Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa
File: FV4zHIgWYXCbd7cumRFW2BiiWok.roa (raw, json)
Hash identifier: HzqMBYJJtliwA/6l74zMuTR6KrzdUKWB0yVXr+lA8SM=
Subject key identifier: 15:5E:33:1C:88:16:61:70:9B:77:B7:2E:99:11:56:D8:18:A2:5A:89
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018CC50064B076B4C2332D4B4A846BFC7320
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa
Signing time: Mon 01 Jan 2024 12:29:46 +0000
ROA not before: Mon 01 Jan 2024 12:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 27 May 2024 14:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:64:b0:76:b4:c2:33:2d:4b:4a:84:6b:fc:73:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 12:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=155e331c881661709b77b72e991156d818a25a89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:30:39:7a:e6:fc:5f:7d:c4:e5:9f:80:a3:92:
b5:b4:c6:c9:2a:d1:73:81:16:a1:a3:a0:48:3d:fa:
3d:8f:c6:94:8f:c3:94:8a:cf:2e:50:21:36:a3:bf:
5c:56:4e:c2:5d:8d:cf:cd:c0:be:89:d2:e8:59:68:
ce:ef:36:e0:9a:5f:97:01:af:9e:04:27:2f:91:32:
a6:1d:c7:c4:64:16:85:f1:40:3c:f8:d0:aa:2d:1a:
40:44:f8:b0:b0:4b:b7:5d:78:fb:00:7f:92:2f:ad:
bf:a6:1f:a8:25:93:6b:80:c6:ec:89:86:3c:3e:c8:
b0:b0:dd:e8:88:7c:a0:15:8f:76:88:19:be:99:0d:
24:a5:e5:c6:e1:9a:1f:04:b2:e1:4f:bb:c2:74:ed:
13:70:bb:7c:af:79:66:b3:03:e5:77:51:ec:5b:15:
2d:00:80:23:b7:72:09:b8:a5:ad:80:3d:92:66:46:
24:e8:82:32:b7:d6:12:89:55:8c:36:22:22:50:b6:
20:20:49:d9:a3:49:d5:fd:5b:23:c0:81:f2:3f:0b:
c4:57:4d:2b:ba:69:db:95:bf:33:50:22:c1:71:9d:
74:15:34:87:d2:02:d4:71:e3:93:8b:f8:d2:aa:b3:
cc:89:fc:58:53:5f:9d:cd:74:3e:4c:f5:d2:76:dc:
3f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5E:33:1C:88:16:61:70:9B:77:B7:2E:99:11:56:D8:18:A2:5A:89
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/FV4zHIgWYXCbd7cumRFW2BiiWok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
98:6c:92:5b:59:81:67:d4:b6:8d:66:68:c5:22:f6:e2:fe:0b:
4e:a0:90:31:db:4b:4d:2d:b5:53:82:56:0a:b9:7a:6a:db:a9:
dc:c5:3c:7b:c1:ca:42:ea:ca:b7:e7:68:e8:c3:67:f3:68:4f:
1f:bb:fe:c4:e3:cb:e3:b6:7f:f4:cd:ff:66:9b:29:d8:bd:25:
cd:af:e5:ee:5e:83:93:a1:82:f0:95:ac:45:eb:1e:ed:85:61:
0a:4b:e8:93:e1:4a:f9:e8:64:0a:71:27:13:9a:1f:73:d5:fc:
70:51:6f:a7:c6:a9:2d:98:e3:2a:96:cc:e1:86:e9:ca:32:88:
ff:8a:58:d8:a3:a7:9f:7c:d3:30:06:83:13:c0:0f:12:f0:62:
17:48:4a:8a:f7:e9:b4:45:3b:6f:23:6b:f2:5a:5c:1d:bf:83:
db:2b:eb:6f:9b:be:fb:03:81:5d:99:83:65:4b:7c:cd:bc:09:
39:b4:6c:59:22:ed:9b:b5:07:49:24:5b:6e:4a:e0:90:4a:ce:
f2:dd:04:82:eb:6f:75:66:95:02:6b:0d:40:11:59:fd:bc:7e:
ec:12:eb:bb:c7:a1:1a:df:54:f5:02:ec:29:5a:88:c2:ce:b5:
37:3e:ea:17:21:59:60:25:e2:a6:f3:6d:19:81:fe:e5:56:cc:
e6:8c:27:79
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAGSwdrTCMy1LSoRr/HMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTVlMzMxYzg4MTY2MTcwOWI3N2I3MmU5OTExNTZkODE4YTI1YTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujA5eub8X33E5Z+Ao5K1tMbJKtFz
gRaho6BIPfo9j8aUj8OUis8uUCE2o79cVk7CXY3PzcC+idLoWWjO7zbgml+XAa+e
BCcvkTKmHcfEZBaF8UA8+NCqLRpARPiwsEu3XXj7AH+SL62/ph+oJZNrgMbsiYY8
PsiwsN3oiHygFY92iBm+mQ0kpeXG4ZofBLLhT7vCdO0TcLt8r3lmswPld1HsWxUt
AIAjt3IJuKWtgD2SZkYk6IIyt9YSiVWMNiIiULYgIEnZo0nV/VsjwIHyPwvEV00r
umnblb8zUCLBcZ10FTSH0gLUceOTi/jSqrPMifxYU1+dzXQ+TPXSdtw/3QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBVeMxyIFmFwm3e3LpkRVtgYolqJMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvRlY0ekhJZ1dZWENiZDdjdW1SRlcyQmlpV29rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYbJJbWYFn1LaNZmjFIvbi/gtOoJAx20tNLbVTglYKuXpq26ncxTx7wcpC6sq3
52jow2fzaE8fu/7E48vjtn/0zf9mmynYvSXNr+XuXoOToYLwlaxF6x7thWEKS+iT
4Ur56GQKcScTmh9z1fxwUW+nxqktmOMqlszhhunKMoj/iljYo6effNMwBoMTwA8S
8GIXSEqK9+m0RTtvI2vyWlwdv4PbK+tvm777A4FdmYNlS3zNvAk5tGxZIu2btQdJ
JFtuSuCQSs7y3QSC6291ZpUCaw1AEVn9vH7sEuu7x6Ea31T1AuwpWojCzrU3PuoX
IVlgJeKm820Zgf7lVszmjCd5
-----END CERTIFICATE-----
Generated at Mon May 27 21:49:32 2024 by rpki-client on console-ams.rpki-client.org