Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/FujRawAiBlKokLakNff_S5v6AAY.roa
File: FujRawAiBlKokLakNff_S5v6AAY.roa (raw, json)
Hash identifier: ZUpwWtBa3JXQhTmBshiensIsihwoUa3QRduqPIBG3Aw=
Subject key identifier: 16:E8:D1:6B:00:22:06:52:A8:90:B6:A4:35:F7:FF:4B:9B:FA:00:06
Certificate issuer: /CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Certificate serial: 0187B1F6465ACD30FD7A1D8889D66C1464C9
Authority key identifier: EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/FujRawAiBlKokLakNff_S5v6AAY.roa
Signing time: Mon 24 Apr 2023 06:31:59 +0000
ROA not before: Mon 24 Apr 2023 06:31:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52125
IP address blocks: 193.32.179.0/24 maxlen: 24
193.32.178.0/24 maxlen: 24
193.32.177.0/24 maxlen: 24
185.236.23.0/24 maxlen: 24
185.236.22.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b1:f6:46:5a:cd:30:fd:7a:1d:88:89:d6:6c:14:64:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf7ca9ffafe72a30966f7e43d92b58e774ce741
Validity
Not Before: Apr 24 06:31:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16e8d16b00220652a890b6a435f7ff4b9bfa0006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2e:a3:28:88:7b:19:c5:cb:25:39:b9:92:58:
e1:03:3f:07:a7:c9:ad:c6:77:53:9c:70:4c:08:b1:
3f:55:e4:bc:9d:48:1b:93:04:b1:70:bc:0e:73:f4:
6a:f9:c7:1f:94:97:01:3f:8a:34:70:e8:a8:02:22:
d2:fe:04:e8:e6:d8:06:fb:47:c5:62:96:01:85:87:
d0:f0:20:3e:51:68:34:4c:47:fb:23:98:96:fd:05:
9d:2d:94:ab:a1:6d:2d:73:b0:de:0f:70:9e:f5:56:
0d:30:64:56:e1:e2:ea:0a:85:6d:92:3e:f8:47:01:
4a:7f:b5:7e:d6:e4:b5:c3:2e:e8:a1:01:5c:b2:17:
39:b5:d2:c4:7a:d9:5a:74:17:9d:06:dd:9f:9c:45:
7d:88:c4:1f:50:14:73:07:96:33:03:c9:bc:a2:2c:
00:75:48:74:f7:f0:71:e9:0b:3e:7f:9c:9a:b8:dd:
3c:65:a1:9d:98:6d:34:ab:83:51:4f:7d:a1:35:f8:
04:cf:d3:99:82:e1:ac:fe:62:3e:2b:68:9a:f4:88:
13:50:c4:6e:34:36:59:1c:80:ed:20:de:71:42:bb:
eb:1c:7b:0e:67:01:39:15:e1:ed:14:ba:ab:9a:36:
51:a2:02:47:a1:54:49:79:7d:d4:3d:c3:b2:13:5e:
27:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E8:D1:6B:00:22:06:52:A8:90:B6:A4:35:F7:FF:4B:9B:FA:00:06
X509v3 Authority Key Identifier:
keyid:EC:F7:CA:9F:FA:FE:72:A3:09:66:F7:E4:3D:92:B5:8E:77:4C:E7:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PfKn_r-cqMJZvfkPZK1jndM50E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/FujRawAiBlKokLakNff_S5v6AAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/32779d-3656-44c0-8ab5-981fbb3442dd/1/7PfKn_r-cqMJZvfkPZK1jndM50E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.22.0/23
