Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPyfzEFr8GHruTxDaqXgFd-cROY.roa
File: CPyfzEFr8GHruTxDaqXgFd-cROY.roa (raw, json)
Hash identifier: CtA48zFYUP2hg8lvM504qy7/OgipfKXLw0AlsKgcvXU=
Subject key identifier: 08:FC:9F:CC:41:6B:F0:61:EB:B9:3C:43:6A:A5:E0:15:DF:9C:44:E6
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018DC2B730CB4025BDCBCE680AFB833F3C40
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPyfzEFr8GHruTxDaqXgFd-cROY.roa
Signing time: Mon 19 Feb 2024 18:53:21 +0000
ROA not before: Mon 19 Feb 2024 18:53:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 84.247.20.0/24 maxlen: 24
89.34.171.0/24 maxlen: 24
89.37.106.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
89.47.249.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
94.177.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c2:b7:30:cb:40:25:bd:cb:ce:68:0a:fb:83:3f:3c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 19 18:53:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08fc9fcc416bf061ebb93c436aa5e015df9c44e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:15:f1:85:dd:ae:11:df:22:0f:2a:03:ae:7b:
7a:10:90:ae:95:ab:84:a1:48:d5:91:cc:fc:15:6e:
9e:e6:a0:66:09:01:d8:a1:f7:ba:37:a1:a0:ea:27:
01:56:6a:40:8a:5f:bf:d5:9d:64:aa:56:96:ec:3d:
7b:41:b9:9a:05:13:53:21:5e:a0:37:e4:ab:2a:8c:
4e:55:2c:6d:d1:49:00:ad:26:da:ce:4b:ce:4c:db:
67:91:3c:b1:8f:5f:85:e5:4a:8a:a2:77:a5:77:cc:
26:b6:f5:7b:b9:32:0b:d0:24:a4:8d:d4:76:63:1a:
dc:ef:82:07:24:12:55:dd:2c:f8:23:04:b6:84:f6:
d6:04:9f:e4:bf:9c:43:e6:3b:15:a8:15:96:53:a0:
14:64:a4:1b:47:b4:8c:1c:f8:5c:9e:0f:18:49:9e:
a2:d1:ed:ca:b0:46:f9:d2:de:1d:de:bf:29:5e:3b:
ec:02:99:e2:c1:59:1a:af:f4:47:ee:1e:3c:79:d3:
a1:4f:0f:c3:76:d8:c8:f5:ba:5c:cd:7e:8b:2c:a3:
a1:33:5a:cf:46:f5:69:69:c7:5c:3c:39:6c:b0:e5:
33:4a:18:96:67:45:40:8e:3f:e9:e2:04:e6:dd:ca:
84:6b:0e:f8:38:b0:1f:56:0e:65:9e:65:29:9b:90:
39:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FC:9F:CC:41:6B:F0:61:EB:B9:3C:43:6A:A5:E0:15:DF:9C:44:E6
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CPyfzEFr8GHruTxDaqXgFd-cROY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.20.0/24
89.34.171.0/24
89.37.106.0/24
89.42.213.0/24
89.47.249.0/24
94.177.113.0/24
94.177.118.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a0:12:2f:43:88:ae:9b:c0:66:8b:3c:dc:1c:d6:6f:f5:ca:
28:03:bf:21:59:7f:5a:19:75:4d:9a:07:fe:99:83:18:10:33:
7b:6b:63:63:c8:3c:e8:88:33:2d:94:d5:97:e4:fb:3b:67:98:
b2:bf:bd:bb:5c:f7:ce:44:5b:11:70:2a:ec:3f:28:c7:96:90:
6e:b3:45:40:fc:d6:dd:f0:b3:af:57:4d:df:e6:c6:01:40:13:
89:fa:30:21:19:19:34:9d:e6:e8:be:24:80:b8:72:cb:08:65:
6e:7a:16:bb:6c:22:44:be:1d:ab:1d:6c:63:ce:c8:d5:2c:0d:
b3:7f:91:66:d7:cb:5f:e2:93:f7:d7:eb:a4:a4:7f:c5:0f:79:
23:44:ea:5d:ea:75:f6:29:b9:46:50:5b:01:33:a2:9e:cb:92:
fb:95:e3:b6:17:ae:e5:2c:87:19:56:6d:ae:62:c8:70:b9:a2:
4d:92:ec:df:6b:af:03:18:ce:59:90:91:8a:52:5c:38:fa:6a:
ef:5a:0d:1c:25:e1:ee:80:ff:5f:bf:de:a3:74:4a:4a:b1:f3:
b3:08:da:d4:03:ba:aa:3e:74:e8:53:d6:ac:83:ca:49:7e:20:
80:42:41:69:e0:f4:21:b7:6b:4f:db:12:99:94:d8:dc:c3:e0:
20:3f:78:2b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3CtzDLQCW9y85oCvuDPzxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjE5MTg1MzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGZjOWZjYzQxNmJmMDYxZWJiOTNjNDM2YWE1ZTAxNWRmOWM0NGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBXxhd2uEd8iDyoDrnt6EJCulauE
oUjVkcz8FW6e5qBmCQHYofe6N6Gg6icBVmpAil+/1Z1kqlaW7D17QbmaBRNTIV6g
N+SrKoxOVSxt0UkArSbazkvOTNtnkTyxj1+F5UqKoneld8wmtvV7uTIL0CSkjdR2
Yxrc74IHJBJV3Sz4IwS2hPbWBJ/kv5xD5jsVqBWWU6AUZKQbR7SMHPhcng8YSZ6i
0e3KsEb50t4d3r8pXjvsApniwVkar/RH7h48edOhTw/DdtjI9bpczX6LLKOhM1rP
RvVpacdcPDlssOUzShiWZ0VAjj/p4gTm3cqEaw74OLAfVg5lnmUpm5A5mwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAj8n8xBa/Bh67k8Q2ql4BXfnETmMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQ1B5ZnpFRnI4R0hydVR4RGFxWGdGZC1jUk9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVPcUAwQA
WSKrAwQAWSVqAwQAWSrVAwQAWS/5AwQAXrFxAwQAXrF2MA0GCSqGSIb3DQEBCwUA
A4IBAQAooBIvQ4ium8BmizzcHNZv9cooA78hWX9aGXVNmgf+mYMYEDN7a2NjyDzo
iDMtlNWX5Ps7Z5iyv727XPfORFsRcCrsPyjHlpBus0VA/Nbd8LOvV03f5sYBQBOJ
+jAhGRk0neboviSAuHLLCGVueha7bCJEvh2rHWxjzsjVLA2zf5Fm18tf4pP31+uk
pH/FD3kjROpd6nX2KblGUFsBM6Key5L7leO2F67lLIcZVm2uYshwuaJNkuzfa68D
GM5ZkJGKUlw4+mrvWg0cJeHugP9fv96jdEpKsfOzCNrUA7qqPnToU9asg8pJfiCA
QkFp4PQht2tP2xKZlNjcw+AgP3gr
-----END CERTIFICATE-----
Generated at Wed Feb 28 01:00:58 2024 by rpki-client on console-ams.rpki-client.org