Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/CGfM9hlGONI35zDyidV8bLQXcjA.roa
File: CGfM9hlGONI35zDyidV8bLQXcjA.roa (raw, json)
Hash identifier: hWduV6OWJBD43WUyPHYmasXYC21OtQkfDoqx+lvfwhQ=
Subject key identifier: 08:67:CC:F6:19:46:38:D2:37:E7:30:F2:89:D5:7C:6C:B4:17:72:30
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 018FAFE1CF38C81FAE4CC3A08B0176AF4AEF
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/CGfM9hlGONI35zDyidV8bLQXcjA.roa
Signing time: Sat 25 May 2024 13:12:42 +0000
ROA not before: Sat 25 May 2024 13:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.84.112.0/23 maxlen: 24
45.84.114.0/23 maxlen: 24
185.74.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Jun 2024 21:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:af:e1:cf:38:c8:1f:ae:4c:c3:a0:8b:01:76:af:4a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: May 25 13:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0867ccf6194638d237e730f289d57c6cb4177230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:dc:df:8e:32:f5:83:7d:55:ba:1d:2d:eb:0a:
78:1d:95:f3:77:5b:ef:b3:5f:6e:da:bd:c0:ea:f3:
e7:a7:30:e9:04:57:47:e6:c8:cd:e9:dd:b6:ff:c9:
c6:7b:2b:dc:99:5f:e5:e5:ac:9e:ca:2c:75:97:6e:
89:f6:39:d0:3d:12:e4:29:a5:43:92:37:69:db:85:
94:3b:bd:e5:df:b0:73:57:9a:48:08:91:f7:94:22:
27:b8:ea:3e:1b:20:fe:a1:23:89:7a:af:ee:10:ef:
9c:0b:a9:dc:49:cd:a7:aa:60:55:2f:7f:b3:bb:f2:
c5:fb:20:dc:2c:ae:70:07:a9:50:0a:b9:7f:62:63:
46:16:af:8f:7e:d7:07:24:52:49:27:f2:b2:b0:47:
60:a8:7b:47:41:47:6c:84:79:58:42:6c:36:61:3c:
b9:91:b9:25:93:61:61:27:8e:11:a2:34:ba:1a:c5:
51:de:5d:99:25:ad:46:81:7c:83:a3:c0:d0:42:73:
b3:3e:71:86:36:7e:c0:89:bf:c2:4f:fc:05:b9:e3:
2a:94:c0:47:29:8e:fe:4e:7d:ce:d4:0b:05:86:e3:
c1:d3:ee:f7:45:04:62:37:9b:f6:67:b7:32:ab:b2:
24:eb:be:91:d7:8f:76:10:fa:6c:37:8d:fe:5f:10:
54:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:67:CC:F6:19:46:38:D2:37:E7:30:F2:89:D5:7C:6C:B4:17:72:30
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/CGfM9hlGONI35zDyidV8bLQXcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.112.0/22
185.74.54.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:68:d9:71:be:ca:9b:94:ea:e1:81:54:16:81:6c:c2:d3:17:
ea:9c:4c:9d:2a:9f:e6:8b:6d:e3:ac:40:55:00:ac:6b:77:ea:
eb:eb:f6:40:c8:3c:c8:d5:0d:b4:75:65:79:d3:31:da:89:cc:
8c:1d:fc:ac:19:1e:fa:8b:0c:e9:b8:c5:15:2b:75:e8:32:d6:
46:90:99:74:5f:1c:d0:66:bc:72:c6:31:21:1f:fd:af:39:5a:
58:51:42:02:9a:e2:b5:9b:a5:ab:72:aa:3c:66:d9:ca:cc:5a:
6b:6f:cc:30:78:eb:ae:d1:80:6a:12:3a:46:c0:22:d9:06:2e:
ce:91:a1:09:fd:0c:0d:53:a9:95:35:e3:73:92:82:59:5d:16:
e7:df:86:ea:c9:64:20:a4:19:5d:70:8e:50:6a:2d:f1:ca:99:
29:2b:f5:30:ba:98:ea:66:d5:04:d9:c8:75:32:a6:68:e3:a3:
d4:01:6b:6f:8c:da:c5:92:be:1b:3a:d1:c1:9c:3b:b3:d0:4e:
89:cc:a7:86:b1:73:57:cb:e5:9a:a8:67:6b:6e:10:96:7b:b5:
ff:b1:fb:39:04:69:23:0a:dd:33:80:64:0d:9d:da:c4:0e:cd:
cf:18:63:17:14:1a:b3:cb:f7:92:7f:13:3a:09:f9:62:51:4c:
f8:a4:7c:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+v4c84yB+uTMOgiwF2r0rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmY4OTE5ZTZiYzFlZjU2NjM0ODkwMThmYzg3NWJlMzRj
MGYyNGMwHhcNMjQwNTI1MTMxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODY3Y2NmNjE5NDYzOGQyMzdlNzMwZjI4OWQ1N2M2Y2I0MTc3MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudzfjjL1g31Vuh0t6wp4HZXzd1vv
s19u2r3A6vPnpzDpBFdH5sjN6d22/8nGeyvcmV/l5ayeyix1l26J9jnQPRLkKaVD
kjdp24WUO73l37BzV5pICJH3lCInuOo+GyD+oSOJeq/uEO+cC6ncSc2nqmBVL3+z
u/LF+yDcLK5wB6lQCrl/YmNGFq+PftcHJFJJJ/KysEdgqHtHQUdshHlYQmw2YTy5
kbklk2FhJ44RojS6GsVR3l2ZJa1GgXyDo8DQQnOzPnGGNn7Aib/CT/wFueMqlMBH
KY7+Tn3O1AsFhuPB0+73RQRiN5v2Z7cyq7Ik676R1492EPpsN43+XxBUaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAhnzPYZRjjSN+cw8onVfGy0F3IwMB8GA1UdIwQY
MBaAFDUviRnmvB71ZjSJAY/Idb40wPJMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAt
ZTNmY2IyM2UzNDM4LzEvQ0dmTTlobEdPTkkzNXpEeWlkVjhiTFFYY2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9jZjk0M2QtYzkyMS00ZWY3LTlhYTAtZTNmY2IyM2UzNDM4
LzEvTlMtSkdlYThIdlZtTklrQmo4aDF2alRBOGt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVRwAwQB
uUo2MA0GCSqGSIb3DQEBCwUAA4IBAQBeaNlxvsqblOrhgVQWgWzC0xfqnEydKp/m
i23jrEBVAKxrd+rr6/ZAyDzI1Q20dWV50zHaicyMHfysGR76iwzpuMUVK3XoMtZG
kJl0XxzQZrxyxjEhH/2vOVpYUUICmuK1m6Wrcqo8ZtnKzFprb8wweOuu0YBqEjpG
wCLZBi7OkaEJ/QwNU6mVNeNzkoJZXRbn34bqyWQgpBldcI5Qai3xypkpK/Uwupjq
ZtUE2ch1MqZo46PUAWtvjNrFkr4bOtHBnDuz0E6JzKeGsXNXy+WaqGdrbhCWe7X/
sfs5BGkjCt0zgGQNndrEDs3PGGMXFBqzy/eSfxM6CfliUUz4pHwy
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:26 2024 by rpki-client on console-ams.rpki-client.org