Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mFuc1SonaeIlBvDhXxdWlHRFKRQ.roa
File: mFuc1SonaeIlBvDhXxdWlHRFKRQ.roa (raw, json)
Hash identifier: T7QUEEP9RB2lJrM7rQH8kPNJyUFEktP/6BVQyaRcKeU=
Subject key identifier: 98:5B:9C:D5:2A:27:69:E2:25:06:F0:E1:5F:17:56:94:74:45:29:14
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018631390ED693653F31526CA984068EBAEB
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mFuc1SonaeIlBvDhXxdWlHRFKRQ.roa
Signing time: Wed 08 Feb 2023 13:31:08 +0000
ROA not before: Wed 08 Feb 2023 13:31:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 139.28.32.0/22 maxlen: 22
147.78.68.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 09 Feb 2023 06:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:31:39:0e:d6:93:65:3f:31:52:6c:a9:84:06:8e:ba:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 8 13:31:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=985b9cd52a2769e22506f0e15f17569474452914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:86:fb:39:80:f4:5e:bf:f6:a8:cc:6c:c4:66:
2a:b2:4e:79:d1:84:87:35:6a:cf:f0:37:bf:0b:2f:
c5:0b:7d:12:2f:db:6d:ff:71:6d:45:28:87:02:70:
04:bf:90:e1:a2:bd:ee:d9:67:a7:b8:70:f3:7a:8c:
55:1f:19:18:f8:a0:30:3a:b4:74:d9:c8:06:53:3f:
7e:a1:d6:46:de:bf:70:55:d1:44:d3:51:29:37:df:
83:1a:df:30:2d:2a:5f:95:27:1d:f1:73:61:66:c7:
bc:f3:bf:b1:b2:16:29:37:58:59:49:2b:78:3d:c4:
13:eb:f8:08:20:cb:d9:45:35:3e:99:6c:e2:35:3e:
bf:32:bf:b9:f9:a9:bd:b7:3a:1b:a8:ad:41:0b:3d:
35:77:7d:83:19:59:6a:c9:81:d2:56:60:94:45:96:
4e:56:4a:e6:e9:5b:11:b2:4f:8e:3e:ef:1a:ff:76:
60:56:d2:67:d4:58:d8:2c:23:71:7b:f4:bb:8d:f8:
85:a6:4a:fd:f8:60:c4:d2:ac:74:43:3d:44:0f:d9:
4e:f7:c3:e3:53:92:bc:c2:ac:cd:df:d5:92:d3:b5:
84:a0:c9:a1:12:d4:c6:8b:1e:6d:0b:8d:31:8f:1c:
5b:c2:7f:6b:44:32:35:8f:8c:c7:10:22:a3:4c:a2:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5B:9C:D5:2A:27:69:E2:25:06:F0:E1:5F:17:56:94:74:45:29:14
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/mFuc1SonaeIlBvDhXxdWlHRFKRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
83.171.244.0/22
139.28.32.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:de:c6:71:cd:a1:16:8f:53:43:47:b4:44:14:e4:4b:03:a3:
77:c0:37:2c:ab:8a:6e:a5:b9:8f:10:51:17:e5:a7:1d:e9:6c:
bb:90:7d:ff:18:80:d3:83:22:62:cf:98:99:2a:b0:2c:5d:de:
e6:dd:b9:70:34:ac:b6:3c:d4:cf:02:87:cf:49:a7:91:01:e9:
10:ee:ca:9f:62:3e:d9:b9:83:96:80:3b:95:c8:60:fc:af:7f:
82:5a:1b:77:7d:2e:a8:3e:1a:e3:84:a0:7e:49:22:fe:18:2e:
61:96:ea:db:47:57:a1:4e:94:76:d6:11:1a:5a:4d:c0:18:b4:
13:65:a7:49:81:73:05:49:9d:bb:66:0a:2e:c0:35:03:0b:e9:
9b:e0:32:13:f9:d2:7e:db:74:b4:31:fe:fd:61:10:99:c0:30:
8c:d8:e3:19:28:60:4d:b5:ed:07:0b:d8:4d:1c:17:b4:06:53:
11:b0:30:90:63:ee:5c:af:2b:9a:76:65:f1:9f:44:38:d0:f8:
cc:07:ad:d9:3e:38:2e:e9:b4:1a:f9:ff:f8:0b:c7:98:df:50:
a4:d3:34:e6:0e:09:93:91:e5:02:3e:09:64:83:af:6b:1e:27:
88:ce:13:de:e5:a3:c4:23:72:b2:ec:27:76:50:6e:21:f6:c2:
95:8a:d1:9c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYxOQ7Wk2U/MVJsqYQGjrrrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjA4MTMzMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODViOWNkNTJhMjc2OWUyMjUwNmYwZTE1ZjE3NTY5NDc0NDUyOTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYb7OYD0Xr/2qMxsxGYqsk550YSH
NWrP8De/Cy/FC30SL9tt/3FtRSiHAnAEv5Dhor3u2WenuHDzeoxVHxkY+KAwOrR0
2cgGUz9+odZG3r9wVdFE01EpN9+DGt8wLSpflScd8XNhZse887+xshYpN1hZSSt4
PcQT6/gIIMvZRTU+mWziNT6/Mr+5+am9tzobqK1BCz01d32DGVlqyYHSVmCURZZO
Vkrm6VsRsk+OPu8a/3ZgVtJn1FjYLCNxe/S7jfiFpkr9+GDE0qx0Qz1ED9lO98Pj
U5K8wqzN39WS07WEoMmhEtTGix5tC40xjxxbwn9rRDI1j4zHECKjTKKvuQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJhbnNUqJ2niJQbw4V8XVpR0RSkUMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvbUZ1YzFTb25hZUlsQnZEaFh4ZFdsSFJGS1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBYV8AwQC
U6v0AwQCixwgAwQCk05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQAK
3sZxzaEWj1NDR7REFORLA6N3wDcsq4pupbmPEFEX5acd6Wy7kH3/GIDTgyJiz5iZ
KrAsXd7m3blwNKy2PNTPAofPSaeRAekQ7sqfYj7ZuYOWgDuVyGD8r3+CWht3fS6o
PhrjhKB+SSL+GC5hlurbR1ehTpR21hEaWk3AGLQTZadJgXMFSZ27ZgouwDUDC+mb
4DIT+dJ+23S0Mf79YRCZwDCM2OMZKGBNte0HC9hNHBe0BlMRsDCQY+5cryuadmXx
n0Q40PjMB63ZPjgu6bQa+f/4C8eY31Ck0zTmDgmTkeUCPglkg69rHieIzhPe5aPE
I3Ky7Cd2UG4h9sKVitGc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:50 2024 by rpki-client on console-fra.rpki-client.org