Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/cmyFBvTaswmWj5J8pUfGFkZQgs8.roa
File: cmyFBvTaswmWj5J8pUfGFkZQgs8.roa (raw, json)
Hash identifier: Dv5rINUy3l6dQRZ7YbL4y8fdKrAPeSqIEM8QTFmWIxY=
Subject key identifier: 72:6C:85:06:F4:DA:B3:09:96:8F:92:7C:A5:47:C6:16:46:50:82:CF
Certificate issuer: /CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Certificate serial: 018CC5DBEB48E56AC81A41769E32B2AD44A3
Authority key identifier: F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/cmyFBvTaswmWj5J8pUfGFkZQgs8.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31726
IP address blocks: 94.139.64.0/19 maxlen: 19
185.211.72.0/22 maxlen: 22
31.204.72.0/21 maxlen: 21
109.109.64.0/19 maxlen: 19
2a00:1680::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:eb:48:e5:6a:c8:1a:41:76:9e:32:b2:ad:44:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69f8bcf2a2ec10f9e4b6302e1b3509f3d0336ee
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=726c8506f4dab309968f927ca547c616465082cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:71:fd:3f:8c:b1:8c:b2:7b:78:4d:44:5c:2e:
a8:5c:b8:e5:2a:51:dc:0f:38:19:01:db:67:f4:f2:
ee:c0:77:3c:eb:0d:bb:62:88:52:82:0f:a7:f4:1e:
5b:c5:e4:2e:d0:26:e6:3c:07:3e:0e:01:f0:ab:37:
b2:d2:90:2e:04:3e:7c:ba:ec:9b:b4:5a:d5:aa:34:
9e:67:09:66:5d:ea:2a:76:f6:7d:aa:ef:1f:5a:02:
0c:5d:b5:ac:65:36:a4:aa:22:bc:82:08:12:9b:0a:
9c:bb:04:b0:70:ac:8e:95:99:2a:e8:ec:f8:12:f2:
30:95:2c:3a:40:83:43:e9:38:a8:9b:6d:0c:7d:d8:
26:8f:cb:21:cd:71:b5:e9:82:99:30:d2:04:c7:b4:
5c:68:81:ac:17:a7:34:a9:81:0f:b8:e0:2a:75:d8:
ef:50:30:3e:14:8e:dc:99:96:f1:4a:f8:a2:00:49:
dd:db:72:96:f2:b7:04:f6:92:3d:ad:4a:52:6b:6a:
60:18:b4:b4:23:16:75:8d:fb:c2:1e:6c:3b:f7:c4:
60:31:45:7c:a9:5e:48:b4:c2:bb:4a:7f:57:b6:be:
5d:96:c7:b4:80:42:be:d9:99:6a:78:2c:52:92:ad:
d3:30:8e:5a:a1:f1:22:9a:48:39:92:1c:27:fb:1b:
6f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6C:85:06:F4:DA:B3:09:96:8F:92:7C:A5:47:C6:16:46:50:82:CF
X509v3 Authority Key Identifier:
keyid:F6:9F:8B:CF:2A:2E:C1:0F:9E:4B:63:02:E1:B3:50:9F:3D:03:36:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9p-LzyouwQ-eS2MC4bNQnz0DNu4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/cmyFBvTaswmWj5J8pUfGFkZQgs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c8ba1-8407-4c2a-912a-00a7704774e1/1/9p-LzyouwQ-eS2MC4bNQnz0DNu4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.72.0/21
94.139.64.0/19
109.109.64.0/19
185.211.72.0/22
IPv6:
2a00:1680::/32
