Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/PKFrg403EeWugYSpyqwOFol-jYk.roa
File: PKFrg403EeWugYSpyqwOFol-jYk.roa (raw, json)
Hash identifier: rzWPOpULsID4Q2ECT2K3epj8yaroZ+yjoKcjYqgJos4=
Subject key identifier: 3C:A1:6B:83:8D:37:11:E5:AE:81:84:A9:CA:AC:0E:16:89:7E:8D:89
Certificate issuer: /CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2
Certificate serial: 018572A7FA22A7EB64D0DA1893BBF1454F15
Authority key identifier: F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/PKFrg403EeWugYSpyqwOFol-jYk.roa
Signing time: Mon 02 Jan 2023 13:24:49 +0000
ROA not before: Mon 02 Jan 2023 13:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 195.177.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:fa:22:a7:eb:64:d0:da:18:93:bb:f1:45:4f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0fb0d0be296dc1b719d2440fb6ad9c75d08e2e2
Validity
Not Before: Jan 2 13:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3ca16b838d3711e5ae8184a9caac0e16897e8d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:76:be:6d:01:0a:b9:8d:e9:7e:32:51:c3:73:
bb:11:d2:75:c4:5f:d1:50:20:e4:16:4a:db:5c:d6:
9f:c1:12:84:71:48:04:95:31:2d:cf:bf:e3:9f:c3:
b8:ee:ce:29:92:a8:b6:36:c2:a5:61:b2:22:ce:4c:
3b:e9:54:46:53:f8:b0:38:61:e1:16:2c:3e:39:7e:
32:be:39:34:89:c2:40:fd:c7:e7:78:1b:41:0f:00:
9d:a0:69:3f:99:20:95:e3:fc:50:44:67:e8:ad:c0:
72:06:17:9e:0e:dd:03:1d:c3:fb:86:32:97:b3:57:
45:91:bf:0e:5a:b3:79:7b:24:c2:71:90:58:a5:6b:
59:38:fe:a4:d2:f5:f3:79:33:d5:be:79:ec:87:1a:
0d:6b:d9:e7:07:1c:ce:f5:8d:fd:99:7f:30:74:bb:
1d:aa:50:39:d3:47:8b:94:e6:d7:f2:ff:78:d5:dc:
2a:ec:07:34:00:b8:3e:c6:04:3d:df:c1:73:b3:3a:
df:21:a9:90:52:eb:91:45:16:bd:4d:4b:ea:9b:5a:
e8:af:37:d4:0a:0a:fe:ab:b7:d8:11:a6:b0:1b:96:
43:f2:f2:c1:a4:6a:6a:0f:01:96:fe:c4:8b:b3:b8:
91:0b:bf:e0:50:b3:87:95:5f:d9:40:45:58:01:cf:
82:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A1:6B:83:8D:37:11:E5:AE:81:84:A9:CA:AC:0E:16:89:7E:8D:89
X509v3 Authority Key Identifier:
keyid:F0:FB:0D:0B:E2:96:DC:1B:71:9D:24:40:FB:6A:D9:C7:5D:08:E2:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PsNC-KW3BtxnSRA-2rZx10I4uI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/PKFrg403EeWugYSpyqwOFol-jYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/3dedf6-3ec7-4b40-adaa-c0e278736c88/1/8PsNC-KW3BtxnSRA-2rZx10I4uI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.98.0/24
Signature Algorithm: sha256WithRSAEncryption
