Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cPfWcmoXJwwGHnvflIRp5j21Rng.roa
File: cPfWcmoXJwwGHnvflIRp5j21Rng.roa (raw, json)
Hash identifier: 9Ne7+3P0AyV0Yb2UEqXW0u7STpR6Dqmq/AuPrvZatQo=
Subject key identifier: 70:F7:D6:72:6A:17:27:0C:06:1E:7B:DF:94:84:69:E6:3D:B5:46:78
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01936DB098CE7EB105DE0037D74C2E7DDA07
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cPfWcmoXJwwGHnvflIRp5j21Rng.roa
Signing time: Wed 27 Nov 2024 12:55:10 +0000
ROA not before: Wed 27 Nov 2024 12:55:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 194.143.203.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.19.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Nov 2024 07:20:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:b0:98:ce:7e:b1:05:de:00:37:d7:4c:2e:7d:da:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Nov 27 12:55:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70f7d6726a17270c061e7bdf948469e63db54678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:77:32:19:a3:6b:58:b1:a8:f7:7b:61:13:
b7:1a:b2:b5:e1:d8:b2:cb:2f:d3:9e:87:96:b1:56:
dd:2a:79:32:63:82:71:c6:c6:89:64:b3:6d:f7:ae:
c0:6b:25:90:db:21:ab:ba:00:1c:d2:07:d8:d8:3d:
c7:28:bb:51:3e:7e:0b:05:a2:53:d1:d7:a5:77:f3:
2e:97:57:8f:20:84:87:bb:91:90:7b:a8:7f:40:eb:
22:5c:af:54:20:eb:91:4d:5a:36:ea:b2:69:db:a5:
9c:a1:23:2b:13:fd:07:b0:b7:5e:bb:4c:86:c2:f6:
bf:35:b8:f7:45:9d:8d:bc:a3:29:23:52:bb:11:60:
52:68:a7:79:32:4b:f1:c2:a6:96:01:35:3b:74:b7:
e7:af:2d:b1:d9:0b:ef:4d:67:cc:5b:7b:0f:8e:a8:
e5:23:50:f2:ad:6c:af:0b:80:c9:da:36:85:05:da:
65:b9:40:b3:7e:9a:fb:55:c8:ce:88:9f:90:ce:7f:
e3:2f:80:07:89:ba:3a:77:f1:6a:3b:19:ff:36:85:
f6:00:3d:2c:fc:91:c4:b0:75:77:72:43:c3:f9:13:
a7:c6:6b:df:1e:52:25:42:fb:a2:c2:4f:89:e1:b5:
5a:c1:23:1b:3e:1e:ed:18:31:6a:5f:d1:98:4e:1e:
7d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:F7:D6:72:6A:17:27:0C:06:1E:7B:DF:94:84:69:E6:3D:B5:46:78
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/cPfWcmoXJwwGHnvflIRp5j21Rng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.203.0/24
194.143.221.0/24
195.114.198.0/24
213.220.19.0/24
213.220.60.0/24
Signature Algorithm: sha256WithRSAEncryption
78:96:5e:28:a7:31:ca:07:2e:31:c3:07:16:a5:59:9f:72:47:
30:53:16:83:0b:39:71:56:4c:66:1a:17:06:e9:ef:34:ce:f4:
c9:c4:3c:9a:64:a1:8c:89:47:39:d7:9a:7a:dc:c6:95:b3:ba:
92:6c:e1:08:18:98:8e:a5:b5:b4:35:a9:4e:81:8f:d9:a0:49:
c8:b1:8b:41:55:43:4d:66:a7:8e:2f:f6:6e:cb:4b:8b:89:88:
59:7d:03:a0:9d:39:ee:37:a1:69:ad:e6:a2:96:cd:5f:fd:98:
47:1d:e7:ec:c5:e2:c1:1d:2b:a6:f3:c7:7b:a4:aa:51:0e:6f:
63:fb:3f:5c:af:2a:9c:38:c3:7c:fa:f2:d1:30:bd:d0:1e:2c:
77:d7:15:8f:4d:e1:59:1b:5a:ad:05:4f:33:54:eb:de:9a:b2:
6f:eb:c4:9c:b2:7c:73:05:2c:ad:07:17:01:68:d5:35:4a:93:
5e:30:10:9c:b9:4a:11:e0:6d:6b:a9:d4:8c:69:d7:b8:87:e8:
ff:66:7a:9d:b7:92:0c:59:22:6f:7e:af:73:be:6e:c2:d4:c0:
bf:03:b9:09:db:2c:7c:db:4b:45:a7:1d:40:c1:83:93:7d:59:
fe:bd:c9:64:c7:0e:2e:65:41:56:10:22:92:bf:8c:df:82:1f:
d1:e1:5f:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZNtsJjOfrEF3gA310wufdoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMTI3MTI1NTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGY3ZDY3MjZhMTcyNzBjMDYxZTdiZGY5NDg0NjllNjNkYjU0Njc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTN3Mhmja1ixqPd7YRO3GrK14diy
yy/TnoeWsVbdKnkyY4JxxsaJZLNt967AayWQ2yGrugAc0gfY2D3HKLtRPn4LBaJT
0deld/Mul1ePIISHu5GQe6h/QOsiXK9UIOuRTVo26rJp26WcoSMrE/0HsLdeu0yG
wva/Nbj3RZ2NvKMpI1K7EWBSaKd5MkvxwqaWATU7dLfnry2x2QvvTWfMW3sPjqjl
I1DyrWyvC4DJ2jaFBdpluUCzfpr7VcjOiJ+Qzn/jL4AHibo6d/FqOxn/NoX2AD0s
/JHEsHV3ckPD+ROnxmvfHlIlQvuiwk+J4bVawSMbPh7tGDFqX9GYTh59wQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHD31nJqFycMBh5735SEaeY9tUZ4MB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvY1BmV2Ntb1hKd3dHSG52ZmxJUnA1ajIxUm5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwo/LAwQA
wo/dAwQAw3LGAwQA1dwTAwQA1dw8MA0GCSqGSIb3DQEBCwUAA4IBAQB4ll4opzHK
By4xwwcWpVmfckcwUxaDCzlxVkxmGhcG6e80zvTJxDyaZKGMiUc515p63MaVs7qS
bOEIGJiOpbW0NalOgY/ZoEnIsYtBVUNNZqeOL/Zuy0uLiYhZfQOgnTnuN6Fpreai
ls1f/ZhHHefsxeLBHSum88d7pKpRDm9j+z9cryqcOMN8+vLRML3QHix31xWPTeFZ
G1qtBU8zVOvemrJv68ScsnxzBSytBxcBaNU1SpNeMBCcuUoR4G1rqdSMade4h+j/
Znqdt5IMWSJvfq9zvm7C1MC/A7kJ2yx820tFpx1AwYOTfVn+vclkxw4uZUFWECKS
v4zfgh/R4V8Q
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:14:20 2025 by rpki-client