Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/fUJDF5XIMily9XHRLIVEKULp-L8.roa
File: fUJDF5XIMily9XHRLIVEKULp-L8.roa (raw, json)
Hash identifier: D7C5v6hJ6v2hqzQnO2oGrAipfiuTaIs2emHRJVcZFDw=
Subject key identifier: 7D:42:43:17:95:C8:32:29:72:F5:71:D1:2C:85:44:29:42:E9:F8:BF
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0190987F3CA6112CDFF3D1F058041DF0C0E6
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/fUJDF5XIMily9XHRLIVEKULp-L8.roa
Signing time: Tue 09 Jul 2024 17:16:33 +0000
ROA not before: Tue 09 Jul 2024 17:16:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60808
IP address blocks: 91.247.177.0/24 maxlen: 24
185.215.246.0/24 maxlen: 24
188.253.12.0/22 maxlen: 22
188.253.96.0/19 maxlen: 24
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jul 2024 10:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:98:7f:3c:a6:11:2c:df:f3:d1:f0:58:04:1d:f0:c0:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 9 17:16:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d42431795c8322972f571d12c85442942e9f8bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e0:7f:47:37:8d:22:3d:ef:1a:75:8f:50:f8:
2e:db:00:72:01:5d:50:b5:22:b3:13:17:ac:c4:2f:
79:db:c5:34:6a:81:af:42:85:e9:4f:49:00:8d:f4:
4a:d1:03:92:71:e2:bd:82:c2:fe:47:5f:1e:b5:e9:
86:ad:e0:cd:d9:aa:45:a5:7d:04:fa:1c:bf:bd:dd:
5b:ff:92:e9:44:ac:3f:db:35:41:63:c9:08:6b:bc:
4c:9c:ab:60:48:3f:e8:48:fa:18:fe:f8:eb:97:11:
d3:63:7a:c2:89:ad:f9:6e:78:33:fa:35:10:cd:5f:
99:a6:b5:09:55:59:9f:85:bd:d9:98:1f:e5:0c:25:
b8:a1:cc:4e:55:a3:59:17:3c:10:45:57:d7:59:5a:
f6:36:b9:fd:67:47:c4:5e:53:5c:b3:65:37:de:45:
4a:71:40:18:b7:c1:aa:10:fe:33:71:86:04:f7:34:
db:42:3b:0b:d0:9d:d2:9e:09:b4:50:05:29:7f:05:
18:a8:23:45:f2:96:47:fd:f0:7f:4e:b6:6f:6a:86:
6a:3a:84:47:65:7e:bf:8b:93:d4:1b:3e:b3:24:33:
74:0a:31:6a:9b:fe:1c:ef:b9:ec:fb:d9:64:66:56:
ec:ce:7a:fa:32:89:f9:7c:0f:52:b7:7b:84:97:59:
e8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:42:43:17:95:C8:32:29:72:F5:71:D1:2C:85:44:29:42:E9:F8:BF
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/fUJDF5XIMily9XHRLIVEKULp-L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.177.0/24
185.215.246.0/24
188.253.12.0/22
188.253.96.0/19
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
04:3e:08:0b:fd:1e:f4:45:ed:9f:e5:7c:96:82:22:3a:eb:90:
f4:a7:3d:b7:de:df:9a:aa:ca:c2:cf:9a:50:e3:a4:8c:49:97:
82:5c:cd:81:4f:52:cd:91:7a:ca:78:88:bb:d1:03:2b:36:de:
4a:9b:48:1d:c8:8f:3b:88:b4:28:62:2e:c2:ff:ef:40:a3:41:
7e:b6:b9:6c:11:b6:cc:e5:8f:d9:09:d1:2f:46:8c:cd:f3:66:
5b:0d:17:bf:ae:fe:18:96:a4:3f:a9:8a:43:61:b0:02:e1:a1:
c4:6d:59:03:c8:f5:0f:62:c8:54:a4:c6:8d:5d:50:2d:f1:0b:
a5:5d:1b:b6:4c:30:93:b4:e1:1c:a4:cc:fd:ce:a9:e0:13:05:
b0:b0:17:fc:7f:0d:fc:9c:e0:ca:88:da:95:d4:2c:bc:15:b1:
bb:af:9a:ca:d7:13:38:29:21:9a:f3:d9:33:f2:07:8d:ed:9f:
c2:18:8a:63:8f:84:52:ff:69:6b:ae:7d:c1:76:d5:40:55:51:
1c:fe:69:aa:68:03:db:19:51:43:64:61:ce:fc:d2:db:ef:f3:
48:c3:f1:e8:d2:ea:f4:92:66:44:83:c9:c8:7d:52:08:3d:07:
f4:fa:01:76:b3:45:21:dc:de:d9:7f:a8:8d:78:6a:69:20:f1:
3e:6b:ea:1c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZCYfzymESzf89HwWAQd8MDmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNzA5MTcxNjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQyNDMxNzk1YzgzMjI5NzJmNTcxZDEyYzg1NDQyOTQyZTlmOGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquB/RzeNIj3vGnWPUPgu2wByAV1Q
tSKzExesxC9528U0aoGvQoXpT0kAjfRK0QOSceK9gsL+R18etemGreDN2apFpX0E
+hy/vd1b/5LpRKw/2zVBY8kIa7xMnKtgSD/oSPoY/vjrlxHTY3rCia35bngz+jUQ
zV+ZprUJVVmfhb3ZmB/lDCW4ocxOVaNZFzwQRVfXWVr2Nrn9Z0fEXlNcs2U33kVK
cUAYt8GqEP4zcYYE9zTbQjsL0J3Sngm0UAUpfwUYqCNF8pZH/fB/TrZvaoZqOoRH
ZX6/i5PUGz6zJDN0CjFqm/4c77ns+9lkZlbsznr6Mon5fA9St3uEl1noFwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFH1CQxeVyDIpcvVx0SyFRClC6fi/MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZlVKREY1WElNaWx5OVhIUkxJVkVLVUxwLUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW/exAwQA
udf2AwQCvP0MAwQFvP1gMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IB
AQAEPggL/R70Re2f5XyWgiI665D0pz233t+aqsrCz5pQ46SMSZeCXM2BT1LNkXrK
eIi70QMrNt5Km0gdyI87iLQoYi7C/+9Ao0F+trlsEbbM5Y/ZCdEvRozN82ZbDRe/
rv4YlqQ/qYpDYbAC4aHEbVkDyPUPYshUpMaNXVAt8QulXRu2TDCTtOEcpMz9zqng
EwWwsBf8fw38nODKiNqV1Cy8FbG7r5rK1xM4KSGa89kz8geN7Z/CGIpjj4RS/2lr
rn3BdtVAVVEc/mmqaAPbGVFDZGHO/NLb7/NIw/Ho0ur0kmZEg8nIfVIIPQf0+gF2
s0Uh3N7Zf6iNeGppIPE+a+oc
-----END CERTIFICATE-----
Generated at Thu Jul 25 13:50:37 2024 by rpki-client on console-ams.rpki-client.org