Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FssPpGYFcJ2jPZbPrI2_zV5btwI.roa
File: FssPpGYFcJ2jPZbPrI2_zV5btwI.roa (raw, json)
Hash identifier: FYibiCe5IoA2O9TZgLV3jiaQVMTyzzVUBBsKjNUeeu0=
Subject key identifier: 16:CB:0F:A4:66:05:70:9D:A3:3D:96:CF:AC:8D:BF:CD:5E:5B:B7:02
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018A6BA02EF99D594DBB15D034F957427EFC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FssPpGYFcJ2jPZbPrI2_zV5btwI.roa
Signing time: Wed 06 Sep 2023 17:52:54 +0000
ROA not before: Wed 06 Sep 2023 17:52:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36113
IP address blocks: 62.76.230.0/24 maxlen: 24
195.133.81.0/24 maxlen: 24
195.133.194.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
194.135.30.0/24 maxlen: 24
194.58.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Sep 2023 08:22:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6b:a0:2e:f9:9d:59:4d:bb:15:d0:34:f9:57:42:7e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 6 17:52:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16cb0fa46605709da33d96cfac8dbfcd5e5bb702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:fa:44:a5:c8:7c:c5:84:7e:96:80:ce:92:bc:
9b:b5:6a:ec:2e:25:32:74:46:e1:c5:7b:02:b1:32:
0c:27:43:91:88:45:f2:6b:9c:1d:8b:a8:5e:22:8a:
c9:03:2f:e0:03:12:e7:37:97:7d:4f:83:4f:79:cc:
78:73:ea:81:a6:bb:c0:ef:7a:96:62:61:d3:70:46:
f8:1c:3c:f3:c7:00:5b:49:c5:41:bf:03:ff:b2:87:
ac:de:82:04:6f:14:cb:5c:e2:e0:bc:e1:2a:9b:c8:
e2:8a:6c:6b:9c:4b:87:a3:20:7c:d6:3d:94:a4:6e:
c7:29:9d:c9:1c:26:49:05:13:07:fa:27:41:44:c1:
03:da:3c:9e:36:7d:b4:d4:c2:74:ea:23:8e:56:bd:
37:37:1c:96:da:29:b8:bf:cc:c7:29:37:4b:d5:d2:
c5:69:55:b6:3a:64:aa:22:15:c8:59:30:4c:ef:41:
25:9d:34:63:e8:f0:35:13:72:56:ee:10:43:cc:8b:
6e:6a:e5:88:24:03:9b:d1:c2:05:57:b1:1d:41:35:
22:ec:4d:35:b6:c3:8d:32:bf:6e:a7:de:98:f0:51:
ea:95:cf:37:f8:65:48:48:36:2d:6e:33:05:3c:88:
b1:98:dc:0c:ac:d7:19:21:42:b4:06:34:7b:5d:80:
1d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CB:0F:A4:66:05:70:9D:A3:3D:96:CF:AC:8D:BF:CD:5E:5B:B7:02
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/FssPpGYFcJ2jPZbPrI2_zV5btwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.230.0/24
194.58.41.0/24
194.87.228.0/24
194.135.30.0/24
195.133.81.0/24
195.133.194.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1f:c6:41:e7:04:71:c3:a4:dd:d2:9e:90:1c:06:20:62:58:
58:3e:ba:04:4d:5f:ae:2a:fc:0a:d7:c3:30:84:d5:6e:86:2e:
da:f1:ff:e5:2f:10:7d:5c:3b:d2:04:6a:3e:8e:84:8a:46:52:
c8:3e:8c:8d:ba:81:a6:d2:97:f7:03:31:a0:72:20:fa:5e:62:
be:b1:89:1c:6d:fe:ad:41:86:30:1e:ee:ac:af:9a:a7:53:ec:
22:54:75:58:87:89:72:32:19:64:ec:f4:5c:9c:19:50:f6:00:
ed:ad:b7:e3:0a:75:f7:92:c0:9e:b3:a5:52:4c:42:70:b9:9a:
c1:a5:43:23:aa:3a:c8:f7:c0:8d:4a:10:8d:a3:c7:82:ff:49:
ab:e7:9b:57:8a:1b:86:6c:e4:5d:14:a2:a6:d8:d2:17:37:87:
0a:5c:94:ff:11:9e:55:2e:57:dc:3f:e1:53:4e:8e:e3:62:6b:
10:73:fb:01:b3:0f:d4:c2:6e:ee:1f:57:4f:f6:61:d1:c2:d9:
0b:e9:c4:b6:d2:98:2c:44:32:17:03:8b:96:b5:ba:fe:86:10:
86:b5:b1:d8:f7:bd:07:6f:71:4c:30:46:24:2e:cf:f6:b2:5f:
93:90:ae:d3:26:d6:0a:c8:bf:25:22:20:17:62:0d:13:ed:55:
9f:94:23:d8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYproC75nVlNuxXQNPlXQn78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTA2MTc1MjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmNiMGZhNDY2MDU3MDlkYTMzZDk2Y2ZhYzhkYmZjZDVlNWJiNzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fpEpch8xYR+loDOkrybtWrsLiUy
dEbhxXsCsTIMJ0ORiEXya5wdi6heIorJAy/gAxLnN5d9T4NPecx4c+qBprvA73qW
YmHTcEb4HDzzxwBbScVBvwP/soes3oIEbxTLXOLgvOEqm8jiimxrnEuHoyB81j2U
pG7HKZ3JHCZJBRMH+idBRMED2jyeNn201MJ06iOOVr03NxyW2im4v8zHKTdL1dLF
aVW2OmSqIhXIWTBM70ElnTRj6PA1E3JW7hBDzItuauWIJAOb0cIFV7EdQTUi7E01
tsONMr9up96Y8FHqlc83+GVISDYtbjMFPIixmNwMrNcZIUK0BjR7XYAdyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBbLD6RmBXCdoz2Wz6yNv81eW7cCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvRnNzUHBHWUZjSjJqUFpiUHJJMl96VjVidHdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAPkzmAwQA
wjopAwQAwlfkAwQAwoceAwQAw4VRAwQAw4XCMA0GCSqGSIb3DQEBCwUAA4IBAQAv
H8ZB5wRxw6Td0p6QHAYgYlhYProETV+uKvwK18MwhNVuhi7a8f/lLxB9XDvSBGo+
joSKRlLIPoyNuoGm0pf3AzGgciD6XmK+sYkcbf6tQYYwHu6sr5qnU+wiVHVYh4ly
Mhlk7PRcnBlQ9gDtrbfjCnX3ksCes6VSTEJwuZrBpUMjqjrI98CNShCNo8eC/0mr
55tXihuGbORdFKKm2NIXN4cKXJT/EZ5VLlfcP+FTTo7jYmsQc/sBsw/Uwm7uH1dP
9mHRwtkL6cS20pgsRDIXA4uWtbr+hhCGtbHY970Hb3FMMEYkLs/2sl+TkK7TJtYK
yL8lIiAXYg0T7VWflCPY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:11 2024 by rpki-client on console-fra.rpki-client.org