Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/FQ2uFxWbHt13RyecjXu98nbxddI.roa
File: FQ2uFxWbHt13RyecjXu98nbxddI.roa (raw, json)
Hash identifier: cDpRw2Rqlgq6Pe/xxeCWhLzVF8ThOZRZrBzKxz5DyDg=
Subject key identifier: 15:0D:AE:17:15:9B:1E:DD:77:47:27:9C:8D:7B:BD:F2:76:F1:75:D2
Certificate issuer: /CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Certificate serial: 0185729EBD0E59FF2EE80C250A2834D71793
Authority key identifier: 82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/FQ2uFxWbHt13RyecjXu98nbxddI.roa
Signing time: Mon 02 Jan 2023 13:14:43 +0000
ROA not before: Mon 02 Jan 2023 13:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213035
IP address blocks: 193.56.104.0/24 maxlen: 24
193.56.105.0/24 maxlen: 24
185.37.33.0/24 maxlen: 24
185.37.34.0/24 maxlen: 24
185.37.35.0/24 maxlen: 24
185.37.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:bd:0e:59:ff:2e:e8:0c:25:0a:28:34:d7:17:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b136e6820d94f03b1c5d71eee3d4b22191528f
Validity
Not Before: Jan 2 13:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=150dae17159b1edd7747279c8d7bbdf276f175d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:01:b8:80:f0:74:ba:6f:13:0f:1f:7e:03:66:
eb:84:51:42:0e:1e:ca:7c:95:13:6b:0e:6f:0c:2e:
28:ef:97:76:e9:c7:37:18:57:80:c0:ad:fd:ac:a6:
f4:51:64:48:21:66:bc:8e:1f:cc:89:11:2d:d6:34:
8f:72:3f:f8:aa:5f:4a:ce:7d:70:57:54:53:5a:02:
a7:39:59:ca:53:4a:8d:22:5e:be:7c:16:45:0f:65:
9f:b9:f4:f2:42:2a:23:5f:85:06:21:37:35:57:03:
16:a5:c3:df:18:54:06:46:f2:cb:ba:02:fd:54:eb:
6b:2c:c4:a0:00:6e:8e:f5:55:12:4f:78:00:05:87:
5d:ec:1b:0e:61:0f:1b:fa:20:2c:57:a4:10:e1:e4:
5a:2b:6f:6e:15:94:56:47:e1:38:ee:4f:b4:ff:86:
0d:ac:e7:4f:69:d8:4f:33:30:9a:a7:ef:c1:d7:7c:
66:86:5b:61:85:30:23:60:28:ce:f6:5d:6c:2f:f3:
5b:94:45:2e:5d:93:c7:c0:d8:86:3e:26:be:a2:07:
b3:92:68:3a:54:0d:68:24:33:09:11:37:b2:be:f0:
a0:83:c8:7c:e5:45:3b:57:97:9a:fb:ee:c5:83:7f:
fa:11:0e:5a:c7:be:25:d5:63:70:ed:ba:f3:19:f3:
10:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0D:AE:17:15:9B:1E:DD:77:47:27:9C:8D:7B:BD:F2:76:F1:75:D2
X509v3 Authority Key Identifier:
keyid:82:B1:36:E6:82:0D:94:F0:3B:1C:5D:71:EE:E3:D4:B2:21:91:52:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grE25oINlPA7HF1x7uPUsiGRUo8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/FQ2uFxWbHt13RyecjXu98nbxddI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/22112e-4e13-43d0-9eb1-0da3caa91429/1/grE25oINlPA7HF1x7uPUsiGRUo8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.32.0/22
