Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Fnj6u2GO0FZVjG4HcvJuUvZPZoc.roa
File: Fnj6u2GO0FZVjG4HcvJuUvZPZoc.roa (raw, json)
Hash identifier: CMxIy4dcpqlIrdkIQeu2DHbHgto0SRi5VKEyAGjoHeM=
Subject key identifier: 16:78:FA:BB:61:8E:D0:56:55:8C:6E:07:72:F2:6E:52:F6:4F:66:87
Certificate issuer: /CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Certificate serial: 0185718C1CB6E416D7DF5444183502F721D0
Authority key identifier: C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Fnj6u2GO0FZVjG4HcvJuUvZPZoc.roa
Signing time: Mon 02 Jan 2023 08:14:45 +0000
ROA not before: Mon 02 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 789
IP address blocks: 134.158.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:1c:b6:e4:16:d7:df:54:44:18:35:02:f7:21:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a7c3f4b14693512202595a8a4f95b0d6b7a101
Validity
Not Before: Jan 2 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1678fabb618ed056558c6e0772f26e52f64f6687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:ec:b6:7d:af:4f:0b:3f:2d:69:f6:59:2f:
dc:57:a9:cc:8e:71:d7:f2:28:5b:95:af:6c:55:4b:
a1:76:e2:61:81:35:0a:8d:b0:d7:16:55:28:65:1d:
87:2e:6e:54:ee:2e:8d:ac:5c:6e:27:42:06:5c:d5:
dc:00:5f:63:2a:28:32:e8:70:4d:59:63:e1:40:a4:
ed:c8:96:87:dc:22:33:2b:20:cf:0f:d7:2c:9b:6d:
fb:a3:55:86:9d:71:9e:c0:9c:e7:75:73:0a:b3:e4:
6e:3e:8b:49:b4:b9:6c:74:21:0a:19:2e:c6:c3:dd:
4e:f3:cf:ce:d4:ae:c1:fe:ac:29:e5:7a:a5:92:29:
c2:f1:c2:35:d6:fa:a8:f7:4c:97:9e:f0:f0:b4:57:
cf:c5:7b:c5:e3:f9:bd:1c:d2:74:04:9a:bf:88:9a:
6c:5f:d3:3a:09:f0:9d:e8:eb:1e:05:c3:c4:ba:1a:
a3:c2:ab:b9:dc:00:e4:55:5b:ac:64:f0:4a:ca:03:
70:84:bd:ba:e8:3e:5e:2f:9d:6b:2a:60:95:46:c5:
b3:2b:e6:48:45:7c:bc:39:51:84:02:6b:41:70:29:
ca:46:34:0e:c7:87:db:b6:3d:ac:dd:ae:ac:5e:ac:
9d:7b:f2:6c:58:0e:6d:02:d4:e0:24:c1:fa:d8:5c:
82:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:78:FA:BB:61:8E:D0:56:55:8C:6E:07:72:F2:6E:52:F6:4F:66:87
X509v3 Authority Key Identifier:
keyid:C5:A7:C3:F4:B1:46:93:51:22:02:59:5A:8A:4F:95:B0:D6:B7:A1:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xafD9LFGk1EiAllaik-VsNa3oQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/Fnj6u2GO0FZVjG4HcvJuUvZPZoc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/3a3b2c-76b9-49b4-8218-d12f1e2456ba/1/xafD9LFGk1EiAllaik-VsNa3oQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.158.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:55:54:32:9e:a0:75:9c:01:8c:b9:1d:72:38:ba:fb:a1:21:
