Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fpXKilXJ1JmE-PgnSkM_cFdVnnc.roa
File: fpXKilXJ1JmE-PgnSkM_cFdVnnc.roa (raw, json)
Hash identifier: jVg6wSiKqKMpFFo7BkE7XOtXQxKS0/5ZIdjQSoWVxl8=
Subject key identifier: 7E:95:CA:8A:55:C9:D4:99:84:F8:F8:27:4A:43:3F:70:57:55:9E:77
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188330EE8B0F09F98F6C7D9C8627F5149F1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fpXKilXJ1JmE-PgnSkM_cFdVnnc.roa
Signing time: Fri 19 May 2023 08:09:55 +0000
ROA not before: Fri 19 May 2023 08:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 2.59.255.0/24 maxlen: 24
2.59.254.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
93.123.118.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 May 2023 21:26:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:0e:e8:b0:f0:9f:98:f6:c7:d9:c8:62:7f:51:49:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 08:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e95ca8a55c9d49984f8f8274a433f7057559e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:32:fd:60:9a:73:49:19:b8:64:09:d7:1f:5a:
1b:75:69:e6:d0:15:05:04:32:f6:c6:40:a1:75:fc:
8b:9e:cd:66:f4:6c:2a:4c:8b:e2:ce:2c:b6:62:26:
ec:af:38:b4:47:ff:9b:0d:0c:62:f1:68:e9:1e:79:
6d:bc:89:dc:9b:d4:68:0e:d2:f5:bc:39:88:2a:85:
f7:89:4f:15:cb:9e:c0:da:0c:d6:c8:da:93:9e:b2:
4b:86:8c:91:3a:cb:95:18:10:d4:ea:3b:d9:81:66:
c9:1b:4b:b4:60:9a:dd:ff:da:87:d8:db:1d:77:01:
db:78:88:62:48:2e:5a:69:fb:e8:05:f6:8b:f6:24:
7f:f6:6f:25:09:6d:00:4b:be:5e:8d:83:2b:39:18:
8b:99:9a:9a:8c:c2:a0:f9:4d:a2:c3:90:e2:73:5e:
9b:e7:b1:64:f4:42:37:82:eb:31:b9:1d:7c:2b:c5:
9f:d2:03:fa:c8:88:62:53:ae:3c:4b:00:24:52:86:
63:90:8d:03:a9:ce:c1:ee:0a:f4:81:ca:d8:5d:69:
bb:bd:44:9a:aa:35:57:0f:fa:58:0f:56:cb:7e:9b:
da:6f:c5:6c:4c:76:7a:1b:fc:be:68:59:1d:e1:e3:
a8:b5:dd:a1:a8:84:45:f3:21:4d:8c:4f:e1:f3:76:
e2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:95:CA:8A:55:C9:D4:99:84:F8:F8:27:4A:43:3F:70:57:55:9E:77
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fpXKilXJ1JmE-PgnSkM_cFdVnnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/23
79.110.49.0/24
87.120.84.0/24
87.120.88.0/24
93.123.118.0/24
94.156.102.0/24
147.78.103.0/24
185.246.220.0/24
Signature Algorithm: sha256WithRSAEncryption
80:c2:b7:66:2b:5b:90:08:96:d3:43:44:4e:ce:3b:b0:3d:d6:
85:ed:a8:b0:a2:0a:38:92:0c:38:28:e0:8f:c3:f9:4a:7c:a6:
3c:62:b5:e6:fc:7a:24:e6:03:e7:e5:6b:2d:3b:17:4d:3b:41:
09:a1:90:96:9b:42:bf:c3:d7:45:0d:ca:80:b5:7e:0c:d2:b6:
42:de:f2:ef:65:ad:ab:b2:ce:01:40:20:fb:e4:6e:b1:b8:e7:
a7:29:07:3a:a0:49:d3:82:fe:e8:81:2e:4e:b4:75:c4:13:36:
f7:66:d2:3c:e0:7c:1e:40:1f:6f:a7:3c:fc:19:60:23:5f:bf:
54:c5:70:e4:02:40:ea:03:95:7a:67:19:3f:02:ce:cc:44:a2:
c3:70:7c:61:83:d5:21:27:ea:2a:54:46:ed:31:00:de:1b:74:
d3:49:93:20:d5:29:42:68:81:d0:2c:51:3e:71:12:07:7b:ad:
da:12:e3:7e:36:e0:b5:45:a2:02:ab:fa:fa:02:80:d4:96:d7:
fb:27:9b:ea:27:17:13:28:8a:bc:49:cd:3a:39:ec:22:a7:ee:
dd:ed:ef:b0:2f:d3:fe:9a:49:cc:85:e1:99:db:c2:49:48:49:
03:4c:f7:1d:2f:a3:56:9d:7a:cf:2a:26:85:6e:01:39:fb:8b:
6a:96:20:65
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgzDuiw8J+Y9sfZyGJ/UUnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk1Y2E4YTU1YzlkNDk5ODRmOGY4Mjc0YTQzM2Y3MDU3NTU5ZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTL9YJpzSRm4ZAnXH1obdWnm0BUF
BDL2xkChdfyLns1m9GwqTIviziy2Yibsrzi0R/+bDQxi8WjpHnltvIncm9RoDtL1
vDmIKoX3iU8Vy57A2gzWyNqTnrJLhoyROsuVGBDU6jvZgWbJG0u0YJrd/9qH2Nsd
dwHbeIhiSC5aafvoBfaL9iR/9m8lCW0AS75ejYMrORiLmZqajMKg+U2iw5Dic16b
57Fk9EI3gusxuR18K8Wf0gP6yIhiU648SwAkUoZjkI0Dqc7B7gr0gcrYXWm7vUSa
qjVXD/pYD1bLfpvab8VsTHZ6G/y+aFkd4eOotd2hqIRF8yFNjE/h83bizwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFH6VyopVydSZhPj4J0pDP3BXVZ53MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZnBYS2lsWEoxSm1FLVBnblNrTV9jRmRWbm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBAjv+AwQA
T24xAwQAV3hUAwQAV3hYAwQAXXt2AwQAXpxmAwQAk05nAwQAufbcMA0GCSqGSIb3
DQEBCwUAA4IBAQCAwrdmK1uQCJbTQ0ROzjuwPdaF7aiwogo4kgw4KOCPw/lKfKY8
YrXm/Hok5gPn5WstOxdNO0EJoZCWm0K/w9dFDcqAtX4M0rZC3vLvZa2rss4BQCD7
5G6xuOenKQc6oEnTgv7ogS5OtHXEEzb3ZtI84HweQB9vpzz8GWAjX79UxXDkAkDq
A5V6Zxk/As7MRKLDcHxhg9UhJ+oqVEbtMQDeG3TTSZMg1SlCaIHQLFE+cRIHe63a
EuN+NuC1RaICq/r6AoDUltf7J5vqJxcTKIq8Sc06Oewip+7d7e+wL9P+mknMheGZ
28JJSEkDTPcdL6NWnXrPKiaFbgE5+4tqliBl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:39 2024 by rpki-client on console-ams.rpki-client.org