Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Fm-yWp5nLU5M7P078Wj3gZtu2Nc.roa
File: Fm-yWp5nLU5M7P078Wj3gZtu2Nc.roa (raw, json)
Hash identifier: kX3DLpkFOsL/K62ZnD48JJ4ajbERaB/sso5c5vztGJw=
Subject key identifier: 16:6F:B2:5A:9E:67:2D:4E:4C:EC:FD:3B:F1:68:F7:81:9B:6E:D8:D7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0186C5BA69ADE90133E5CC2341893E679AA5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Fm-yWp5nLU5M7P078Wj3gZtu2Nc.roa
Signing time: Thu 09 Mar 2023 09:36:13 +0000
ROA not before: Thu 09 Mar 2023 09:36:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49392
IP address blocks: 194.87.118.0/23 maxlen: 24
194.135.32.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
195.133.24.0/24 maxlen: 24
195.133.26.0/23 maxlen: 24
212.192.15.0/24 maxlen: 24
195.133.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Mar 2023 15:49:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:ba:69:ad:e9:01:33:e5:cc:23:41:89:3e:67:9a:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 9 09:36:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=166fb25a9e672d4e4cecfd3bf168f7819b6ed8d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:31:c0:3a:34:fc:5b:cb:56:21:9a:3c:7f:16:
9a:f2:a8:39:3c:c1:02:15:76:e7:e5:24:28:35:f8:
aa:10:4e:fe:69:47:3d:ad:00:40:91:48:df:cd:d3:
d8:e6:db:1d:f9:90:63:05:dd:8b:8b:41:29:8b:a3:
fc:10:dc:a0:cd:99:cb:a8:bf:f5:4f:8a:08:35:dd:
d0:97:85:60:ff:86:0d:5f:ae:3f:f9:c6:03:6c:c6:
b3:62:21:95:d9:d4:02:58:4b:30:be:18:22:8e:ee:
55:15:19:ae:b3:1f:9b:6b:13:87:ff:b0:61:06:4e:
91:89:99:12:03:9c:7f:96:43:1f:cd:3e:5d:58:20:
b2:6d:3e:1b:de:13:40:7f:67:00:e9:32:8c:33:36:
5c:08:a1:51:dd:74:61:cf:c6:79:37:fe:75:98:9b:
f3:d3:42:1e:bb:59:ba:36:c9:74:88:59:cf:a4:e7:
cf:66:44:b4:5a:77:f7:12:2b:de:64:b8:4a:d5:dd:
7e:ce:dd:33:bc:63:ce:d8:e0:3c:ec:a3:10:3c:d6:
c1:76:51:65:f4:51:08:f0:40:f8:e9:4a:dc:3a:78:
c9:6d:e7:a5:d7:d4:a5:e8:2d:b8:6b:84:bb:13:34:
39:f1:88:54:69:56:88:16:e0:9b:c8:04:7b:0e:e7:
37:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:6F:B2:5A:9E:67:2D:4E:4C:EC:FD:3B:F1:68:F7:81:9B:6E:D8:D7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Fm-yWp5nLU5M7P078Wj3gZtu2Nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.10.0/24
194.87.118.0/23
194.135.32.0/24
195.133.24.0/24
195.133.26.0/23
195.133.59.0/24
212.192.15.0/24
Signature Algorithm: sha256WithRSAEncryption
14:69:b8:60:79:7d:d3:3f:05:a9:2b:9e:54:00:60:df:97:6a:
98:a7:a6:98:16:f9:9e:08:fb:f9:ae:1d:5c:da:ed:a7:f3:9b:
62:67:f4:43:fb:ea:7f:56:0b:0d:0c:98:a0:cb:9f:09:6b:da:
bc:1a:c6:09:df:ef:9b:24:9c:4b:d8:fe:f5:75:f6:30:ef:b3:
f6:39:21:ef:2c:5a:52:24:eb:6b:82:35:4d:4f:53:4b:1e:58:
1f:35:56:e7:8c:78:56:d0:01:ab:45:6e:bc:d4:88:79:99:ee:
b5:eb:b2:b6:92:6c:f5:c7:b6:01:ad:a2:9b:ac:dc:7f:85:be:
07:fb:2d:c8:5d:b2:85:03:df:b4:1f:77:7d:be:34:9a:b1:b0:
a7:d7:07:79:bb:d9:01:24:b7:e5:d2:27:f4:9d:d0:d0:a7:66:
8c:ba:ec:13:de:4b:c9:57:87:c9:3c:7c:9c:e8:fc:ab:30:7e:
be:e8:12:d0:ad:9a:16:f1:f3:dc:ba:f5:ee:a2:73:a0:2b:cb:
2a:29:e5:cc:35:10:11:b3:7d:3b:7d:ee:58:32:7c:d8:94:40:
37:41:b8:46:28:27:20:a5:4f:37:c0:0e:de:c0:20:6e:1a:e0:
98:e8:8a:db:c7:67:e7:8e:47:4c:d2:9b:ee:82:b2:86:f7:9b:
e6:fa:3c:e4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYbFummt6QEz5cwjQYk+Z5qlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMzA5MDkzNjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjZmYjI1YTllNjcyZDRlNGNlY2ZkM2JmMTY4Zjc4MTliNmVkOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTHAOjT8W8tWIZo8fxaa8qg5PMEC
FXbn5SQoNfiqEE7+aUc9rQBAkUjfzdPY5tsd+ZBjBd2Li0Epi6P8ENygzZnLqL/1
T4oINd3Ql4Vg/4YNX64/+cYDbMazYiGV2dQCWEswvhgiju5VFRmusx+baxOH/7Bh
Bk6RiZkSA5x/lkMfzT5dWCCybT4b3hNAf2cA6TKMMzZcCKFR3XRhz8Z5N/51mJvz
00Ieu1m6Nsl0iFnPpOfPZkS0Wnf3EiveZLhK1d1+zt0zvGPO2OA87KMQPNbBdlFl
9FEI8ED46UrcOnjJbeel19Sl6C24a4S7EzQ58YhUaVaIFuCbyAR7Duc3iwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBZvslqeZy1OTOz9O/Fo94GbbtjXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRm0teVdwNW5MVTVNN1AwNzhXajNnWnR1Mk5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAuUgKAwQB
wld2AwQAwocgAwQAw4UYAwQBw4UaAwQAw4U7AwQA1MAPMA0GCSqGSIb3DQEBCwUA
A4IBAQAUabhgeX3TPwWpK55UAGDfl2qYp6aYFvmeCPv5rh1c2u2n85tiZ/RD++p/
VgsNDJigy58Ja9q8GsYJ3++bJJxL2P71dfYw77P2OSHvLFpSJOtrgjVNT1NLHlgf
NVbnjHhW0AGrRW681Ih5me6167K2kmz1x7YBraKbrNx/hb4H+y3IXbKFA9+0H3d9
vjSasbCn1wd5u9kBJLfl0if0ndDQp2aMuuwT3kvJV4fJPHyc6PyrMH6+6BLQrZoW
8fPcuvXuonOgK8sqKeXMNRARs307fe5YMnzYlEA3QbhGKCcgpU83wA7ewCBuGuCY
6Irbx2fnjkdM0pvugrKG95vm+jzk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:11 2024 by rpki-client on console-fra.rpki-client.org