Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-FokedWRZq9CGttZLH_J7whfGg.roa
File: l-FokedWRZq9CGttZLH_J7whfGg.roa (raw, json)
Hash identifier: X60+z5kJpGCVvIsSJei3P2j87wp01kQsofuExz048RQ=
Subject key identifier: 97:E1:68:91:E7:56:45:9A:BD:08:6B:6D:64:B1:FF:27:BC:21:7C:68
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018E42CA695C414DE32BE36A2E21BBCDD8DC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-FokedWRZq9CGttZLH_J7whfGg.roa
Signing time: Fri 15 Mar 2024 15:45:45 +0000
ROA not before: Fri 15 Mar 2024 15:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 193.124.16.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 15:31:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:ca:69:5c:41:4d:e3:2b:e3:6a:2e:21:bb:cd:d8:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Mar 15 15:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97e16891e756459abd086b6d64b1ff27bc217c68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:01:57:29:38:86:cc:74:1c:91:df:e4:78:32:
63:a4:6c:a1:fd:ea:58:e4:88:59:d1:b0:5f:14:c7:
7b:79:5b:ca:9d:b9:7c:17:4e:26:61:47:eb:98:bb:
1a:a5:ad:8b:18:a0:c6:3b:3a:92:84:98:7e:ce:4f:
36:7e:01:d6:db:e5:7d:ec:8e:25:2c:07:6f:05:96:
11:b9:de:53:65:a2:28:1e:fc:8a:db:fe:ab:68:30:
5c:33:b7:16:85:22:51:f4:e0:1a:e4:28:54:5f:c1:
44:77:ce:f1:4f:f2:1c:fb:9d:04:4e:03:93:37:dc:
d5:2b:2c:ac:c4:c5:0a:ea:66:f3:4c:37:0b:30:0a:
78:7e:d6:27:4d:ac:21:1d:83:e7:a0:ad:cd:7a:f9:
30:04:04:88:31:19:58:72:3f:65:bd:66:80:9e:c1:
10:42:7d:42:cb:2f:12:75:4b:2c:9a:b2:25:f6:85:
ba:d7:bf:89:b7:06:a8:08:2e:bf:89:77:b3:c8:23:
5f:04:09:ed:b8:39:90:80:71:4c:85:72:51:71:96:
db:f5:94:86:b2:e9:8f:69:99:08:85:48:cb:06:c7:
69:15:cc:de:1a:8d:bd:f4:39:6c:e3:ef:1b:19:6f:
d1:67:4e:ee:b7:65:f6:d6:50:cb:f2:d9:ad:cc:fe:
92:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E1:68:91:E7:56:45:9A:BD:08:6B:6D:64:B1:FF:27:BC:21:7C:68
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l-FokedWRZq9CGttZLH_J7whfGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.16.0/24
194.87.38.0/24
194.87.72.0/24
194.87.114.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
41:58:46:ad:ba:d5:bc:26:8b:e4:02:d6:b2:9a:aa:b6:f3:65:
db:ac:1a:f4:52:f8:71:ee:fe:3d:34:ae:d6:08:f6:08:86:25:
9f:a1:c3:4b:37:d4:46:67:c3:3d:51:96:d5:01:f3:b9:63:d0:
d7:98:45:90:81:0d:77:a1:38:6a:c2:2c:71:49:05:82:be:75:
b8:da:bc:b5:0b:d5:c4:24:0f:b3:13:11:0c:f9:83:5b:41:a3:
97:ea:6e:e2:3a:d4:c9:b2:58:1c:cd:65:e5:9c:f4:64:6b:b9:
40:0b:bb:ea:4e:92:4d:18:5b:49:78:fb:8f:b2:d7:bf:86:01:
e4:ee:ad:79:da:93:3f:42:af:90:61:4c:aa:47:8c:6e:da:77:
d3:66:fc:6b:52:8f:e3:91:1f:d8:9f:42:98:59:4f:c4:15:53:
72:32:89:2f:4c:7e:17:f3:82:ce:91:86:cc:10:61:d2:ab:42:
3c:a3:c0:81:41:08:d1:68:0b:28:c7:b5:0d:ca:37:0b:43:c9:
9d:46:c2:ff:a7:99:88:09:63:ff:ce:f5:ce:f1:2a:be:39:e8:
29:a0:ae:23:52:f0:f6:14:1e:26:b0:c5:0b:25:f8:f6:b8:0a:
9c:4d:b5:60:87:77:e5:da:e0:bb:55:c4:20:1e:6e:0d:ab:f8:
df:98:96:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY5CymlcQU3jK+NqLiG7zdjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMzE1MTU0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2UxNjg5MWU3NTY0NTlhYmQwODZiNmQ2NGIxZmYyN2JjMjE3YzY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAFXKTiGzHQckd/keDJjpGyh/epY
5IhZ0bBfFMd7eVvKnbl8F04mYUfrmLsapa2LGKDGOzqShJh+zk82fgHW2+V97I4l
LAdvBZYRud5TZaIoHvyK2/6raDBcM7cWhSJR9OAa5ChUX8FEd87xT/Ic+50ETgOT
N9zVKyysxMUK6mbzTDcLMAp4ftYnTawhHYPnoK3NevkwBASIMRlYcj9lvWaAnsEQ
Qn1Cyy8SdUssmrIl9oW617+JtwaoCC6/iXezyCNfBAntuDmQgHFMhXJRcZbb9ZSG
sumPaZkIhUjLBsdpFczeGo299Dls4+8bGW/RZ07ut2X21lDL8tmtzP6SuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJfhaJHnVkWavQhrbWSx/ye8IXxoMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbC1Gb2tlZFdSWnE5Q0d0dFpMSF9KN3doZkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwXwQAwQA
wlcmAwQAwldIAwQAwldyAwQAwld/MA0GCSqGSIb3DQEBCwUAA4IBAQBBWEatutW8
JovkAtaymqq282XbrBr0Uvhx7v49NK7WCPYIhiWfocNLN9RGZ8M9UZbVAfO5Y9DX
mEWQgQ13oThqwixxSQWCvnW42ry1C9XEJA+zExEM+YNbQaOX6m7iOtTJslgczWXl
nPRka7lAC7vqTpJNGFtJePuPste/hgHk7q152pM/Qq+QYUyqR4xu2nfTZvxrUo/j
kR/Yn0KYWU/EFVNyMokvTH4X84LOkYbMEGHSq0I8o8CBQQjRaAsox7UNyjcLQ8md
RsL/p5mICWP/zvXO8Sq+OegpoK4jUvD2FB4msMULJfj2uAqcTbVgh3fl2uC7VcQg
Hm4Nq/jfmJZ1
-----END CERTIFICATE-----
Generated at Wed Apr 3 19:36:04 2024 by rpki-client on console-ams.rpki-client.org