Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FDzN6m4R0uIgL-H8248KxECKGuw.roa
File: FDzN6m4R0uIgL-H8248KxECKGuw.roa (raw, json)
Hash identifier: MhX1+OkcC5KurwsZlTBDgn898IKykEdNbEM8H3zLvE4=
Subject key identifier: 14:3C:CD:EA:6E:11:D2:E2:20:2F:E1:FC:DB:8F:0A:C4:40:8A:1A:EC
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018A652AA582EA1899B312D48D218887A711
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FDzN6m4R0uIgL-H8248KxECKGuw.roa
Signing time: Tue 05 Sep 2023 11:46:48 +0000
ROA not before: Tue 05 Sep 2023 11:46:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 85.121.148.0/23 maxlen: 24
217.156.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 12:50:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:2a:a5:82:ea:18:99:b3:12:d4:8d:21:88:87:a7:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Sep 5 11:46:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=143ccdea6e11d2e2202fe1fcdb8f0ac4408a1aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1a:4a:65:5c:b5:32:b5:5d:7f:c5:39:ea:c3:
b1:b4:2f:15:f4:9f:0d:db:62:ed:aa:1c:6f:07:cd:
48:65:38:bf:08:e3:66:08:91:c8:1a:57:66:d0:3f:
a1:0a:54:d6:8e:2a:06:5f:a8:02:3a:07:1e:5a:c4:
61:93:38:7b:41:4d:9e:07:f0:a9:ef:89:b5:51:de:
87:68:a4:ca:d4:6a:6d:ca:d2:11:98:e4:04:ca:b4:
a5:d6:bc:ee:34:7a:95:1c:93:9b:1e:de:65:75:79:
58:88:d0:80:3c:fe:f3:6f:b8:26:1d:40:8c:df:1d:
fd:6f:d8:3d:18:a1:02:3c:da:57:08:cd:d3:0c:37:
8b:e0:02:2e:27:29:79:f7:43:35:e7:1d:03:49:f8:
d2:ac:e5:91:c0:37:53:23:d8:cf:67:08:80:3a:ca:
a5:6c:9f:57:c0:10:24:61:1e:55:8a:e8:bd:91:7e:
fc:89:5f:45:e3:dd:6e:f4:7e:f8:11:97:cc:09:f3:
96:f6:33:46:26:9d:af:0e:af:49:86:1b:a5:49:03:
fb:09:23:7d:ca:43:23:eb:48:8f:c9:d2:c7:ea:50:
37:f9:c4:b2:2b:40:a4:c8:cf:70:99:f9:26:24:56:
cf:80:31:f8:31:72:48:cf:9c:8e:15:e9:4a:08:21:
bd:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3C:CD:EA:6E:11:D2:E2:20:2F:E1:FC:DB:8F:0A:C4:40:8A:1A:EC
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FDzN6m4R0uIgL-H8248KxECKGuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.148.0/23
217.156.84.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:08:98:96:2d:55:38:72:35:05:63:91:6e:fe:3e:80:21:51:
9c:78:6f:e6:d0:2f:de:73:a9:88:d2:09:a6:ae:bd:e0:e6:c5:
46:98:d1:d0:b9:65:f0:31:09:b3:ee:4b:61:12:19:75:dc:47:
3e:bd:c1:2b:e6:75:5f:92:96:56:c3:9d:80:2f:6c:a2:99:73:
ce:91:91:a3:98:90:31:10:65:9f:d0:88:3a:cd:59:1f:92:6f:
01:32:0d:70:f7:45:e7:3b:fb:bc:0e:eb:c8:78:25:8a:4d:cc:
02:b4:29:c8:5b:44:a9:b0:49:e6:61:1e:60:ee:79:16:4d:96:
30:f8:91:8c:16:ac:a9:df:be:aa:3f:15:60:bd:8b:a4:e9:bb:
92:d5:cc:fe:05:bd:5d:21:8c:d7:11:50:56:3c:ca:54:85:c8:
93:89:34:2f:41:85:b7:fa:b8:d0:35:29:0f:fb:9b:3d:36:3b:
a2:29:b2:11:50:4a:86:79:94:02:b2:92:0b:b8:47:08:73:17:
55:04:6f:48:6a:3c:67:ff:d7:f8:21:5b:91:1c:d1:33:85:f5:
20:0e:33:fe:70:4c:49:8d:b8:d2:4b:97:3d:33:d6:a0:18:26:
ec:04:60:d9:e0:09:c9:9f:4c:d6:0e:50:cb:0d:1f:3b:8f:b2:
02:22:37:39
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYplKqWC6hiZsxLUjSGIh6cRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwOTA1MTE0NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNjY2RlYTZlMTFkMmUyMjAyZmUxZmNkYjhmMGFjNDQwOGExYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hpKZVy1MrVdf8U56sOxtC8V9J8N
22LtqhxvB81IZTi/CONmCJHIGldm0D+hClTWjioGX6gCOgceWsRhkzh7QU2eB/Cp
74m1Ud6HaKTK1GptytIRmOQEyrSl1rzuNHqVHJObHt5ldXlYiNCAPP7zb7gmHUCM
3x39b9g9GKECPNpXCM3TDDeL4AIuJyl590M15x0DSfjSrOWRwDdTI9jPZwiAOsql
bJ9XwBAkYR5Viui9kX78iV9F491u9H74EZfMCfOW9jNGJp2vDq9JhhulSQP7CSN9
ykMj60iPydLH6lA3+cSyK0CkyM9wmfkmJFbPgDH4MXJIz5yOFelKCCG9lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBQ8zepuEdLiIC/h/NuPCsRAihrsMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvRkR6TjZtNFIwdUlnTC1IODI0OEt4RUNLR3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXmUAwQA
2ZxUMA0GCSqGSIb3DQEBCwUAA4IBAQBqCJiWLVU4cjUFY5Fu/j6AIVGceG/m0C/e
c6mI0gmmrr3g5sVGmNHQuWXwMQmz7kthEhl13Ec+vcEr5nVfkpZWw52AL2yimXPO
kZGjmJAxEGWf0Ig6zVkfkm8BMg1w90XnO/u8DuvIeCWKTcwCtCnIW0SpsEnmYR5g
7nkWTZYw+JGMFqyp376qPxVgvYuk6buS1cz+Bb1dIYzXEVBWPMpUhciTiTQvQYW3
+rjQNSkP+5s9NjuiKbIRUEqGeZQCspILuEcIcxdVBG9Iajxn/9f4IVuRHNEzhfUg
DjP+cExJjbjSS5c9M9agGCbsBGDZ4AnJn0zWDlDLDR87j7ICIjc5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:04 2024 by rpki-client on console-ams.rpki-client.org