193.32.177.0-193.32.179.255
Signature Algorithm: sha256WithRSAEncryption
15:14:11:45:b2:d1:ff:5b:44:23:ef:f2:82:ba:f0:e5:73:87:
9f:af:e1:62:09:a0:60:00:98:a6:61:9b:ff:fb:f6:65:03:47:
6f:17:ee:a2:c6:ac:d4:0e:e1:ad:ed:01:cb:e6:8c:ac:87:2f:
03:46:88:9a:13:b1:6a:17:4d:15:23:39:c6:3e:29:bd:00:c6:
8b:a1:eb:6f:20:27:e5:16:34:7b:4b:b2:1a:56:56:a7:7a:c2:
3d:b2:ff:c5:46:41:87:10:c9:75:4c:d6:39:e4:cb:8f:ab:b3:
8c:4a:41:bc:53:c7:39:82:7d:f3:ac:15:8c:02:aa:21:3b:06:
67:4c:03:43:97:45:b9:7c:84:7e:f6:b0:de:f8:10:62:bd:81:
dd:e9:fb:af:80:00:af:da:5e:66:7a:32:39:f4:27:60:3b:fe:
56:8d:b3:f7:f0:4f:8f:4b:86:25:71:d3:39:ee:3b:aa:e9:53:
6e:eb:80:66:3f:f8:e1:50:f9:db:fb:06:ad:66:e5:ec:cd:ae:
f0:aa:58:7e:4a:e6:58:a8:f1:f5:7f:d1:93:4f:5b:cc:ab:d5:
95:4b:13:d5:c0:78:03:91:3d:2a:ac:85:f6:3e:e8:41:2a:43:
54:52:ef:b6:75:ff:7c:11:d3:17:ea:0c:dc:a9:7a:0d:57:b1:
5d:b1:a7:09
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYex9kZazTD9eh2IidZsFGTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjdjYTlmZmFmZTcyYTMwOTY2ZjdlNDNkOTJiNThlNzc0
Y2U3NDEwHhcNMjMwNDI0MDYzMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmU4ZDE2YjAwMjIwNjUyYTg5MGI2YTQzNWY3ZmY0YjliZmEwMDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAri6jKIh7GcXLJTm5kljhAz8Hp8mt
xndTnHBMCLE/VeS8nUgbkwSxcLwOc/Rq+ccflJcBP4o0cOioAiLS/gTo5tgG+0fF
YpYBhYfQ8CA+UWg0TEf7I5iW/QWdLZSroW0tc7DeD3Ce9VYNMGRW4eLqCoVtkj74
RwFKf7V+1uS1wy7ooQFcshc5tdLEetladBedBt2fnEV9iMQfUBRzB5YzA8m8oiwA
dUh09/Bx6Qs+f5yauN08ZaGdmG00q4NRT32hNfgEz9OZguGs/mI+K2ia9IgTUMRu
NDZZHIDtIN5xQrvrHHsOZwE5FeHtFLqrmjZRogJHoVRJeX3UPcOyE14n5wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBbo0WsAIgZSqJC2pDX3/0ub+gAGMB8GA1UdIwQY
MBaAFOz3yp/6/nKjCWb35D2StY53TOdBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUt
OTgxZmJiMzQ0MmRkLzEvRnVqUmF3QWlCbEtva0xha05mZl9TNXY2QUFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zMjc3OWQtMzY1Ni00NGMwLThhYjUtOTgxZmJiMzQ0MmRk
LzEvN1BmS25fci1jcU1KWnZma1BaSzFqbmRNNTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBuewWMAwD
BADBILEDBALBILAwDQYJKoZIhvcNAQELBQADggEBABUUEUWy0f9bRCPv8oK68OVz
h5+v4WIJoGAAmKZhm//79mUDR28X7qLGrNQO4a3tAcvmjKyHLwNGiJoTsWoXTRUj
OcY+Kb0Axouh628gJ+UWNHtLshpWVqd6wj2y/8VGQYcQyXVM1jnky4+rs4xKQbxT
xzmCffOsFYwCqiE7BmdMA0OXRbl8hH72sN74EGK9gd3p+6+AAK/aXmZ6Mjn0J2A7
/laNs/fwT49LhiVx0znuO6rpU27rgGY/+OFQ+dv7Bq1m5ezNrvCqWH5K5lio8fV/
0ZNPW8yr1ZVLE9XAeAORPSqshfY+6EEqQ1RS77Z1/3wR0xfqDNypeg1XsV2xpwk=
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:00 2024 by rpki-client on console-fra.rpki-client.org