Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fplqZjqBCMo_Msx8ycpzgR40SxU.roa
File: fplqZjqBCMo_Msx8ycpzgR40SxU.roa (raw, json)
Hash identifier: BP9fGs5J8TXFM+OtsUaAquIxEJvRfnOr5bU1+imNCNc=
Subject key identifier: 7E:99:6A:66:3A:81:08:CA:3F:32:CC:7C:C9:CA:73:81:1E:34:4B:15
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01856F26D94957C8FA35EBE131C09A7F2F8F
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fplqZjqBCMo_Msx8ycpzgR40SxU.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2895
IP address blocks: 185.103.100.0/22 maxlen: 22
147.45.0.0/16 maxlen: 16
193.233.4.0/24 maxlen: 24
193.233.0.0/22 maxlen: 22
193.233.10.0/23 maxlen: 23
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:d9:49:57:c8:fa:35:eb:e1:31:c0:9a:7f:2f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e996a663a8108ca3f32cc7cc9ca73811e344b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1b:ac:2e:20:ab:b5:06:0e:36:33:0a:ca:0e:
04:fc:84:65:1e:19:0f:49:62:df:ad:b6:93:ea:c3:
77:ea:c0:95:71:43:7b:0a:7e:09:98:98:6e:6f:6b:
19:0a:b5:dc:f4:dd:e6:dd:12:29:80:84:0e:1f:02:
cf:ff:27:05:ab:42:b4:e4:98:af:6a:86:41:ba:0b:
b0:77:f2:e0:44:44:4a:5c:5a:2b:3c:1a:49:90:62:
fc:ab:4e:68:66:e6:17:40:34:67:38:63:b6:81:bf:
09:18:a3:cf:69:b3:c7:5e:ad:f1:59:0a:a8:1f:27:
44:81:e8:96:8b:ec:37:34:50:45:a2:62:f3:31:c1:
5b:0a:10:7c:12:3d:9c:52:5e:32:95:d1:7f:1e:c1:
7e:23:2e:d5:51:4f:08:a5:b2:8c:20:da:ba:af:2c:
03:a8:14:4f:f6:0b:75:f7:9c:dd:4f:8d:95:37:43:
2b:62:d2:2f:3c:8e:fa:32:ff:db:b4:18:fa:63:dc:
f9:ac:0e:f8:46:1d:e4:98:f6:2b:04:07:4c:ca:93:
fe:ef:15:8b:0b:41:39:1d:81:35:45:7b:0c:bd:01:
3e:05:ab:4b:8b:87:d8:36:99:c1:3e:dc:62:ba:54:
5a:13:1b:9e:56:62:ff:74:cc:72:d9:2f:4f:04:f9:
bd:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:99:6A:66:3A:81:08:CA:3F:32:CC:7C:C9:CA:73:81:1E:34:4B:15
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/fplqZjqBCMo_Msx8ycpzgR40SxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0/16
185.103.100.0/22
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
39:a8:c0:b0:6f:30:ee:36:11:40:fc:9c:39:b4:6c:6a:0c:f8:
14:4a:a9:18:da:40:0f:a4:2d:80:22:18:a7:00:b2:b0:84:3b:
b5:3d:d6:b6:4c:d2:0b:ee:b5:54:9a:d1:20:92:ad:fb:bc:b9:
d7:a0:a2:1f:0b:a1:6c:69:53:5f:81:5e:02:af:26:77:7e:2d:
b5:91:af:f6:67:8d:99:09:48:a1:0d:98:70:04:9e:47:c1:92:
7a:3d:e7:42:8a:e0:f4:df:48:c9:b9:79:df:fd:fd:e5:7f:8a:
b2:db:2d:8e:eb:b9:af:95:04:84:75:2e:59:6c:b3:94:e5:bc:
e4:04:c8:24:77:0f:12:a6:00:bd:89:5b:84:ae:97:46:0e:e0:
3c:54:8c:96:68:b9:b2:3f:62:26:78:48:1e:c3:a3:2a:1a:0d:
6f:94:1e:bc:7a:50:b2:7a:97:35:2d:f4:da:b7:42:32:fe:c7:
03:01:93:bd:b8:b6:27:76:a1:f4:15:a3:5e:4c:e4:dc:01:53:
94:31:e3:f1:df:a1:8c:31:24:42:a6:92:e7:83:47:f5:16:f7:
6a:a2:c8:05:d7:83:30:6b:49:db:b3:a9:db:5d:d6:f5:83:dc:
aa:88:14:5d:b8:d6:38:98:e5:e2:ce:af:13:63:b7:d7:e9:7f:
36:1f:44:4a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVvJtlJV8j6NevhMcCafy+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTk5NmE2NjNhODEwOGNhM2YzMmNjN2NjOWNhNzM4MTFlMzQ0YjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBusLiCrtQYONjMKyg4E/IRlHhkP
SWLfrbaT6sN36sCVcUN7Cn4JmJhub2sZCrXc9N3m3RIpgIQOHwLP/ycFq0K05Jiv
aoZBuguwd/LgRERKXForPBpJkGL8q05oZuYXQDRnOGO2gb8JGKPPabPHXq3xWQqo
HydEgeiWi+w3NFBFomLzMcFbChB8Ej2cUl4yldF/HsF+Iy7VUU8IpbKMINq6rywD
qBRP9gt195zdT42VN0MrYtIvPI76Mv/btBj6Y9z5rA74Rh3kmPYrBAdMypP+7xWL
C0E5HYE1RXsMvQE+BatLi4fYNpnBPtxiulRaExueVmL/dMxy2S9PBPm99QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFH6ZamY6gQjKPzLMfMnKc4EeNEsVMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvZnBscVpqcUJDTW9fTXN4OHljcHpnUjQwU3hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwMAky0DBAK5
Z2QwCwMDAMHpAwQAwekEAwQAwekIAwQBwekKMA0EAgACMAcDBQAgAQZAMA0GCSqG
SIb3DQEBCwUAA4IBAQA5qMCwbzDuNhFA/Jw5tGxqDPgUSqkY2kAPpC2AIhinALKw
hDu1Pda2TNIL7rVUmtEgkq37vLnXoKIfC6FsaVNfgV4CryZ3fi21ka/2Z42ZCUih
DZhwBJ5HwZJ6PedCiuD030jJuXnf/f3lf4qy2y2O67mvlQSEdS5ZbLOU5bzkBMgk
dw8SpgC9iVuErpdGDuA8VIyWaLmyP2ImeEgew6MqGg1vlB68elCyepc1LfTat0Iy
/scDAZO9uLYndqH0FaNeTOTcAVOUMePx36GMMSRCppLng0f1FvdqosgF14Mwa0nb
s6nbXdb1g9yqiBRduNY4mOXizq8TY7fX6X82H0RK
-----END CERTIFICATE-----
Generated at Wed Sep 13 09:01:36 2023 by rpki-client on console-ams.rpki-client.org