Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/9vA-qV5kRefCKcwKWOw09KEM4K0.roa
File: 9vA-qV5kRefCKcwKWOw09KEM4K0.roa (raw, json)
Hash identifier: WMJrvSPIdzrVOoEzWXMGqMSBgrxXBVIa+fsk4xwSzS8=
Subject key identifier: F6:F0:3E:A9:5E:64:45:E7:C2:29:CC:0A:58:EC:34:F4:A1:0C:E0:AD
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14A9937D9D6A713188196E492E3FBE
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/9vA-qV5kRefCKcwKWOw09KEM4K0.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44341
IP address blocks: 195.211.160.0/24 maxlen: 24
194.140.228.0/24 maxlen: 24
195.211.162.0/24 maxlen: 24
195.211.161.0/24 maxlen: 24
195.211.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a9:93:7d:9d:6a:71:31:88:19:6e:49:2e:3f:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f6f03ea95e6445e7c229cc0a58ec34f4a10ce0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c7:71:e4:f4:5c:5b:57:cc:49:09:cf:9b:00:
d1:89:8b:30:30:a9:1c:65:79:88:ff:ab:20:ff:09:
aa:b9:49:b2:68:6b:e1:06:2f:b7:38:4f:f1:a3:a8:
65:45:fa:20:00:7c:49:3b:81:fd:a5:8e:53:7a:e9:
0a:14:f4:70:2c:ae:6e:98:fb:09:bd:f8:f0:06:a1:
ef:a7:0d:4c:1a:8c:a5:d9:7d:53:2e:bd:85:09:65:
0b:58:d1:d0:69:db:c4:a2:37:ea:be:7e:a9:1e:2b:
27:89:c5:ca:20:cf:dd:b9:29:a1:fb:cd:71:f0:92:
91:74:20:f9:1e:97:2f:c5:89:4d:f7:37:63:ee:c6:
0a:ab:ae:97:8a:b2:ce:b0:20:32:78:ce:a7:6e:f0:
37:6b:3e:2d:d3:63:9d:a6:d5:51:75:83:36:e5:ad:
a4:ba:1c:d2:45:ed:41:51:26:f3:71:5c:13:0f:38:
cb:74:29:54:b0:70:f3:52:b7:0e:25:58:e8:38:b4:
e7:31:cf:ff:ea:bf:c7:eb:33:a9:cb:f7:83:59:c2:
ec:32:4b:09:25:64:8a:74:2a:85:00:6e:70:ea:25:
ae:60:a4:97:a9:45:63:e1:c7:ae:a4:dd:02:cf:41:
56:01:60:2a:3f:d1:d0:12:97:ed:0f:b3:52:43:e1:
cf:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F0:3E:A9:5E:64:45:E7:C2:29:CC:0A:58:EC:34:F4:A1:0C:E0:AD
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/9vA-qV5kRefCKcwKWOw09KEM4K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.228.0/24
195.211.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:00:a0:b4:03:77:c8:e5:0f:a4:b8:d6:4e:47:30:2b:20:70:
cd:9b:9d:13:aa:39:13:74:02:21:bc:e4:a0:fd:4e:2c:48:5f:
13:cb:d9:94:c8:a9:84:0e:84:f1:12:ec:48:aa:8c:d1:0e:e1:
60:9f:f0:a1:4b:c0:ee:22:c0:63:d8:87:30:88:b1:aa:49:3e:
f8:9d:1d:aa:41:dc:18:1c:37:43:db:b7:6a:66:3a:2b:f9:a8:
63:b2:b0:98:53:6d:ab:5f:05:19:3e:bb:d9:9f:99:e6:e7:e1:
ba:a9:b7:21:af:cc:e2:46:0b:df:39:27:13:76:5b:5e:3a:de:
f3:5c:11:88:8c:b7:c3:a7:6e:24:8b:16:7a:65:95:e7:14:5d:
f0:69:14:52:aa:70:d5:74:56:a9:6c:1a:0e:a6:a8:fc:9e:54:
73:66:7e:a8:4f:83:d6:cd:b4:f4:b7:a0:33:a3:b1:85:65:e9:
0f:7e:3a:a5:91:97:b3:90:c3:66:07:8c:6e:56:2d:ff:47:45:
7d:71:0e:7f:de:58:3f:a5:c7:89:88:87:41:6f:b7:83:c5:96:
38:0b:79:eb:85:93:37:4b:33:fa:ca:00:63:fc:8b:a7:2d:16:
2d:18:e6:6e:52:23:5d:06:fb:14:a7:e8:d7:6b:eb:22:78:d1:
c2:b0:b2:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFKmTfZ1qcTGIGW5JLj++MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmYwM2VhOTVlNjQ0NWU3YzIyOWNjMGE1OGVjMzRmNGExMGNlMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssdx5PRcW1fMSQnPmwDRiYswMKkc
ZXmI/6sg/wmquUmyaGvhBi+3OE/xo6hlRfogAHxJO4H9pY5TeukKFPRwLK5umPsJ
vfjwBqHvpw1MGoyl2X1TLr2FCWULWNHQadvEojfqvn6pHisnicXKIM/duSmh+81x
8JKRdCD5HpcvxYlN9zdj7sYKq66XirLOsCAyeM6nbvA3az4t02OdptVRdYM25a2k
uhzSRe1BUSbzcVwTDzjLdClUsHDzUrcOJVjoOLTnMc//6r/H6zOpy/eDWcLsMksJ
JWSKdCqFAG5w6iWuYKSXqUVj4ceupN0Cz0FWAWAqP9HQEpftD7NSQ+HPlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPbwPqleZEXnwinMCljsNPShDOCtMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvOXZBLXFWNWtSZWZDS2N3S1dPdzA5S0VNNEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwozkAwQC
w9OgMA0GCSqGSIb3DQEBCwUAA4IBAQCnAKC0A3fI5Q+kuNZORzArIHDNm50TqjkT
dAIhvOSg/U4sSF8Ty9mUyKmEDoTxEuxIqozRDuFgn/ChS8DuIsBj2IcwiLGqST74
nR2qQdwYHDdD27dqZjor+ahjsrCYU22rXwUZPrvZn5nm5+G6qbchr8ziRgvfOScT
dlteOt7zXBGIjLfDp24kixZ6ZZXnFF3waRRSqnDVdFapbBoOpqj8nlRzZn6oT4PW
zbT0t6Azo7GFZekPfjqlkZezkMNmB4xuVi3/R0V9cQ5/3lg/pceJiIdBb7eDxZY4
C3nrhZM3SzP6ygBj/IunLRYtGOZuUiNdBvsUp+jXa+sieNHCsLIs
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org