Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FOYPuQjxMVJvpq8kwgSLOhOCq2U.roa
File: FOYPuQjxMVJvpq8kwgSLOhOCq2U.roa (raw, json)
Hash identifier: 1FQe98xfiLb+2YTXFwGRdBTWzdKrMo+iQlsuXlV8egI=
Subject key identifier: 14:E6:0F:B9:08:F1:31:52:6F:A6:AF:24:C2:04:8B:3A:13:82:AB:65
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14EFF9A8BE37F73E92C801E030C627
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FOYPuQjxMVJvpq8kwgSLOhOCq2U.roa
Signing time: Sun 01 Jan 2023 20:45:21 +0000
ROA not before: Sun 01 Jan 2023 20:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20616
IP address blocks: 85.120.17.0/24 maxlen: 24
85.120.16.0/24 maxlen: 24
193.226.68.0/22 maxlen: 24
81.180.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jan 2023 13:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ef:f9:a8:be:37:f7:3e:92:c8:01:e0:30:c6:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14e60fb908f131526fa6af24c2048b3a1382ab65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:05:3d:c1:8a:b6:14:c6:f9:85:4f:ad:09:2e:
a8:a4:ee:dc:62:8f:ad:94:dc:99:be:6b:6c:b7:53:
41:cb:3d:aa:54:fe:d8:8d:03:18:57:aa:09:9e:3f:
b6:5b:ef:71:34:fd:e3:87:b1:b1:c7:6f:8a:a6:08:
10:9c:ff:b2:a1:3f:03:b4:5d:95:54:3c:e5:f2:2d:
94:15:8a:38:24:32:21:03:bb:29:63:29:0f:39:6f:
94:b1:45:b3:bd:63:b2:a7:fd:34:9b:f5:d8:8f:b0:
a9:57:bb:96:dc:41:32:22:54:0b:cb:d9:c2:de:77:
29:3a:3b:9e:5a:bf:4f:14:92:b6:1b:f6:23:82:43:
30:9f:af:cf:cf:53:8f:ca:1f:bd:c4:e8:e1:b3:9f:
18:f8:a9:dd:cf:f5:b5:98:9e:f8:e9:16:8f:6e:7f:
33:f9:90:15:63:c8:3f:c6:e5:e7:2c:7a:6f:a0:9b:
01:de:1b:7d:f1:aa:fe:75:21:93:46:f6:75:0a:11:
85:74:26:48:90:29:89:14:ea:0c:33:4c:ef:a9:6c:
53:ba:31:bd:9e:89:d9:e2:22:3b:4d:0b:7a:59:91:
98:51:da:af:e9:3b:c5:49:1a:b8:fd:43:ae:b2:2c:
51:3b:7a:ae:ac:44:84:4f:1d:c7:9f:2f:6d:f3:7a:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:E6:0F:B9:08:F1:31:52:6F:A6:AF:24:C2:04:8B:3A:13:82:AB:65
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/FOYPuQjxMVJvpq8kwgSLOhOCq2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.180.200.0/24
85.120.16.0/23
193.226.68.0/22
Signature Algorithm: sha256WithRSAEncryption
26:85:09:d9:21:69:c7:80:1d:a1:b5:ca:ba:af:1d:a4:a3:9b:
74:9e:38:c4:71:61:40:d6:08:95:c9:12:a2:3f:1c:30:0d:ef:
95:9f:55:3b:7a:c7:74:59:37:bb:38:45:7a:2a:b2:cf:8a:c4:
16:29:86:3a:f2:97:45:29:9a:8d:5e:c9:1a:14:98:9a:b3:d3:
b1:65:48:b4:5b:58:88:db:06:26:7a:42:6a:85:da:53:04:9b:
c3:e8:23:81:f6:93:48:22:dc:a1:3d:69:05:9e:bf:12:30:e3:
47:85:e7:69:20:7c:83:6e:3a:7f:91:1c:30:dd:c7:fe:d6:c4:
67:9f:90:6a:fc:b2:93:ff:ed:c1:85:da:52:8d:7f:0a:62:14:
2e:7f:b9:c3:5c:81:98:ec:c3:d1:cf:c9:d8:58:7c:13:32:15:
78:38:f5:8e:ca:e2:5a:88:ce:23:1f:7d:ae:5a:29:c8:a5:9a:
10:d9:12:1c:a3:77:69:92:fd:d1:b1:44:08:df:b3:f3:e1:6c:
0d:d2:7a:d3:87:5c:3c:70:d3:a6:77:2d:48:70:00:23:b9:66:
d5:f0:9a:03:d4:2f:49:02:12:cd:ee:a6:d8:91:ee:55:f9:4b:
a2:1d:7e:95:6f:44:9d:a6:fd:fd:55:66:f8:29:ee:50:42:b3:
59:76:5f:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvFO/5qL439z6SyAHgMMYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGU2MGZiOTA4ZjEzMTUyNmZhNmFmMjRjMjA0OGIzYTEzODJhYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswU9wYq2FMb5hU+tCS6opO7cYo+t
lNyZvmtst1NByz2qVP7YjQMYV6oJnj+2W+9xNP3jh7Gxx2+KpggQnP+yoT8DtF2V
VDzl8i2UFYo4JDIhA7spYykPOW+UsUWzvWOyp/00m/XYj7CpV7uW3EEyIlQLy9nC
3ncpOjueWr9PFJK2G/YjgkMwn6/Pz1OPyh+9xOjhs58Y+Kndz/W1mJ746RaPbn8z
+ZAVY8g/xuXnLHpvoJsB3ht98ar+dSGTRvZ1ChGFdCZIkCmJFOoMM0zvqWxTujG9
nonZ4iI7TQt6WZGYUdqv6TvFSRq4/UOusixRO3qurESETx3Hny9t83qvxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBTmD7kI8TFSb6avJMIEizoTgqtlMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvRk9ZUHVRanhNVkp2cHE4a3dnU0xPaE9DcTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUbTIAwQB
VXgQAwQCweJEMA0GCSqGSIb3DQEBCwUAA4IBAQAmhQnZIWnHgB2htcq6rx2ko5t0
njjEcWFA1giVyRKiPxwwDe+Vn1U7esd0WTe7OEV6KrLPisQWKYY68pdFKZqNXska
FJias9OxZUi0W1iI2wYmekJqhdpTBJvD6COB9pNIItyhPWkFnr8SMONHhedpIHyD
bjp/kRww3cf+1sRnn5Bq/LKT/+3BhdpSjX8KYhQuf7nDXIGY7MPRz8nYWHwTMhV4
OPWOyuJaiM4jH32uWinIpZoQ2RIco3dpkv3RsUQI37Pz4WwN0nrTh1w8cNOmdy1I
cAAjuWbV8JoD1C9JAhLN7qbYke5V+UuiHX6Vb0Sdpv39VWb4Ke5QQrNZdl/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:21 2024 by rpki-client on console-fra.rpki-client.org