Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FFoBTvCWrMzMzcb5RLVdUW4FkLY.roa
File: FFoBTvCWrMzMzcb5RLVdUW4FkLY.roa (raw, json)
Hash identifier: IfyvTlJSa+EEPOoZlJtAx7mKQi+6AQ4KXQza8kPnPAM=
Subject key identifier: 14:5A:01:4E:F0:96:AC:CC:CC:CD:C6:F9:44:B5:5D:51:6E:05:90:B6
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018C102C34C143E26515D1AE6DDDE09E0A9E
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FFoBTvCWrMzMzcb5RLVdUW4FkLY.roa
Signing time: Mon 27 Nov 2023 09:46:21 +0000
ROA not before: Mon 27 Nov 2023 09:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 194.87.133.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.58.36.0/24 maxlen: 24
195.133.31.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:10:2c:34:c1:43:e2:65:15:d1:ae:6d:dd:e0:9e:0a:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 27 09:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=145a014ef096accccccdc6f944b55d516e0590b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:61:76:93:16:5f:1a:f5:c4:ad:db:91:ec:fe:
af:4c:7c:c6:1a:eb:7a:2c:0b:4b:bf:b6:09:1e:c7:
31:c8:77:ef:e3:3c:c4:e7:e4:e0:2b:0e:77:45:b0:
a3:65:b8:53:4f:b1:53:f0:48:5a:12:e5:68:5a:08:
5d:6c:54:3e:fd:d6:79:45:81:33:22:2a:ec:43:d2:
07:bb:cb:49:78:13:76:1c:aa:37:a6:98:bd:71:19:
98:83:3b:d5:38:55:6f:fc:74:a0:f7:81:89:f8:3e:
eb:20:fc:c7:4b:4d:7c:cd:24:9d:60:2f:92:ac:b6:
0d:b3:8b:96:ff:d0:0f:0b:76:28:ac:cc:63:48:47:
98:03:de:87:a9:ea:4b:e9:29:75:82:35:3f:e6:54:
55:a8:12:83:65:b8:c2:82:bd:77:3f:da:5e:66:d9:
74:2b:64:10:a2:08:3a:fd:b6:9a:ac:3b:02:0d:4f:
7e:49:94:bd:14:2d:5e:84:bf:9b:05:e1:52:ad:0f:
17:3b:e7:f8:4a:82:fb:f5:8e:9e:46:e7:5c:a4:33:
cc:82:8c:3e:6c:ae:6e:29:4f:95:2b:10:3f:96:22:
23:a0:e8:e3:4a:3c:21:c4:56:b5:b3:b5:21:1c:24:
40:a7:3a:f4:2a:0c:81:00:d0:3a:ef:3f:9f:85:e3:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5A:01:4E:F0:96:AC:CC:CC:CD:C6:F9:44:B5:5D:51:6E:05:90:B6
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FFoBTvCWrMzMzcb5RLVdUW4FkLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.133.0/24
195.58.36.0/24
195.133.2.0/24
195.133.31.0/24
Signature Algorithm: sha256WithRSAEncryption
68:e6:9a:45:6d:97:57:ed:b0:71:bb:e2:4e:14:8a:3f:33:af:
24:cb:cb:4e:6f:69:f3:13:be:90:ce:56:9d:c7:f7:ab:66:2b:
4a:24:45:16:05:aa:bb:71:da:f7:38:2a:65:2b:91:a6:d4:2d:
2c:ca:36:4d:f6:03:6e:ff:44:9f:9a:e8:70:04:c8:a8:ee:bb:
97:d5:c8:75:1c:c5:11:2e:52:c8:97:99:38:b1:11:a8:9a:ad:
25:ad:5e:cb:b1:12:f2:46:65:90:d1:cd:bb:bc:06:8a:7e:9c:
c8:b0:0a:19:12:8e:9d:42:37:e7:f6:04:aa:b2:7f:1a:5b:76:
48:4b:77:8c:99:e4:ca:ec:6e:a2:5b:6a:4d:f9:ec:4b:3e:26:
5a:f5:79:11:f6:d7:96:62:02:59:1d:f3:c9:0d:f9:34:79:28:
93:d2:a6:dd:3d:e8:5c:a4:4f:10:f4:7f:5a:f7:0c:59:99:07:
40:6f:1d:1a:9c:05:8f:16:d2:c6:07:34:9b:d1:cd:4d:5f:0a:
83:df:8b:7c:c9:b7:42:22:94:18:98:69:c9:9e:c1:3a:1d:ed:
53:02:e0:c5:9c:ac:58:41:b8:32:1f:28:92:31:7a:90:81:d8:
61:c1:01:44:04:e2:1e:e9:09:f7:58:57:e9:18:ab:53:42:66:
f7:58:c5:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYwQLDTBQ+JlFdGubd3gngqeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMTI3MDk0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVhMDE0ZWYwOTZhY2NjY2NjZGM2Zjk0NGI1NWQ1MTZlMDU5MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWF2kxZfGvXErduR7P6vTHzGGut6
LAtLv7YJHscxyHfv4zzE5+TgKw53RbCjZbhTT7FT8EhaEuVoWghdbFQ+/dZ5RYEz
IirsQ9IHu8tJeBN2HKo3ppi9cRmYgzvVOFVv/HSg94GJ+D7rIPzHS018zSSdYC+S
rLYNs4uW/9APC3YorMxjSEeYA96HqepL6Sl1gjU/5lRVqBKDZbjCgr13P9peZtl0
K2QQogg6/baarDsCDU9+SZS9FC1ehL+bBeFSrQ8XO+f4SoL79Y6eRudcpDPMgow+
bK5uKU+VKxA/liIjoOjjSjwhxFa1s7UhHCRApzr0KgyBANA67z+fheME/QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRaAU7wlqzMzM3G+US1XVFuBZC2MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRkZvQlR2Q1dyTXpNemNiNVJMVmRVVzRGa0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwldJAwQA
wleFAwQAwzokAwQAw4UCAwQAw4UfMA0GCSqGSIb3DQEBCwUAA4IBAQBo5ppFbZdX
7bBxu+JOFIo/M68ky8tOb2nzE76Qzladx/erZitKJEUWBaq7cdr3OCplK5Gm1C0s
yjZN9gNu/0SfmuhwBMio7ruX1ch1HMURLlLIl5k4sRGomq0lrV7LsRLyRmWQ0c27
vAaKfpzIsAoZEo6dQjfn9gSqsn8aW3ZIS3eMmeTK7G6iW2pN+exLPiZa9XkR9teW
YgJZHfPJDfk0eSiT0qbdPehcpE8Q9H9a9wxZmQdAbx0anAWPFtLGBzSb0c1NXwqD
34t8ybdCIpQYmGnJnsE6He1TAuDFnKxYQbgyHyiSMXqQgdhhwQFEBOIe6Qn3WFfp
GKtTQmb3WMVm
-----END CERTIFICATE-----
Generated at Tue Dec 12 13:17:29 2023 by rpki-client on console-ams.rpki-client.org