Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/CFyngAEIXo0bVTJ_vmrSxTcgjY4.roa
File: CFyngAEIXo0bVTJ_vmrSxTcgjY4.roa (raw, json)
Hash identifier: w59y3pCf5USyWX7DVtNOs7Bx6soaMKWKYmC4H6bi170=
Subject key identifier: 08:5C:A7:80:01:08:5E:8D:1B:55:32:7F:BE:6A:D2:C5:37:20:8D:8E
Certificate issuer: /CN=bf56ba98c6745a63026d78fc284722399d2eb849
Certificate serial: 01856BA5743A8FEC21E6CA5F4FE3F8846489
Authority key identifier: BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/CFyngAEIXo0bVTJ_vmrSxTcgjY4.roa
Signing time: Sun 01 Jan 2023 04:44:43 +0000
ROA not before: Sun 01 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50959
IP address blocks: 45.15.43.0/24 maxlen: 24
2a07:4900::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:a5:74:3a:8f:ec:21:e6:ca:5f:4f:e3:f8:84:64:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf56ba98c6745a63026d78fc284722399d2eb849
Validity
Not Before: Jan 1 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085ca78001085e8d1b55327fbe6ad2c537208d8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:f1:b0:b5:4f:b6:f7:d9:4e:8e:aa:39:f3:
84:4e:de:d2:65:21:95:2a:72:1a:6f:10:d5:a6:fc:
21:61:20:f5:6d:6f:17:d2:59:a5:79:29:f0:74:2a:
b5:ba:4a:7b:22:e2:b5:30:67:23:ea:4d:64:32:93:
07:fe:a9:35:d6:e2:20:9c:81:a4:a5:f2:9e:d7:f9:
f2:9f:19:cf:9f:78:d9:44:00:ab:82:c2:2b:d8:91:
eb:e2:68:ca:9f:77:03:f3:34:46:44:18:5b:7a:4f:
1a:47:4e:bc:9d:7d:ad:bf:2f:42:c0:96:2e:de:d4:
40:58:43:34:69:ca:0e:15:54:f5:09:8f:05:e4:9f:
5d:90:a5:4f:73:22:b9:cd:da:29:41:d0:9c:48:47:
97:c6:74:fa:b0:51:bb:7f:8c:2b:78:ee:0a:32:2a:
a0:c7:f2:08:6a:2a:07:e0:3b:98:17:cd:7f:23:78:
d7:91:34:c7:ec:fc:fb:8b:ef:fc:5c:04:c1:e4:00:
fb:22:13:6b:9a:d7:d5:1f:5f:62:b3:9f:73:44:19:
26:28:0b:b0:e7:ee:81:f9:e6:96:bd:7b:9e:a2:67:
e8:1c:dd:e5:d6:0d:41:24:69:08:31:31:42:67:71:
6c:4e:40:15:21:d9:65:24:15:a6:b7:f1:71:8a:ef:
a6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:5C:A7:80:01:08:5E:8D:1B:55:32:7F:BE:6A:D2:C5:37:20:8D:8E
X509v3 Authority Key Identifier:
keyid:BF:56:BA:98:C6:74:5A:63:02:6D:78:FC:28:47:22:39:9D:2E:B8:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/CFyngAEIXo0bVTJ_vmrSxTcgjY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/3343d2-5253-4243-a01f-587fc84acefe/1/v1a6mMZ0WmMCbXj8KEciOZ0uuEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.43.0/24
IPv6:
2a07:4900::/29
Signature Algorithm: sha256WithRSAEncryption
