Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Fnb0l0uwNE-ILCttYZE2k3O_Oco.roa
File: Fnb0l0uwNE-ILCttYZE2k3O_Oco.roa (raw, json)
Hash identifier: GgS418qBevEhzzP+byHrrZjpXWa6RM7pfSkWVm0D498=
Subject key identifier: 16:76:F4:97:4B:B0:34:4F:88:2C:2B:6D:61:91:36:93:73:BF:39:CA
Certificate issuer: /CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Certificate serial: 018BD3C2BFC6C5632B6656E7C295B7BAE539
Authority key identifier: 33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Fnb0l0uwNE-ILCttYZE2k3O_Oco.roa
Signing time: Wed 15 Nov 2023 16:13:57 +0000
ROA not before: Wed 15 Nov 2023 16:13:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200342
IP address blocks: 194.39.203.0/24 maxlen: 24
194.39.200.0/24 maxlen: 24
194.39.200.0/22 maxlen: 22
194.39.202.0/24 maxlen: 24
194.39.201.0/24 maxlen: 24
2a0c:f0c2::/31 maxlen: 31
2a0c:f0c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 16 Nov 2023 08:20:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d3:c2:bf:c6:c5:63:2b:66:56:e7:c2:95:b7:ba:e5:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33e278ba28261a2d1e553dbef6df8409a21c1aef
Validity
Not Before: Nov 15 16:13:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1676f4974bb0344f882c2b6d6191369373bf39ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a2:53:24:c6:4d:b4:e3:38:13:26:e8:1a:6f:
0c:28:36:2f:db:f8:79:ad:de:ca:e9:be:f0:ca:41:
b6:d5:53:75:76:50:a5:d7:7a:88:96:cc:8a:17:4b:
b0:c6:bf:3e:ca:13:c4:a9:4e:3c:72:89:ad:de:7e:
e0:0a:b7:35:4a:77:21:c4:ca:5f:a4:54:83:9f:dc:
0a:98:07:ef:29:c9:24:8d:73:2c:2f:59:4d:25:e1:
bc:5e:77:42:f6:da:e1:6a:66:ca:eb:7c:45:b0:ce:
1c:33:5d:cf:1d:8d:62:97:f8:2d:2a:f7:eb:64:e8:
0a:f6:77:bf:07:58:9d:90:0d:2c:2c:55:d4:57:16:
81:f8:c4:81:f5:e9:fb:fb:80:a6:ad:a5:22:5b:dd:
b5:86:ae:98:b4:75:8a:a5:36:2a:25:d4:ac:52:bd:
2f:f8:13:f3:ca:cc:06:a0:9e:95:3a:54:7c:0e:cd:
ce:a9:07:f1:52:1a:56:3f:68:b0:80:60:49:1d:2d:
29:5c:53:09:1c:40:5b:39:e5:f0:c5:0c:82:cf:00:
a4:fa:87:82:e4:d0:09:d3:93:5d:43:5d:32:06:03:
ef:7d:1a:4a:d6:00:ab:66:7f:23:ab:bf:a1:96:bf:
5b:e7:56:7a:f5:67:ec:a7:db:ef:10:e1:e7:7e:e2:
8a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:76:F4:97:4B:B0:34:4F:88:2C:2B:6D:61:91:36:93:73:BF:39:CA
X509v3 Authority Key Identifier:
keyid:33:E2:78:BA:28:26:1A:2D:1E:55:3D:BE:F6:DF:84:09:A2:1C:1A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-J4uigmGi0eVT2-9t-ECaIcGu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/Fnb0l0uwNE-ILCttYZE2k3O_Oco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2c5fb9-c9b3-4e56-bdf1-22ea3ad5de5c/1/M-J4uigmGi0eVT2-9t-ECaIcGu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.200.0/22
