Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/CYwxi6yqipYU_hR6_QWaVSH0oPY.roa
File: CYwxi6yqipYU_hR6_QWaVSH0oPY.roa (raw, json)
Hash identifier: zagQy46LCmSw+CIxAwTDXc6j8QyxBUe1bgeZcNatHRo=
Subject key identifier: 09:8C:31:8B:AC:AA:8A:96:14:FE:14:7A:FD:05:9A:55:21:F4:A0:F6
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 019377236A6FA7E0E4D5EF679AC569D190F3
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/CYwxi6yqipYU_hR6_QWaVSH0oPY.roa
Signing time: Fri 29 Nov 2024 08:57:09 +0000
ROA not before: Fri 29 Nov 2024 08:57:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200924
IP address blocks: 5.182.107.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
46.102.102.0/24 maxlen: 24
85.204.37.0/24 maxlen: 24
212.237.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Nov 2024 10:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:77:23:6a:6f:a7:e0:e4:d5:ef:67:9a:c5:69:d1:90:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Nov 29 08:57:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=098c318bacaa8a9614fe147afd059a5521f4a0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:44:71:cd:cd:98:aa:39:79:85:d5:8b:c3:0d:
4e:a2:db:8c:83:e2:5f:74:e6:82:87:9c:4c:db:9d:
c1:70:c3:46:25:ac:c6:46:65:ec:b1:79:91:cb:96:
58:ab:4e:44:81:ad:29:e9:95:ef:a5:a0:05:68:55:
d2:a4:12:71:fd:ac:d0:05:d0:26:c4:75:75:20:2b:
f9:b4:b0:a0:a7:f7:5a:d2:bf:8c:fb:35:ea:14:6b:
36:a3:01:95:db:cd:90:49:95:db:4d:db:34:c3:ad:
af:0f:e5:fc:95:7e:f7:6b:64:1c:6d:a1:00:e7:2c:
e1:2d:37:40:02:ec:c5:49:16:4e:91:7f:72:43:8c:
75:59:02:d1:05:c0:0a:db:8e:df:33:b4:24:c7:e6:
f0:f8:47:d8:51:48:36:15:6d:af:ed:ac:df:c7:1f:
fd:be:c0:35:2d:64:3b:97:78:65:37:5e:5b:b2:3f:
fe:31:e9:0c:7b:41:4c:cb:17:0d:a0:bd:f5:b9:07:
55:6f:eb:4e:ac:11:74:ae:2e:d9:81:4a:ae:e1:ab:
e2:7c:02:b2:cb:6d:e1:40:98:53:3e:41:7e:c3:20:
7a:6b:b7:b9:e6:87:07:03:46:19:cf:ee:8b:29:cc:
b5:06:ce:21:eb:3c:2a:5d:8b:a5:cf:36:b3:95:ed:
6c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:8C:31:8B:AC:AA:8A:96:14:FE:14:7A:FD:05:9A:55:21:F4:A0:F6
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/CYwxi6yqipYU_hR6_QWaVSH0oPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
85.204.37.0/24
212.237.254.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:41:e6:bc:fe:98:27:cf:a4:63:a8:7b:28:1e:f4:6e:4f:64:
95:26:4f:2a:ee:9a:78:90:28:72:1e:57:96:c3:3d:81:0b:1d:
cc:5e:5a:27:a4:66:c3:ff:2c:99:24:5a:d0:b9:88:69:56:af:
fc:ac:1a:10:c6:18:88:3f:c4:20:9a:12:d2:aa:9d:77:4f:57:
27:51:86:67:f5:0a:1a:1c:52:0b:26:6d:83:12:1d:51:f9:38:
f2:ff:21:39:79:18:82:fc:73:48:b1:cf:9c:b3:cd:36:64:74:
cd:61:09:f5:14:90:95:f1:57:d0:ab:ca:98:21:3a:89:20:f8:
1e:76:b9:ee:00:16:99:68:1e:6b:b3:28:cd:33:ca:ed:9a:68:
78:04:0f:ac:1d:dc:6a:9f:a3:46:c0:cf:2e:0a:8d:c4:0b:f4:
80:48:27:0a:19:ec:e1:85:7d:6a:15:2a:ea:1a:76:90:fa:78:
0d:47:59:ff:59:61:f3:77:a5:41:bc:25:9c:1e:bd:b1:08:85:
d4:0a:e3:b5:d6:5d:8b:a4:bb:24:f6:b8:6c:f2:a7:61:57:c5:
65:41:40:fb:42:05:4d:a8:68:2d:4a:fb:9a:f2:ea:f2:54:b1:
dc:ff:10:c5:25:eb:ef:b5:46:d1:aa:51:54:03:a9:c4:82:56:
dd:b2:74:a0
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZN3I2pvp+Dk1e9nmsVp0ZDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjQxMTI5MDg1NzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOThjMzE4YmFjYWE4YTk2MTRmZTE0N2FmZDA1OWE1NTIxZjRhMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0Rxzc2Yqjl5hdWLww1OotuMg+Jf
dOaCh5xM253BcMNGJazGRmXssXmRy5ZYq05Ega0p6ZXvpaAFaFXSpBJx/azQBdAm
xHV1ICv5tLCgp/da0r+M+zXqFGs2owGV282QSZXbTds0w62vD+X8lX73a2QcbaEA
5yzhLTdAAuzFSRZOkX9yQ4x1WQLRBcAK247fM7Qkx+bw+EfYUUg2FW2v7azfxx/9
vsA1LWQ7l3hlN15bsj/+MekMe0FMyxcNoL31uQdVb+tOrBF0ri7ZgUqu4avifAKy
y23hQJhTPkF+wyB6a7e55ocHA0YZz+6LKcy1Bs4h6zwqXYulzzazle1s9wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAmMMYusqoqWFP4Uev0FmlUh9KD2MB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvQ1l3eGk2eXFpcFlVX2hSNl9RV2FWU0gwb1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQABbZrMAwD
BAAfDh0DBAAfDh4DBAAuZmYDBABVzCUDBADU7f4wDQYJKoZIhvcNAQELBQADggEB
AL1B5rz+mCfPpGOoeyge9G5PZJUmTyrumniQKHIeV5bDPYELHcxeWiekZsP/LJkk
WtC5iGlWr/ysGhDGGIg/xCCaEtKqnXdPVydRhmf1ChocUgsmbYMSHVH5OPL/ITl5
GIL8c0ixz5yzzTZkdM1hCfUUkJXxV9CrypghOokg+B52ue4AFploHmuzKM0zyu2a
aHgED6wd3Gqfo0bAzy4KjcQL9IBIJwoZ7OGFfWoVKuoadpD6eA1HWf9ZYfN3pUG8
JZwevbEIhdQK47XWXYukuyT2uGzyp2FXxWVBQPtCBU2oaC1K+5ry6vJUsdz/EMUl
6++1RtGqUVQDqcSCVt2ydKA=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:50:37 2025 by rpki-client