193.56.104.0/23
Signature Algorithm: sha256WithRSAEncryption
26:4c:9f:11:f8:27:17:4f:30:07:63:d9:80:3b:95:32:8e:f2:
c7:fe:0e:6c:47:72:18:8b:fa:09:14:28:54:4b:fa:8f:0d:6d:
a8:48:56:40:02:43:d1:21:bf:a9:19:9b:70:5a:69:1f:08:f2:
1e:05:de:5e:b7:76:79:80:3c:c9:14:10:ee:78:cd:c2:49:7f:
a6:05:65:9c:0c:54:1a:0f:61:65:d1:cf:d4:46:f7:fd:bd:5e:
99:af:7a:b0:a7:c4:4e:67:03:ca:00:fb:4c:04:38:8b:3e:6e:
a3:23:9d:71:d9:1f:42:b2:e3:6c:3e:c8:e9:0e:55:3b:f5:2d:
8b:ff:a6:90:a6:e7:17:f8:0e:ec:13:8d:5d:3e:94:45:97:b8:
5d:4c:b0:a4:23:fd:22:2c:5d:bd:12:0c:ca:79:38:5e:7c:87:
ea:3a:8f:74:30:0c:89:6d:7a:9a:45:98:46:28:aa:8b:7d:f4:
71:db:1e:43:85:b5:38:43:b5:b2:be:50:f8:aa:53:ca:d7:e5:
7a:d9:de:c3:86:4f:69:72:61:d8:34:aa:fa:a0:37:fe:d1:7e:
be:2f:b1:62:a7:15:27:0f:70:04:b6:73:2b:e0:85:cd:4d:d3:
bf:f7:db:36:6f:07:88:3a:68:69:e7:09:87:a7:fb:9e:b0:31:
39:c9:60:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVynr0OWf8u6AwlCig01xeTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjEzNmU2ODIwZDk0ZjAzYjFjNWQ3MWVlZTNkNGIyMjE5
MTUyOGYwHhcNMjMwMTAyMTMxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBkYWUxNzE1OWIxZWRkNzc0NzI3OWM4ZDdiYmRmMjc2ZjE3NWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQG4gPB0um8TDx9+A2brhFFCDh7K
fJUTaw5vDC4o75d26cc3GFeAwK39rKb0UWRIIWa8jh/MiREt1jSPcj/4ql9Kzn1w
V1RTWgKnOVnKU0qNIl6+fBZFD2WfufTyQiojX4UGITc1VwMWpcPfGFQGRvLLugL9
VOtrLMSgAG6O9VUST3gABYdd7BsOYQ8b+iAsV6QQ4eRaK29uFZRWR+E47k+0/4YN
rOdPadhPMzCap+/B13xmhlthhTAjYCjO9l1sL/NblEUuXZPHwNiGPia+ogezkmg6
VA1oJDMJETeyvvCgg8h85UU7V5ea++7Fg3/6EQ5ax74l1WNw7brzGfMQGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBUNrhcVmx7dd0cnnI17vfJ28XXSMB8GA1UdIwQY
MBaAFIKxNuaCDZTwOxxdce7j1LIhkVKPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEt
MGRhM2NhYTkxNDI5LzEvRlEydUZ4V2JIdDEzUnllY2pYdTk4bmJ4ZGRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8yMjExMmUtNGUxMy00M2QwLTllYjEtMGRhM2NhYTkxNDI5
LzEvZ3JFMjVvSU5sUEE3SEYxeDd1UFVzaUdSVW84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuSUgAwQB
wThoMA0GCSqGSIb3DQEBCwUAA4IBAQAmTJ8R+CcXTzAHY9mAO5UyjvLH/g5sR3IY
i/oJFChUS/qPDW2oSFZAAkPRIb+pGZtwWmkfCPIeBd5et3Z5gDzJFBDueM3CSX+m
BWWcDFQaD2Fl0c/URvf9vV6Zr3qwp8ROZwPKAPtMBDiLPm6jI51x2R9CsuNsPsjp
DlU79S2L/6aQpucX+A7sE41dPpRFl7hdTLCkI/0iLF29EgzKeThefIfqOo90MAyJ
bXqaRZhGKKqLffRx2x5DhbU4Q7WyvlD4qlPK1+V62d7Dhk9pcmHYNKr6oDf+0X6+
L7FipxUnD3AEtnMr4IXNTdO/99s2bweIOmhp5wmHp/uesDE5yWCr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:07 2024 by rpki-client on console-ams.rpki-client.org