Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/FbNr_bLvM9B4t4ACMJ_02nxjO1E.roa
File: FbNr_bLvM9B4t4ACMJ_02nxjO1E.roa (raw, json)
Hash identifier: p20dTl0yPTqPolY6ZqUb43S3SS5Yt2nsWfhsR/z/1Vs=
Subject key identifier: 15:B3:6B:FD:B2:EF:33:D0:78:B7:80:02:30:9F:F4:DA:7C:63:3B:51
Certificate issuer: /CN=3bec12c21108134f00c0353107d60ccdaebefb2e
Certificate serial: 018CC8DE0D68E987C582FDB1513B7474BE7B
Authority key identifier: 3B:EC:12:C2:11:08:13:4F:00:C0:35:31:07:D6:0C:CD:AE:BE:FB:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-wSwhEIE08AwDUxB9YMza6--y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/FbNr_bLvM9B4t4ACMJ_02nxjO1E.roa
Signing time: Tue 02 Jan 2024 06:30:44 +0000
ROA not before: Tue 02 Jan 2024 06:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209828
IP address blocks: 91.208.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 15:43:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:0d:68:e9:87:c5:82:fd:b1:51:3b:74:74:be:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bec12c21108134f00c0353107d60ccdaebefb2e
Validity
Not Before: Jan 2 06:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b36bfdb2ef33d078b78002309ff4da7c633b51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b0:15:9c:41:92:a9:b8:84:5b:5f:fa:6f:86:
e4:f5:a0:70:b1:3d:95:9e:e1:44:02:4c:ff:3c:5f:
39:cf:1d:39:7e:68:19:c5:ca:83:68:e6:63:46:e5:
93:e9:f3:7d:ae:3d:a9:30:e7:a7:dc:37:de:36:b4:
99:e1:32:73:22:9e:00:c6:c0:da:1f:b7:a7:09:fb:
49:a6:c3:6d:28:4d:1b:d3:7e:00:c4:93:45:ff:69:
02:04:84:49:48:fa:7f:53:b5:fe:33:f3:e1:28:ba:
ef:76:84:2d:3c:0d:46:05:23:4e:09:95:0a:97:13:
44:2c:07:ef:53:52:b6:66:aa:af:5b:04:4c:d6:77:
0d:66:03:a3:8a:96:52:71:a9:67:a4:e4:8a:9c:d5:
60:11:eb:99:38:14:cc:ac:1f:90:e3:fd:fc:80:b1:
69:de:bd:34:eb:13:61:3d:dc:86:a3:db:85:04:f8:
b3:5b:19:58:b0:65:ac:77:bb:fe:80:2a:a6:e3:b3:
93:15:3d:6f:3d:d5:09:bf:9b:5a:9a:d0:b0:18:5a:
02:3e:ff:49:3d:8d:84:b3:e2:18:57:c2:f3:e3:0d:
22:4b:79:23:81:49:b1:12:64:8f:86:6d:27:45:a9:
86:e5:b4:a9:a6:e8:25:30:93:4c:b0:32:65:d5:38:
0c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B3:6B:FD:B2:EF:33:D0:78:B7:80:02:30:9F:F4:DA:7C:63:3B:51
X509v3 Authority Key Identifier:
keyid:3B:EC:12:C2:11:08:13:4F:00:C0:35:31:07:D6:0C:CD:AE:BE:FB:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-wSwhEIE08AwDUxB9YMza6--y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/FbNr_bLvM9B4t4ACMJ_02nxjO1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/O-wSwhEIE08AwDUxB9YMza6--y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.204.0/24
