Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/fmM3DrY1f1zCxrxKxhCKk2ciGiI.roa
File: fmM3DrY1f1zCxrxKxhCKk2ciGiI.roa (raw, json)
Hash identifier: lE1mU/DnNFT9UBpuBRlSmFznOrnZMmBB10bTNRYm+Yg=
Subject key identifier: 7E:63:37:0E:B6:35:7F:5C:C2:C6:BC:4A:C6:10:8A:93:67:22:1A:22
Certificate issuer: /CN=4afc7f0beac2260702d05b69dd7b7a3fb2ddd69e
Certificate serial: 01856EB90791778262A0F8CE6DD6C035FF37
Authority key identifier: 4A:FC:7F:0B:EA:C2:26:07:02:D0:5B:69:DD:7B:7A:3F:B2:DD:D6:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/fmM3DrY1f1zCxrxKxhCKk2ciGiI.roa
Signing time: Sun 01 Jan 2023 19:04:57 +0000
ROA not before: Sun 01 Jan 2023 19:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31725
IP address blocks: 91.201.240.0/23 maxlen: 23
91.201.240.0/22 maxlen: 22
91.201.242.0/23 maxlen: 23
188.190.64.0/19 maxlen: 19
109.95.32.0/22 maxlen: 22
109.95.32.0/21 maxlen: 21
195.62.15.0/24 maxlen: 24
195.62.14.0/23 maxlen: 23
195.62.14.0/24 maxlen: 24
2001:67c:176c::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:07:91:77:82:62:a0:f8:ce:6d:d6:c0:35:ff:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4afc7f0beac2260702d05b69dd7b7a3fb2ddd69e
Validity
Not Before: Jan 1 19:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e63370eb6357f5cc2c6bc4ac6108a9367221a22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:77:6b:d1:a7:62:b7:03:19:fa:2c:e8:d2:
51:39:f6:61:86:8f:99:31:d3:ea:e8:18:5e:b8:07:
bd:4c:19:f2:1c:0e:23:dd:5e:dd:27:d2:c0:43:c3:
77:c1:8f:88:00:1d:d8:93:48:ef:45:f4:62:13:ae:
38:36:4e:78:a0:61:2d:36:d9:b3:26:6c:21:ee:82:
09:a8:fd:ac:a7:36:37:36:69:6c:30:12:5d:ef:1b:
8b:bf:fe:c0:2c:07:8b:9b:e3:b0:c4:d2:fa:77:f1:
c1:de:cc:92:6e:17:0d:6d:26:99:2b:03:79:d2:61:
0e:9b:b1:83:62:bd:ee:84:b6:61:c9:fa:b7:1c:e2:
63:1b:9b:e5:3e:29:30:22:85:16:e1:5f:54:52:27:
0b:80:f2:39:22:a4:6c:07:09:af:d7:b6:f3:75:75:
63:6f:79:59:78:0a:f2:5f:e2:db:93:1b:5b:16:24:
27:82:7c:d1:59:be:71:d6:08:18:65:89:dc:9f:7b:
a7:b6:ca:40:3c:3b:37:3d:39:f4:37:79:33:ea:22:
bd:17:f5:ba:61:eb:75:03:bd:25:c6:d9:1a:be:22:
db:85:bb:80:fc:09:f7:34:20:54:28:e3:1e:e7:b5:
91:b2:e9:70:b2:d9:1c:cb:99:02:a2:8e:c3:54:75:
2e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:63:37:0E:B6:35:7F:5C:C2:C6:BC:4A:C6:10:8A:93:67:22:1A:22
X509v3 Authority Key Identifier:
keyid:4A:FC:7F:0B:EA:C2:26:07:02:D0:5B:69:DD:7B:7A:3F:B2:DD:D6:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/fmM3DrY1f1zCxrxKxhCKk2ciGiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/4f406a-2981-4aaf-8b61-f4ce22ecae34/1/Svx_C-rCJgcC0Ftp3Xt6P7Ld1p4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.240.0/22
109.95.32.0/21
188.190.64.0/19
195.62.14.0/23