4c:ad:cc:1c:1a:75:97:22:69:67:7f:d6:67:e5:f0:6c:e1:31:
d8:07:b4:af:19:36:2f:c1:96:f2:43:b2:c7:ee:fa:46:d2:b5:
c6:59:d9:08:d6:a9:50:b5:25:a1:6e:ce:90:9d:ff:2b:b1:65:
2c:e6:da:40:1e:d9:1c:55:e5:6c:f0:36:40:bf:f8:24:33:82:
40:92:21:bf:45:a3:df:a3:e8:b0:12:fc:7f:45:f9:c5:c0:91:
27:e4:52:92:3e:d9:f5:13:46:16:88:0b:da:c1:8d:c5:d1:7e:
f0:87:73:b4:b9:17:37:bd:21:e5:b9:62:65:92:ec:45:be:2a:
d3:62:09:87:f4:c4:8c:0e:26:c3:ae:53:ea:16:4c:a2:a7:e5:
0c:57:9f:e9:ad:00:3c:1b:c6:0c:4c:b0:9e:f6:c3:6e:64:4d:
b4:01:c0:5c:91:ab:fb:c7:23:06:54:37:d7:55:1f:76:62:eb:
5f:26:8b:67:7a:1d:4a:65:b3:c2:b9:cd:40:5a:b3:4e:95:db:
cd:e8:1c:52:dd:01:af:f3:79:b3:85:1f:e6:fa:35:a5:00:7b:
86:36:b6:70:00:bf:5f:bc:31:22:01:2e:2b:69:74:4c:48:43:
30:4e:c5:0f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxjBy25BbX31REGDUC9yHQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1YTdjM2Y0YjE0NjkzNTEyMjAyNTk1YThhNGY5NWIwZDZi
N2ExMDEwHhcNMjMwMTAyMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc4ZmFiYjYxOGVkMDU2NTU4YzZlMDc3MmYyNmU1MmY2NGY2Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/stn2vTws/LWn2WS/cV6nMjnHX
8ihbla9sVUuhduJhgTUKjbDXFlUoZR2HLm5U7i6NrFxuJ0IGXNXcAF9jKigy6HBN
WWPhQKTtyJaH3CIzKyDPD9csm237o1WGnXGewJzndXMKs+RuPotJtLlsdCEKGS7G
w91O88/O1K7B/qwp5XqlkinC8cI11vqo90yXnvDwtFfPxXvF4/m9HNJ0BJq/iJps
X9M6CfCd6OseBcPEuhqjwqu53ADkVVusZPBKygNwhL266D5eL51rKmCVRsWzK+ZI
RXy8OVGEAmtBcCnKRjQOx4fbtj2s3a6sXqyde/JsWA5tAtTgJMH62FyCywIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBZ4+rthjtBWVYxuB3LyblL2T2aHMB8GA1UdIwQY
MBaAFMWnw/SxRpNRIgJZWopPlbDWt6EBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgt
ZDEyZjFlMjQ1NmJhLzEvRm5qNnUyR08wRlpWakc0SGN2SnVVdlpQWm9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zYTNiMmMtNzZiOS00OWI0LTgyMTgtZDEyZjFlMjQ1NmJh
LzEveGFmRDlMRkdrMUVpQWxsYWlrLVZzTmEzb1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAhp4wDQYJ
KoZIhvcNAQELBQADggEBADNVVDKeoHWcAYy5HXI4uvuhIUytzBwadZciaWd/1mfl
8GzhMdgHtK8ZNi/BlvJDssfu+kbStcZZ2QjWqVC1JaFuzpCd/yuxZSzm2kAe2RxV
5WzwNkC/+CQzgkCSIb9Fo9+j6LAS/H9F+cXAkSfkUpI+2fUTRhaIC9rBjcXRfvCH
c7S5Fze9IeW5YmWS7EW+KtNiCYf0xIwOJsOuU+oWTKKn5QxXn+mtADwbxgxMsJ72
w25kTbQBwFyRq/vHIwZUN9dVH3Zi618mi2d6HUpls8K5zUBas06V283oHFLdAa/z
ebOFH+b6NaUAe4Y2tnAAv1+8MSIBLitpdExIQzBOxQ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:01 2024 by rpki-client on console-ams.rpki-client.org