Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Cjfym85DAsKIId9nyLSTv-uqXt4.roa
File: Cjfym85DAsKIId9nyLSTv-uqXt4.roa (raw, json)
Hash identifier: beKXNnlwe5vfEy9jajKN8F6VjtHrqbGVWD2mQQONXoY=
Subject key identifier: 0A:37:F2:9B:CE:43:02:C2:88:21:DF:67:C8:B4:93:BF:EB:AA:5E:DE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0191BC4E9634B1BDCA21F7C991B59119AA35
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Cjfym85DAsKIId9nyLSTv-uqXt4.roa
Signing time: Wed 04 Sep 2024 09:12:32 +0000
ROA not before: Wed 04 Sep 2024 09:12:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214927
IP address blocks: 185.106.92.0/24 maxlen: 24
193.124.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 14:43:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:4e:96:34:b1:bd:ca:21:f7:c9:91:b5:91:19:aa:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 4 09:12:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a37f29bce4302c28821df67c8b493bfebaa5ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:52:2d:48:36:b0:7e:e2:4f:63:80:77:24:
13:46:f7:a2:10:2a:7a:b2:3f:bd:6f:88:fd:85:83:
7e:0a:d5:d5:5f:8d:37:df:cf:ad:2d:ba:9d:76:bf:
21:03:30:3a:e6:6b:89:ae:e9:05:fb:55:e8:99:63:
56:35:95:2a:65:a3:f9:fd:5a:a5:f2:7a:4e:8e:64:
9d:9a:b1:1f:6a:90:c6:be:1e:09:e2:34:d2:ad:0c:
a4:31:76:1f:e6:aa:47:46:0d:e9:49:48:e8:95:fd:
df:dc:d9:b7:b1:90:37:87:a3:69:6c:b6:b2:90:fb:
0e:b8:f4:c9:11:d5:cb:ce:d9:3b:62:15:84:95:38:
6f:e2:ce:a9:4d:d9:d5:6c:45:65:08:f0:c3:85:d5:
a2:00:df:0d:b1:f6:a7:7e:91:21:c3:eb:16:e7:a0:
a7:b3:3c:f2:c8:bc:aa:13:2c:72:fa:af:56:bf:90:
87:38:aa:ad:c6:fa:92:bb:0c:6c:54:1d:02:06:cc:
68:c1:74:f2:0a:b7:5a:5e:cc:1b:f9:a9:79:fa:30:
20:59:c9:f7:ac:0a:a4:44:04:73:b0:a3:24:b6:a7:
78:74:01:91:d9:78:f2:0b:03:31:99:58:f0:42:61:
70:a3:3f:57:11:03:99:89:c3:b0:6c:2c:03:fd:08:
17:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:37:F2:9B:CE:43:02:C2:88:21:DF:67:C8:B4:93:BF:EB:AA:5E:DE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Cjfym85DAsKIId9nyLSTv-uqXt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.92.0/24
193.124.185.0/24
Signature Algorithm: sha256WithRSAEncryption
18:de:da:b5:36:b7:04:6c:c4:66:08:e4:9f:1f:d3:0e:34:01:
3a:3d:a1:8d:f1:ee:21:ab:8d:d3:d7:16:a3:be:a4:9d:92:1e:
64:1f:d0:2e:a8:2d:3b:a1:52:c2:f2:03:ef:6c:18:a5:83:43:
d2:95:7c:70:7b:a6:c5:10:3e:8f:1d:4b:fa:46:aa:0f:a8:2e:
1b:8e:fa:3c:eb:a6:b3:67:66:81:97:49:be:ed:fa:eb:10:1e:
ea:4b:2a:58:b1:eb:23:32:32:7a:30:ca:e5:c0:4b:4f:f7:fa:
5a:7b:a6:27:00:bc:6a:75:2d:21:57:41:d7:7f:ce:09:2c:47:
4b:62:cf:b5:4a:23:3c:8c:e0:43:fe:9c:16:9b:7f:de:e1:5b:
4a:59:1d:73:2e:75:c1:5b:97:3b:3f:ee:71:0b:18:e5:1b:59:
9f:38:50:04:1d:8f:bc:29:5e:65:6f:f5:03:08:ae:ad:28:41:
a9:a6:33:40:9a:5e:ef:45:7f:14:17:62:04:92:5e:b5:f7:9b:
d1:b4:64:9e:86:df:78:02:60:02:10:d9:f5:e9:91:dc:fd:fb:
8d:8b:d3:40:ed:55:9f:aa:51:2c:25:ee:22:cd:21:c3:2e:a2:
f9:2d:c8:60:c4:81:c8:67:97:69:fe:c0:48:59:74:6b:ee:92:
34:b8:b9:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG8TpY0sb3KIffJkbWRGao1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwOTA0MDkxMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM3ZjI5YmNlNDMwMmMyODgyMWRmNjdjOGI0OTNiZmViYWE1ZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRSLUg2sH7iT2OAdyQTRveiECp6
sj+9b4j9hYN+CtXVX40338+tLbqddr8hAzA65muJrukF+1XomWNWNZUqZaP5/Vql
8npOjmSdmrEfapDGvh4J4jTSrQykMXYf5qpHRg3pSUjolf3f3Nm3sZA3h6NpbLay
kPsOuPTJEdXLztk7YhWElThv4s6pTdnVbEVlCPDDhdWiAN8NsfanfpEhw+sW56Cn
szzyyLyqEyxy+q9Wv5CHOKqtxvqSuwxsVB0CBsxowXTyCrdaXswb+al5+jAgWcn3
rAqkRARzsKMktqd4dAGR2XjyCwMxmVjwQmFwoz9XEQOZicOwbCwD/QgXywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAo38pvOQwLCiCHfZ8i0k7/rql7eMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvQ2pmeW04NURBc0tJSWQ5bnlMU1R2LXVxWHQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWpcAwQA
wXy5MA0GCSqGSIb3DQEBCwUAA4IBAQAY3tq1NrcEbMRmCOSfH9MONAE6PaGN8e4h
q43T1xajvqSdkh5kH9AuqC07oVLC8gPvbBilg0PSlXxwe6bFED6PHUv6RqoPqC4b
jvo866azZ2aBl0m+7frrEB7qSypYsesjMjJ6MMrlwEtP9/pae6YnALxqdS0hV0HX
f84JLEdLYs+1SiM8jOBD/pwWm3/e4VtKWR1zLnXBW5c7P+5xCxjlG1mfOFAEHY+8
KV5lb/UDCK6tKEGppjNAml7vRX8UF2IEkl6195vRtGSeht94AmACENn16ZHc/fuN
i9NA7VWfqlEsJe4izSHDLqL5LchgxIHIZ5dp/sBIWXRr7pI0uLmh
-----END CERTIFICATE-----
Generated at Tue Sep 10 18:29:07 2024 by rpki-client on console-ams.rpki-client.org