IPv6:
2001:67c:176c::/48
Signature Algorithm: sha256WithRSAEncryption
77:89:ab:5a:a8:93:26:47:9e:c9:12:43:80:90:1d:95:f5:69:
a2:d1:fc:3d:b9:1e:1b:f7:f8:95:d1:ac:1c:bd:f5:ea:f1:a9:
dc:24:2a:1b:a8:62:2e:36:b5:8c:55:1b:41:bc:fc:f1:7a:2b:
a2:53:b9:a7:16:46:22:28:55:04:16:67:26:ca:8d:db:21:aa:
f5:8b:1b:5e:2a:f2:e6:50:c9:f9:89:06:56:bf:d4:ea:64:72:
a7:c7:35:2e:ba:c2:5f:7d:b6:9b:1d:d2:de:f0:de:51:ef:f9:
39:91:5c:6d:ea:9f:ab:59:7a:ae:a6:e0:5a:66:a9:26:42:10:
c2:ad:a1:e6:6d:d1:78:b7:0e:81:b8:a8:fc:54:33:d8:44:f0:
7b:bb:4e:25:31:ee:bb:15:23:92:92:ba:4d:1d:51:ca:ad:72:
f6:f8:16:64:d6:c4:80:b6:51:65:77:a0:ed:f8:92:2b:74:30:
a1:8f:7e:dd:0e:2c:3f:b3:b1:d0:0d:74:93:6b:72:27:81:6e:
c5:ca:09:54:ba:c0:a7:9e:bb:a6:b5:bc:e5:34:b4:94:61:3a:
52:02:e5:a5:95:96:a4:fc:91:04:4e:5c:4b:7f:6c:a0:de:f3:
f1:0c:ab:a9:08:5c:fc:37:05:b0:83:21:73:d0:63:d5:7d:27:
e5:1f:2d:36
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVuuQeRd4JioPjObdbANf83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZmM3ZjBiZWFjMjI2MDcwMmQwNWI2OWRkN2I3YTNmYjJk
ZGQ2OWUwHhcNMjMwMTAxMTkwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYzMzcwZWI2MzU3ZjVjYzJjNmJjNGFjNjEwOGE5MzY3MjIxYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+53a9GnYrcDGfos6NJROfZhho+Z
MdPq6BheuAe9TBnyHA4j3V7dJ9LAQ8N3wY+IAB3Yk0jvRfRiE644Nk54oGEtNtmz
Jmwh7oIJqP2spzY3NmlsMBJd7xuLv/7ALAeLm+OwxNL6d/HB3sySbhcNbSaZKwN5
0mEOm7GDYr3uhLZhyfq3HOJjG5vlPikwIoUW4V9UUicLgPI5IqRsBwmv17bzdXVj
b3lZeAryX+LbkxtbFiQngnzRWb5x1ggYZYncn3untspAPDs3PTn0N3kz6iK9F/W6
Yet1A70lxtkaviLbhbuA/An3NCBUKOMe57WRsulwstkcy5kCoo7DVHUu2wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFH5jNw62NX9cwsa8SsYQipNnIhoiMB8GA1UdIwQY
MBaAFEr8fwvqwiYHAtBbad17ej+y3daeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Z4X0MtckNKZ2NDMEZ0cDNYdDZQN0xkMXA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC80ZjQwNmEtMjk4MS00YWFmLThiNjEt
ZjRjZTIyZWNhZTM0LzEvZm1NM0RyWTFmMXpDeHJ4S3hoQ0trMmNpR2lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC80ZjQwNmEtMjk4MS00YWFmLThiNjEtZjRjZTIyZWNhZTM0
LzEvU3Z4X0MtckNKZ2NDMEZ0cDNYdDZQN0xkMXA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW8nwAwQD
bV8gAwQFvL5AAwQBwz4OMA8EAgACMAkDBwAgAQZ8F2wwDQYJKoZIhvcNAQELBQAD
ggEBAHeJq1qokyZHnskSQ4CQHZX1aaLR/D25Hhv3+JXRrBy99erxqdwkKhuoYi42
tYxVG0G8/PF6K6JTuacWRiIoVQQWZybKjdshqvWLG14q8uZQyfmJBla/1OpkcqfH
NS66wl99tpsd0t7w3lHv+TmRXG3qn6tZeq6m4FpmqSZCEMKtoeZt0Xi3DoG4qPxU
M9hE8Hu7TiUx7rsVI5KSuk0dUcqtcvb4FmTWxIC2UWV3oO34kit0MKGPft0OLD+z
sdANdJNrcieBbsXKCVS6wKeeu6a1vOU0tJRhOlIC5aWVlqT8kQROXEt/bKDe8/EM
q6kIXPw3BbCDIXPQY9V9J+UfLTY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:39 2024 by rpki-client on console-fra.rpki-client.org