e:c6:2b:8a:45:87:5a:b1:e9:8d:c4:a6:
cd:36:49:b2:15:89:6c:4c:80:c4:00:13:d7:9d:86:38:6c:1a:
f0:5d:eb:47:3a:9b:5e:dc:1c:36:92:f2:18:93:3b:07:ca:ce:
88:7e:63:56:23:5a:48:26:95:6c:d9:61:99:f0:ea:5f:7d:ad:
53:e5:3b:05:a6:79:66:34:56:02:6d:5b:f9:e8:4e:64:2a:2a:
e2:02:e2:73
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYzpCSiVvX5gpaqKxWYMviCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmMDE5OGE3YjNhZmRjZGQ3MDAzNTYyYTA4NzE4NzhlMjM4
NzYwYWQwHhcNMjQwMTA4MTIyNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM4NGRhZjFmNjdmYTUwM2JmYTAzNzA5YmZkY2RhMDIzNTk0MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OdTe/QjkM5jZM92t1go5qP9wFJg
jJtO5P0Yy0Q9YAnYVkZ/uoq6ut4VRZyWqYJ3SVbE2xOdd/fQp9E/UPn4E/eL3RzQ
OQAxdf8BFVoovpdjw9dJJ2OiBHKlH5qd2qKYLQcvCWz6/DoM88fAiq+wplMqWXKz
QDdN//2tPRu+lPV+r0uL8WHeHz7Mzkt3+BDkkwManEoVMz7O9kODfE6pafXJPg28
mwuWSQxzOxEmpuZ4DpTtI/dBO6KObL4KKqQoRQHuYY/PPVjva2PXN1ZceX6HsPsE
JlmnXQ15NDFBQEUqk0Y8VqVn6SGLBqJTwfKd74N8sg4B6AwPy3El3mA+YwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHM4Ta8fZ/pQO/oDcJv9zaAjWUCJMB8GA1UdIwQY
MBaAFN8BmKezr9zdcANWKghxh44jh2CtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQt
MGZjYzZjMzAxMWZjLzEvY3poTnJ4OW4tbEE3LWdOd21fM05vQ05aUUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9kM2ZjYTYtZWNiNS00M2FhLThjOWQtMGZjYzZjMzAxMWZj
LzEvM3dHWXA3T3YzTjF3QTFZcUNIR0hqaU9IWUswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQGBT/AAwQG
Bc6AAwQGJdzAAwQHWd+AAwMAXiwDBAXDuKADBATUMPADBAXUYCADBAbV3oAwDQYJ
KoZIhvcNAQELBQADggEBAMe4+/qG87hVjDr3xJa9wXDQXjKN2cub7/sFAa0tSu1M
fgAqvU5A4U5NfbwMRkv+Ek3B261FBCONgLSjT22BeOYQLJeiuzciKM5riTyXp6IX
W26qgWnJeonWs8rL/TGTXCgTwR31kemgbrf0Y1BgqDEOnTSy8fcNodl/lteLS951
c82elrQCNxtqJFRMIelVP2yV8tuVpXkWaBD+eDrx8WfHc2ohWdYio17GK4pFh1qx
6Y3Eps02SbIViWxMgMQAE9edhjhsGvBd60c6m17cHDaS8hiTOwfKzoh+Y1YjWkgm
lWzZYZnw6l99rVPlOwWmeWY0VgJtW/noTmQqKuIC4nM=
-----END CERTIFICATE-----
Generated at Mon Jan 8 20:35:26 2024 by rpki-client on console-ams.rpki-client.org