Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/CfEbI3ARbRkv-RgTUCfJqKf2gr8.roa
File: CfEbI3ARbRkv-RgTUCfJqKf2gr8.roa (raw, json)
Hash identifier: 9/DkgTARw7oD5uk7vIgbHxgMyg1jT+JxSqjsNzgWduM=
Subject key identifier: 09:F1:1B:23:70:11:6D:19:2F:F9:18:13:50:27:C9:A8:A7:F6:82:BF
Certificate issuer: /CN=12b9846d8f75d645ff6308ce030087a297e6b359
Certificate serial: 01856F0224B7E6FCB7A0C0306761BAF9CE19
Authority key identifier: 12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/CfEbI3ARbRkv-RgTUCfJqKf2gr8.roa
Signing time: Sun 01 Jan 2023 20:24:49 +0000
ROA not before: Sun 01 Jan 2023 20:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204389
IP address blocks: 178.218.192.0/24 maxlen: 24
185.250.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:24:b7:e6:fc:b7:a0:c0:30:67:61:ba:f9:ce:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12b9846d8f75d645ff6308ce030087a297e6b359
Validity
Not Before: Jan 1 20:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09f11b2370116d192ff918135027c9a8a7f682bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d6:99:df:52:c5:7b:84:16:33:2d:42:60:78:
92:ac:71:fc:a8:fc:3a:d4:c4:15:4d:73:f9:24:a7:
29:33:ba:dd:d4:c5:cb:b7:57:82:89:99:ea:6d:dd:
46:a5:b7:dd:73:61:3d:70:d1:dd:e3:11:57:5b:e7:
03:2b:1d:57:ba:fe:a0:0d:54:a3:69:82:ce:c7:37:
b2:31:0b:61:d6:f0:b1:93:90:15:c8:81:32:cb:84:
d7:cf:99:4c:dc:a9:2c:4d:e0:3f:61:c1:9e:78:4d:
59:8e:cc:d5:fb:08:75:37:9f:1a:13:84:58:63:fb:
f9:de:b5:83:78:20:93:fb:c3:f0:08:09:29:7e:9e:
60:1a:bd:da:54:cb:a1:6d:e3:72:f3:2a:ba:da:b3:
f6:65:52:90:67:b5:32:42:23:2e:d0:0b:7f:e1:94:
5e:d3:db:7a:2a:21:56:d2:29:53:b5:e6:21:37:73:
31:8e:7e:c2:b2:c6:f5:73:c9:ce:09:af:b9:1f:91:
81:e2:aa:f7:33:ac:29:12:b0:9e:28:bb:2b:7c:ef:
ed:22:83:cd:a8:a0:d2:6d:ae:82:e6:ea:a8:fe:4c:
b3:90:c1:64:a9:82:35:81:a1:ea:06:12:56:fd:d4:
b1:c2:2e:33:1a:5a:25:c5:0e:bd:e4:37:d1:7e:cf:
36:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F1:1B:23:70:11:6D:19:2F:F9:18:13:50:27:C9:A8:A7:F6:82:BF
X509v3 Authority Key Identifier:
keyid:12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/CfEbI3ARbRkv-RgTUCfJqKf2gr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.192.0/24
185.250.140.0/22
Signature Algorithm: sha256WithRSAEncryption
70:17:6b:30:dd:5d:d2:e6:4d:5c:6f:f0:c7:f2:80:71:72:0e:
c3:1a:ea:c6:f4:b5:74:7c:8b:29:a9:8e:ef:ff:87:c0:66:16:
81:6f:9f:89:4f:8a:bc:a7:22:0d:6b:3a:a0:04:2a:ab:a2:a8:
64:db:08:73:ec:6b:e4:06:24:96:14:ac:96:52:10:12:a0:36:
55:75:e2:45:e5:2f:ad:34:aa:dc:29:2f:78:ee:11:90:85:88:
7c:54:20:4c:20:26:5d:17:d4:b9:48:f6:04:e9:dc:6a:86:4a:
6a:08:79:ec:b1:68:71:9c:a8:5c:08:c5:0e:22:1e:ad:30:3d:
22:81:94:ca:a6:6c:f1:c5:a2:3d:02:9d:25:66:6f:56:e5:13:
d3:6b:3f:1a:93:26:44:28:c0:56:e4:da:d9:3b:9c:bc:fa:ac:
c4:b5:ee:62:d7:bc:c8:b4:bf:0a:eb:e2:61:9d:9c:63:dd:d6:
fb:76:17:e9:3d:bc:8d:94:44:8a:8c:5c:f3:60:2f:97:cb:15:
1c:fd:fb:2a:3b:af:39:e9:1c:fa:06:80:99:5b:bf:02:33:95:
cf:d8:cf:eb:29:7b:eb:87:62:60:59:30:4e:f2:69:b0:69:34:
26:75:7c:e9:50:f9:b1:92:f7:e3:1c:6a:84:33:ca:da:b3:f9:
4c:c7:26:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvAiS35vy3oMAwZ2G6+c4ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYjk4NDZkOGY3NWQ2NDVmZjYzMDhjZTAzMDA4N2EyOTdl
NmIzNTkwHhcNMjMwMTAxMjAyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWYxMWIyMzcwMTE2ZDE5MmZmOTE4MTM1MDI3YzlhOGE3ZjY4MmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdaZ31LFe4QWMy1CYHiSrHH8qPw6
1MQVTXP5JKcpM7rd1MXLt1eCiZnqbd1Gpbfdc2E9cNHd4xFXW+cDKx1Xuv6gDVSj
aYLOxzeyMQth1vCxk5AVyIEyy4TXz5lM3KksTeA/YcGeeE1ZjszV+wh1N58aE4RY
Y/v53rWDeCCT+8PwCAkpfp5gGr3aVMuhbeNy8yq62rP2ZVKQZ7UyQiMu0At/4ZRe
09t6KiFW0ilTteYhN3Mxjn7Cssb1c8nOCa+5H5GB4qr3M6wpErCeKLsrfO/tIoPN
qKDSba6C5uqo/kyzkMFkqYI1gaHqBhJW/dSxwi4zGlolxQ695DfRfs82KwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAnxGyNwEW0ZL/kYE1Anyain9oK/MB8GA1UdIwQY
MBaAFBK5hG2PddZF/2MIzgMAh6KX5rNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYt
Nzg4NTE5MzJiMjdmLzEvQ2ZFYkkzQVJiUmt2LVJnVFVDZkpxS2YyZ3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYtNzg4NTE5MzJiMjdm
LzEvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstrAAwQC
ufqMMA0GCSqGSIb3DQEBCwUAA4IBAQBwF2sw3V3S5k1cb/DH8oBxcg7DGurG9LV0
fIspqY7v/4fAZhaBb5+JT4q8pyINazqgBCqroqhk2whz7GvkBiSWFKyWUhASoDZV
deJF5S+tNKrcKS947hGQhYh8VCBMICZdF9S5SPYE6dxqhkpqCHnssWhxnKhcCMUO
Ih6tMD0igZTKpmzxxaI9Ap0lZm9W5RPTaz8akyZEKMBW5NrZO5y8+qzEte5i17zI
tL8K6+JhnZxj3db7dhfpPbyNlESKjFzzYC+XyxUc/fsqO6856Rz6BoCZW78CM5XP
2M/rKXvrh2JgWTBO8mmwaTQmdXzpUPmxkvfjHGqEM8ras/lMxyax
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:56 2024 by rpki-client on console-fra.rpki-client.org