34:9b:85:1c:0d:e3:f2:96:ec:90:2e:2f:c7:8e:81:5a:e7:0d:
03:45:85:0a:9f:2e:bf:84:ca:4b:76:d3:2a:6c:66:4b:fe:ad:
e4:7a:b1:25:fb:4b:42:f0:27:32:ea:75:a3:3b:80:63:df:e5:
c0:85:6c:52:fe:47:f6:39:24:b6:1d:bc:8b:92:3c:33:69:c2:
bd:03:4e:51:cc:e4:aa:a2:65:45:10:bf:a9:0e:20:20:d3:d5:
f0:65:dd:6e:d4:ef:cd:d6:e1:61:35:c1:f2:1e:b5:4d:1d:f6:
b4:61:fb:6c:0a:51:34:e1:80:62:be:d9:8e:a7:d3:d6:34:39:
9d:00:44:cd:1a:e6:b3:80:04:8b:61:1c:17:11:98:ea:51:39:
b0:73:fa:81:c7:99:9a:f1:8a:ab:ef:b7:6c:b9:70:9b:e6:3b:
a8:0d:a9:8c:d4:ae:76:62:cb:95:fa:2b:f3:93:4c:de:3d:af:
42:05:c5:38:0a:a7:10:b2:33:34:00:b2:0b:3f:a2:06:ff:fe:
1f:fc:05:ba:7e:b8:32:a7:81:ed:d8:c9:b5:d5:b9:c9:b8:47:
f1:da:77:c0:c0:4b:a9:86:52:0d:89:c9:96:3d:a4:a9:c3:64:
02:f2:ca:a8:0d:ae:1f:68:6c:28:e4:ff:58:b1:53:12:50:78:
72:dd:d4:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrpXQ6j+wh5spfT+P4hGSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmNTZiYTk4YzY3NDVhNjMwMjZkNzhmYzI4NDcyMjM5OWQy
ZWI4NDkwHhcNMjMwMTAxMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODVjYTc4MDAxMDg1ZThkMWI1NTMyN2ZiZTZhZDJjNTM3MjA4ZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWbxsLVPtvfZTo6qOfOETt7SZSGV
KnIabxDVpvwhYSD1bW8X0lmleSnwdCq1ukp7IuK1MGcj6k1kMpMH/qk11uIgnIGk
pfKe1/nynxnPn3jZRACrgsIr2JHr4mjKn3cD8zRGRBhbek8aR068nX2tvy9CwJYu
3tRAWEM0acoOFVT1CY8F5J9dkKVPcyK5zdopQdCcSEeXxnT6sFG7f4wreO4KMiqg
x/IIaioH4DuYF81/I3jXkTTH7Pz7i+/8XATB5AD7IhNrmtfVH19is59zRBkmKAuw
5+6B+eaWvXueomfoHN3l1g1BJGkIMTFCZ3FsTkAVIdllJBWmt/Fxiu+mMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAhcp4ABCF6NG1Uyf75q0sU3II2OMB8GA1UdIwQY
MBaAFL9WupjGdFpjAm14/ChHIjmdLrhJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYt
NTg3ZmM4NGFjZWZlLzEvQ0Z5bmdBRUlYbzBiVlRKX3ZtclN4VGNnalk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8zMzQzZDItNTI1My00MjQzLWEwMWYtNTg3ZmM4NGFjZWZl
LzEvdjFhNm1NWjBXbU1DYlhqOEtFY2lPWjB1dUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQ8rMA0E
AgACMAcDBQMqB0kAMA0GCSqGSIb3DQEBCwUAA4IBAQA0m4UcDePyluyQLi/HjoFa
5w0DRYUKny6/hMpLdtMqbGZL/q3kerEl+0tC8Ccy6nWjO4Bj3+XAhWxS/kf2OSS2
HbyLkjwzacK9A05RzOSqomVFEL+pDiAg09XwZd1u1O/N1uFhNcHyHrVNHfa0Yfts
ClE04YBivtmOp9PWNDmdAETNGuazgASLYRwXEZjqUTmwc/qBx5ma8Yqr77dsuXCb
5juoDamM1K52YsuV+ivzk0zePa9CBcU4CqcQsjM0ALILP6IG//4f/AW6frgyp4Ht
2Mm11bnJuEfx2nfAwEuphlINicmWPaSpw2QC8sqoDa4faGwo5P9YsVMSUHhy3dTz
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:08 2024 by rpki-client on console-ams.rpki-client.org