Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/cfJj-s07jBKxBPVIYvmD-Y864vk.roa
File: cfJj-s07jBKxBPVIYvmD-Y864vk.roa (raw, json)
Hash identifier: 1TZJG2CQFYY8gFtXOwv7TI45fIsHWcmoJFtVjLvJHmA=
Subject key identifier: 71:F2:63:FA:CD:3B:8C:12:B1:04:F5:48:62:F9:83:F9:8F:3A:E2:F9
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 01869D169AA7F89AAA4221AF4CEDC03DFF3A
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/cfJj-s07jBKxBPVIYvmD-Y864vk.roa
Signing time: Wed 01 Mar 2023 12:12:29 +0000
ROA not before: Wed 01 Mar 2023 12:12:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204063
IP address blocks: 5.1.64.0/21 maxlen: 32
94.247.47.0/24 maxlen: 32
185.90.161.0/24 maxlen: 32
185.90.160.0/24 maxlen: 32
185.90.163.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9d:16:9a:a7:f8:9a:aa:42:21:af:4c:ed:c0:3d:ff:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Mar 1 12:12:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71f263facd3b8c12b104f54862f983f98f3ae2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:5b:af:82:b4:dc:8b:e8:3b:d6:07:29:8c:
4d:16:ac:4e:01:f1:ce:c2:1a:d9:72:00:07:36:11:
03:a1:56:aa:96:65:e1:fd:45:b3:9d:d0:4b:07:2d:
3a:99:2c:e7:de:fc:2b:25:1a:fb:81:75:09:52:78:
18:42:9d:ac:15:43:3f:e8:9a:5f:1f:84:ef:6a:26:
fb:14:a5:13:50:af:ab:5f:e8:6f:e2:e7:f5:75:a0:
ab:04:de:da:cf:54:e6:28:8a:6d:52:9f:ed:5e:0d:
8a:44:28:b2:ba:c8:85:da:89:b2:f4:e3:9b:42:96:
7f:88:0b:90:f7:14:30:cf:d7:d0:f2:fe:b4:8f:68:
b1:dd:29:65:1d:05:de:3e:f0:a9:26:b2:49:d1:b6:
45:66:1c:6a:9e:67:9f:92:bd:01:79:8e:ea:92:f7:
e5:de:3d:55:eb:46:bc:bc:f3:11:38:d5:e3:39:46:
63:b9:20:03:09:d7:5d:f1:45:0f:da:1d:ba:69:f7:
21:b6:54:8d:da:72:7b:cf:67:4f:81:16:20:60:32:
a7:ed:62:08:a5:75:b6:e9:da:99:a5:f3:d1:e6:66:
03:91:9e:50:40:c4:5c:49:15:95:dc:f9:d2:02:5b:
6a:60:48:81:83:12:a1:66:80:92:82:cd:09:86:e3:
c8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:F2:63:FA:CD:3B:8C:12:B1:04:F5:48:62:F9:83:F9:8F:3A:E2:F9
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/cfJj-s07jBKxBPVIYvmD-Y864vk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/21
94.247.47.0/24
185.90.160.0/23
185.90.163.0/24
Signature Algorithm: sha256WithRSAEncryption
15:3b:33:cd:f6:28:0f:4b:c6:a1:05:98:66:bd:3c:5a:e4:0e:
f3:9a:d2:2d:00:aa:30:58:e4:e5:6f:0f:9b:c3:b9:e4:07:f9:
6f:fa:a8:61:6e:01:60:00:8c:c4:8b:38:dd:5f:fe:68:25:5f:
ce:d1:c1:2c:94:0c:61:9d:39:a3:5d:36:05:c4:a7:42:75:8d:
f9:d7:e7:04:63:d2:1b:a4:5b:0b:89:6c:e8:a3:ee:d6:14:6d:
73:f4:2b:8d:01:bd:0e:36:69:8d:14:19:5f:45:af:6b:ed:cc:
8c:42:33:59:f4:e1:b5:02:6c:d4:6d:00:da:5e:c6:2b:a1:24:
41:62:4f:10:fc:a6:50:52:cd:55:82:06:88:ed:b7:d8:6d:a3:
64:12:6a:bd:90:4d:3c:73:56:d3:e6:19:ed:28:34:d9:3b:f8:
24:0c:bd:be:7f:0e:d8:cf:57:65:93:f6:7f:4c:35:75:39:36:
bc:cc:6d:e1:9c:ad:f8:15:e6:c5:ef:54:bf:e6:38:41:48:27:
eb:c6:c6:a2:c4:1a:4c:5a:0c:18:52:3b:d0:cc:ae:6b:b5:b1:
6e:19:f0:0b:b8:3a:a4:91:1b:f6:81:fb:ba:ea:2d:8d:54:e9:
89:12:79:91:ac:1a:36:e9:28:85:70:8e:99:57:06:49:0a:17:
15:63:84:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYadFpqn+JqqQiGvTO3APf86MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMzAxMTIxMjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWYyNjNmYWNkM2I4YzEyYjEwNGY1NDg2MmY5ODNmOThmM2FlMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmttbr4K03IvoO9YHKYxNFqxOAfHO
whrZcgAHNhEDoVaqlmXh/UWzndBLBy06mSzn3vwrJRr7gXUJUngYQp2sFUM/6Jpf
H4Tvaib7FKUTUK+rX+hv4uf1daCrBN7az1TmKIptUp/tXg2KRCiyusiF2omy9OOb
QpZ/iAuQ9xQwz9fQ8v60j2ix3SllHQXePvCpJrJJ0bZFZhxqnmefkr0BeY7qkvfl
3j1V60a8vPMRONXjOUZjuSADCddd8UUP2h26afchtlSN2nJ7z2dPgRYgYDKn7WII
pXW26dqZpfPR5mYDkZ5QQMRcSRWV3PnSAltqYEiBgxKhZoCSgs0JhuPIAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHHyY/rNO4wSsQT1SGL5g/mPOuL5MB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvY2ZKai1zMDdqQkt4QlBWSVl2bUQtWTg2NHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQFAAwQA
XvcvAwQBuVqgAwQAuVqjMA0GCSqGSIb3DQEBCwUAA4IBAQAVOzPN9igPS8ahBZhm
vTxa5A7zmtItAKowWOTlbw+bw7nkB/lv+qhhbgFgAIzEizjdX/5oJV/O0cEslAxh
nTmjXTYFxKdCdY351+cEY9IbpFsLiWzoo+7WFG1z9CuNAb0ONmmNFBlfRa9r7cyM
QjNZ9OG1AmzUbQDaXsYroSRBYk8Q/KZQUs1VggaI7bfYbaNkEmq9kE08c1bT5hnt
KDTZO/gkDL2+fw7Yz1dlk/Z/TDV1OTa8zG3hnK34FebF71S/5jhBSCfrxsaixBpM
WgwYUjvQzK5rtbFuGfALuDqkkRv2gfu66i2NVOmJEnmRrBo26SiFcI6ZVwZJChcV
Y4Ra
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:28:19 2024 by rpki-client on console-fra.rpki-client.org