IPv6:
2a0c:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
04:73:e0:d8:95:02:3c:74:0a:69:e6:0f:af:fb:24:fc:af:8f:
bb:15:90:3f:16:0c:d2:2d:81:f6:d2:53:48:cd:b0:23:00:ed:
f8:d9:92:3a:b1:8e:94:4a:18:f6:d5:38:8d:2b:40:be:b5:d3:
55:2d:da:57:a9:6d:2e:85:5d:51:9a:d7:1f:a9:0d:5e:60:e6:
6b:df:bb:47:cb:30:1d:d0:84:8c:69:4d:c8:b9:5b:4d:a9:d4:
84:f3:a5:5d:3e:45:16:27:ef:19:35:e1:d0:ce:0b:c0:9e:75:
31:9d:93:80:64:9f:81:88:10:74:84:9d:29:34:f2:a3:d8:08:
1d:c5:e5:b4:f1:cd:c2:63:b9:9d:19:df:91:c0:7d:5a:94:a3:
e7:c2:69:e5:ed:3f:73:b8:f0:7b:09:d7:e2:8f:94:58:9d:18:
b6:93:8f:25:34:91:08:6b:82:cb:a6:4f:99:f9:b0:c7:aa:07:
a7:40:da:d7:e9:13:e5:ad:82:11:f4:ec:0c:d4:34:57:5b:ba:
3c:62:6b:43:9f:a9:8e:9d:c5:ac:4b:2d:73:9a:16:d5:84:bd:
ed:95:ed:24:47:99:14:57:47:10:cb:01:23:01:fc:e5:b9:84:
18:30:9b:50:f2:22:ba:ba:20:57:bc:db:5e:05:cc:bb:31:37:
4e:20:01:1e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYvTwr/GxWMrZlbnwpW3uuU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZTI3OGJhMjgyNjFhMmQxZTU1M2RiZWY2ZGY4NDA5YTIx
YzFhZWYwHhcNMjMxMTE1MTYxMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc2ZjQ5NzRiYjAzNDRmODgyYzJiNmQ2MTkxMzY5MzczYmYzOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaJTJMZNtOM4EyboGm8MKDYv2/h5
rd7K6b7wykG21VN1dlCl13qIlsyKF0uwxr8+yhPEqU48comt3n7gCrc1SnchxMpf
pFSDn9wKmAfvKckkjXMsL1lNJeG8XndC9trhambK63xFsM4cM13PHY1il/gtKvfr
ZOgK9ne/B1idkA0sLFXUVxaB+MSB9en7+4CmraUiW921hq6YtHWKpTYqJdSsUr0v
+BPzyswGoJ6VOlR8Ds3OqQfxUhpWP2iwgGBJHS0pXFMJHEBbOeXwxQyCzwCk+oeC
5NAJ05NdQ10yBgPvfRpK1gCrZn8jq7+hlr9b51Z69Wfsp9vvEOHnfuKK3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBZ29JdLsDRPiCwrbWGRNpNzvznKMB8GA1UdIwQY
MBaAFDPieLooJhotHlU9vvbfhAmiHBrvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEt
MjJlYTNhZDVkZTVjLzEvRm5iMGwwdXdORS1JTEN0dFlaRTJrM09fT2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yYzVmYjktYzliMy00ZTU2LWJkZjEtMjJlYTNhZDVkZTVj
LzEvTS1KNHVpZ21HaTBlVlQyLTl0LUVDYUljR3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwifIMA0E
AgACMAcDBQMqDPDAMA0GCSqGSIb3DQEBCwUAA4IBAQAEc+DYlQI8dApp5g+v+yT8
r4+7FZA/FgzSLYH20lNIzbAjAO342ZI6sY6UShj21TiNK0C+tdNVLdpXqW0uhV1R
mtcfqQ1eYOZr37tHyzAd0ISMaU3IuVtNqdSE86VdPkUWJ+8ZNeHQzgvAnnUxnZOA
ZJ+BiBB0hJ0pNPKj2AgdxeW08c3CY7mdGd+RwH1alKPnwmnl7T9zuPB7Cdfij5RY
nRi2k48lNJEIa4LLpk+Z+bDHqgenQNrX6RPlrYIR9OwM1DRXW7o8YmtDn6mOncWs
Sy1zmhbVhL3tle0kR5kUV0cQywEjAfzluYQYMJtQ8iK6uiBXvNteBcy7MTdOIAEe
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:18 2024 by rpki-client on console-ams.rpki-client.org