Signature Algorithm: sha256WithRSAEncryption
32:64:87:4e:c1:55:33:98:03:36:27:50:13:82:e4:1e:35:b1:
48:64:5a:4f:d5:4f:1c:b0:31:28:59:6a:b7:80:51:44:cd:1a:
86:1f:cf:46:ec:6e:c8:74:57:9b:12:9a:ec:71:59:ea:b0:54:
b2:a5:1c:2e:a9:12:ac:ab:36:93:2a:56:d8:bd:71:70:35:fe:
db:db:05:33:6e:6d:94:b7:95:95:60:cc:89:e2:1e:8c:a0:64:
7e:2c:30:db:de:7d:03:79:07:ed:5a:57:7d:c6:b7:c2:d6:66:
5e:6c:27:be:b3:d3:9c:c8:b2:b3:ee:7f:96:bf:e7:0a:bf:68:
61:25:d0:c6:b2:02:f4:e6:09:c1:c9:cf:ad:96:a2:8c:7b:8c:
a7:91:bb:36:a2:61:a4:24:a2:69:86:38:f4:ca:83:a5:3c:0e:
41:1f:0f:24:0e:6f:4f:bf:a5:19:6b:9c:9f:27:3f:06:b9:c9:
b4:9e:f5:aa:5b:fe:87:94:72:17:af:9c:71:d1:6d:64:f4:49:
9f:3b:5a:f6:79:07:18:cb:22:ec:b1:54:db:91:9f:21:e0:5d:
f6:06:93:ae:03:d3:6b:f3:3e:48:27:00:70:1a:a7:a3:04:fd:
af:5f:ff:61:dc:f1:aa:10:f4:7e:d1:78:e7:fc:9f:cc:ac:b2:
11:5b:d3:6d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzF2+tI5WrIGkF2njKyrUSjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OWY4YmNmMmEyZWMxMGY5ZTRiNjMwMmUxYjM1MDlmM2Qw
MzM2ZWUwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZjODUwNmY0ZGFiMzA5OTY4ZjkyN2NhNTQ3YzYxNjQ2NTA4MmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHH9P4yxjLJ7eE1EXC6oXLjlKlHc
DzgZAdtn9PLuwHc86w27YohSgg+n9B5bxeQu0CbmPAc+DgHwqzey0pAuBD58uuyb
tFrVqjSeZwlmXeoqdvZ9qu8fWgIMXbWsZTakqiK8gggSmwqcuwSwcKyOlZkq6Oz4
EvIwlSw6QIND6Tiom20Mfdgmj8shzXG16YKZMNIEx7RcaIGsF6c0qYEPuOAqddjv
UDA+FI7cmZbxSviiAEnd23KW8rcE9pI9rUpSa2pgGLS0IxZ1jfvCHmw798RgMUV8
qV5ItMK7Sn9Xtr5dlse0gEK+2ZlqeCxSkq3TMI5aofEimkg5khwn+xtvEwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHJshQb02rMJlo+SfKVHxhZGUILPMB8GA1UdIwQY
MBaAFPafi88qLsEPnktjAuGzUJ89AzbuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEt
MDBhNzcwNDc3NGUxLzEvY215RkJ2VGFzd21XajVKOHBVZkdGa1pRZ3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YzhiYTEtODQwNy00YzJhLTkxMmEtMDBhNzcwNDc3NGUx
LzEvOXAtTHp5b3V3US1lUzJNQzRiTlFuejBETnU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDH8xIAwQF
XotAAwQFbW1AAwQCudNIMA0EAgACMAcDBQAqABaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAyZIdOwVUzmAM2J1ATguQeNbFIZFpP1U8csDEoWWq3gFFEzRqGH89G7G7IdFeb
EprscVnqsFSypRwuqRKsqzaTKlbYvXFwNf7b2wUzbm2Ut5WVYMyJ4h6MoGR+LDDb
3n0DeQftWld9xrfC1mZebCe+s9OcyLKz7n+Wv+cKv2hhJdDGsgL05gnByc+tlqKM
e4ynkbs2omGkJKJphjj0yoOlPA5BHw8kDm9Pv6UZa5yfJz8Gucm0nvWqW/6HlHIX
r5xx0W1k9EmfO1r2eQcYyyLssVTbkZ8h4F32BpOuA9Nr8z5IJwBwGqejBP2vX/9h
3PGqEPR+0Xjn/J/MrLIRW9Nt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:44 2025 by rpki-client