Signature Algorithm: sha256WithRSAEncryption
05:5d:32:d4:b5:f8:08:cf:aa:ee:86:fa:0c:8f:3b:bb:ac:c0:
0f:93:5f:27:9d:1c:b5:6e:62:06:f0:8e:3d:91:6e:dc:07:0c:
91:27:39:d3:7e:f5:80:87:4a:fd:1c:ff:c2:79:78:ba:8c:1b:
8b:05:97:07:68:24:c0:3f:fd:3b:39:56:fe:d4:02:15:bc:cc:
97:7d:a0:19:03:97:61:4d:fc:ea:1d:c0:02:99:ce:83:5b:83:
11:4a:d7:f8:09:cf:d6:04:cf:f7:db:25:07:f6:90:99:af:17:
aa:c3:92:50:b2:d8:e7:bf:e6:57:dc:ca:ac:71:e0:b1:29:55:
01:a7:9a:54:cf:d3:38:33:15:28:6a:76:12:06:3b:45:c4:f1:
62:d6:b4:c5:44:fb:e1:2e:47:ed:c1:ce:e0:7c:cf:67:ec:0b:
a8:6d:bc:79:7f:0a:8c:bc:c0:bc:52:80:ab:86:c9:95:a3:a1:
58:fe:0c:44:fb:e8:49:3f:53:63:af:93:55:f6:de:07:bd:f3:
8e:ee:06:4d:42:87:dc:c9:9a:a4:03:7e:36:ce:d3:99:5d:33:
26:9d:3d:c3:b0:d6:aa:2e:ae:29:53:38:ad:a8:5a:77:4d:3a:
99:68:a4:94:9e:f7:60:61:98:b1:1a:54:8c:cb:a3:c6:99:49:
c4:a4:5d:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3g1o6YfFgv2xUTt0dL57MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWMxMmMyMTEwODEzNGYwMGMwMzUzMTA3ZDYwY2NkYWVi
ZWZiMmUwHhcNMjQwMTAyMDYzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIzNmJmZGIyZWYzM2QwNzhiNzgwMDIzMDlmZjRkYTdjNjMzYjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrAVnEGSqbiEW1/6b4bk9aBwsT2V
nuFEAkz/PF85zx05fmgZxcqDaOZjRuWT6fN9rj2pMOen3DfeNrSZ4TJzIp4AxsDa
H7enCftJpsNtKE0b034AxJNF/2kCBIRJSPp/U7X+M/PhKLrvdoQtPA1GBSNOCZUK
lxNELAfvU1K2ZqqvWwRM1ncNZgOjipZScalnpOSKnNVgEeuZOBTMrB+Q4/38gLFp
3r006xNhPdyGo9uFBPizWxlYsGWsd7v+gCqm47OTFT1vPdUJv5tamtCwGFoCPv9J
PY2Es+IYV8Lz4w0iS3kjgUmxEmSPhm0nRamG5bSppuglMJNMsDJl1TgMZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWza/2y7zPQeLeAAjCf9Np8YztRMB8GA1UdIwQY
MBaAFDvsEsIRCBNPAMA1MQfWDM2uvvsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy13U3doRUlFMDhBd0RVeEI5WU16YTYtLXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZGZhOTctOGM1My00ZTc0LTlhMmMt
NDg0YTA2YTYxNzE3LzEvRmJOcl9iTHZNOUI0dDRBQ01KXzAybnhqTzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZGZhOTctOGM1My00ZTc0LTlhMmMtNDg0YTA2YTYxNzE3
LzEvTy13U3doRUlFMDhBd0RVeEI5WU16YTYtLXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DMMA0G
CSqGSIb3DQEBCwUAA4IBAQAFXTLUtfgIz6ruhvoMjzu7rMAPk18nnRy1bmIG8I49
kW7cBwyRJznTfvWAh0r9HP/CeXi6jBuLBZcHaCTAP/07OVb+1AIVvMyXfaAZA5dh
TfzqHcACmc6DW4MRStf4Cc/WBM/32yUH9pCZrxeqw5JQstjnv+ZX3MqsceCxKVUB
p5pUz9M4MxUoanYSBjtFxPFi1rTFRPvhLkftwc7gfM9n7Auobbx5fwqMvMC8UoCr
hsmVo6FY/gxE++hJP1Njr5NV9t4HvfOO7gZNQofcyZqkA342ztOZXTMmnT3DsNaq
Lq4pUzitqFp3TTqZaKSUnvdgYZixGlSMy6PGmUnEpF1w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:00 2024 by rpki-client on console-fra.rpki-client.org