35:66:f6:dd:1f:2a:3b:7b:2e:23:d1:04:7c:28:a4:2f:3c:d1:
fb:62:05:78:e3:fd:7c:63:59:fe:0d:f8:f5:d3:62:0c:cb:c2:
2c:a4:14:9d:30:ec:4f:69:4f:26:f8:84:07:77:4e:6c:4a:74:
70:86:e7:90:93:a6:18:49:5e:ae:1d:0f:0b:46:4b:e7:01:bb:
6a:af:7c:44:70:94:b0:95:71:45:b5:75:20:91:e6:e1:68:03:
10:4e:5c:87:af:8e:97:99:1d:d5:51:fa:e4:96:28:23:d1:15:
7a:97:40:aa:f4:d6:c1:f4:f3:3c:b2:7d:91:27:f6:9a:b0:49:
bd:1d:f4:8e:9f:2b:c4:79:b0:f0:94:67:de:dc:02:2e:cd:12:
41:46:f9:ce:15:78:5b:e1:40:0d:e6:8e:84:c9:89:57:3f:f1:
15:72:f8:27:5d:65:f9:ef:b7:69:0d:28:dc:be:64:fd:33:21:
4a:70:a2:b8:56:fb:fe:40:80:9d:68:8e:b3:17:64:68:a9:7c:
2a:88:17:27:f5:97:d8:29:ab:83:ba:d5:ea:6a:6d:cb:c5:b2:
7a:fc:d0:49:71:f1:2c:08:3e:ba:2e:93:05:80:06:22:58:c9:
cb:a2:aa:6b:dc:03:78:3a:45:36:ac:6f:8c:f1:12:b8:f8:09:
db:be:17:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyp/oip+tk0NoYk7vxRU8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZmIwZDBiZTI5NmRjMWI3MTlkMjQ0MGZiNmFkOWM3NWQw
OGUyZTIwHhcNMjMwMTAyMTMyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ExNmI4MzhkMzcxMWU1YWU4MTg0YTljYWFjMGUxNjg5N2U4ZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHa+bQEKuY3pfjJRw3O7EdJ1xF/R
UCDkFkrbXNafwRKEcUgElTEtz7/jn8O47s4pkqi2NsKlYbIizkw76VRGU/iwOGHh
Fiw+OX4yvjk0icJA/cfneBtBDwCdoGk/mSCV4/xQRGforcByBheeDt0DHcP7hjKX
s1dFkb8OWrN5eyTCcZBYpWtZOP6k0vXzeTPVvnnshxoNa9nnBxzO9Y39mX8wdLsd
qlA500eLlObX8v941dwq7Ac0ALg+xgQ938FzszrfIamQUuuRRRa9TUvqm1rorzfU
Cgr+q7fYEaawG5ZD8vLBpGpqDwGW/sSLs7iRC7/gULOHlV/ZQEVYAc+C7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyha4ONNxHlroGEqcqsDhaJfo2JMB8GA1UdIwQY
MBaAFPD7DQviltwbcZ0kQPtq2cddCOLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEt
YzBlMjc4NzM2Yzg4LzEvUEtGcmc0MDNFZVd1Z1lTcHlxd09Gb2wtallrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi8zZGVkZjYtM2VjNy00YjQwLWFkYWEtYzBlMjc4NzM2Yzg4
LzEvOFBzTkMtS1czQnR4blNSQS0yclp4MTBJNHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7FiMA0G
CSqGSIb3DQEBCwUAA4IBAQA1ZvbdHyo7ey4j0QR8KKQvPNH7YgV44/18Y1n+Dfj1
02IMy8IspBSdMOxPaU8m+IQHd05sSnRwhueQk6YYSV6uHQ8LRkvnAbtqr3xEcJSw
lXFFtXUgkebhaAMQTlyHr46XmR3VUfrkligj0RV6l0Cq9NbB9PM8sn2RJ/aasEm9
HfSOnyvEebDwlGfe3AIuzRJBRvnOFXhb4UAN5o6EyYlXP/EVcvgnXWX577dpDSjc
vmT9MyFKcKK4Vvv+QICdaI6zF2RoqXwqiBcn9ZfYKauDutXqam3LxbJ6/NBJcfEs
CD66LpMFgAYiWMnLoqpr3AN4OkU2rG+M8RK4+Anbvhf0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:22 2024 by rpki-client on console-fra.rpki-client.org