Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/_C7e9SBVykmYBpwM5-v_Fuj3zYU.roa
File: _C7e9SBVykmYBpwM5-v_Fuj3zYU.roa (raw, json)
Hash identifier: duHOWqA4f4iLrac60x1nAQ2m8QayFii9u4eBgvl/0jI=
Subject key identifier: FC:2E:DE:F5:20:55:CA:49:98:06:9C:0C:E7:EB:FF:16:E8:F7:CD:85
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0185A10D0B03FF7365C47CB61B9A01D2A012
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/_C7e9SBVykmYBpwM5-v_Fuj3zYU.roa
Signing time: Wed 11 Jan 2023 13:37:44 +0000
ROA not before: Wed 11 Jan 2023 13:37:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20616
IP address blocks: 85.120.17.0/24 maxlen: 24
85.120.16.0/24 maxlen: 24
193.226.68.0/24 maxlen: 24
81.180.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Feb 2023 09:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:0d:0b:03:ff:73:65:c4:7c:b6:1b:9a:01:d2:a0:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 11 13:37:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc2edef52055ca4998069c0ce7ebff16e8f7cd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a7:1d:f5:1e:44:6f:44:f5:f4:8b:a4:b8:9b:
e6:92:37:0a:cc:78:de:42:d9:64:ea:d4:e1:50:38:
5a:ad:95:49:07:de:84:95:2b:6d:1f:04:0f:24:ec:
db:9c:88:fb:44:48:9b:f9:00:e4:d0:aa:e3:50:22:
97:6a:2e:42:c4:b1:5d:65:8c:b6:ee:1f:96:fe:c7:
83:df:17:c3:44:d7:b6:53:1c:9f:9f:54:4f:5d:eb:
6e:2a:ce:16:c6:e4:b4:1c:c0:b4:a6:69:56:a2:5e:
83:0e:aa:0d:60:81:bf:7b:bd:6e:9d:f0:0c:9c:99:
f2:e3:c5:49:38:be:da:ca:82:78:e5:68:2d:ab:79:
77:e0:64:b2:d0:d1:4f:ca:30:b2:3d:11:e4:e0:e8:
65:8b:2a:61:a1:72:a0:cd:ec:9b:fd:b5:a0:4b:23:
56:42:74:aa:a3:76:8d:34:f4:32:26:57:fa:d5:d7:
3c:4b:41:d8:fa:cd:26:01:c5:12:17:f9:1a:86:7b:
af:6b:71:5d:ea:4a:7d:4c:ae:1a:d4:61:ed:46:28:
89:ed:7a:11:7c:74:4a:65:42:fc:49:42:ac:d0:d5:
9d:64:ac:97:4c:c3:26:a1:47:d2:61:4d:23:a1:30:
32:ac:d6:6f:e8:1d:54:f4:59:e0:14:46:db:d9:d8:
90:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2E:DE:F5:20:55:CA:49:98:06:9C:0C:E7:EB:FF:16:E8:F7:CD:85
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/_C7e9SBVykmYBpwM5-v_Fuj3zYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.180.200.0/24
85.120.16.0/23
193.226.68.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0c:14:fd:98:4b:02:85:3b:92:ac:4c:61:09:2d:59:96:9d:
03:b4:b1:19:dc:1f:df:f0:90:d3:b5:b6:fb:b3:4e:3e:81:69:
d6:19:37:4c:34:39:3c:80:70:d5:ba:2e:4e:13:97:73:22:93:
f7:81:73:b6:ac:9c:11:9f:5d:72:f5:67:0d:c2:88:a8:89:d6:
29:22:84:b6:93:5f:64:29:ad:db:4d:9b:a1:53:7d:43:57:07:
cc:34:2c:21:81:c0:70:81:f8:da:fc:fa:b2:b5:a2:51:af:af:
01:e2:07:2b:06:fd:20:c7:81:b3:e7:6f:41:2a:dc:09:14:27:
f7:aa:00:8a:0f:e3:45:97:9a:85:05:77:aa:b9:1f:14:95:41:
6d:56:51:27:40:86:b8:03:70:96:22:e2:1e:73:5a:e6:bf:20:
01:6b:ca:c8:1c:f3:61:e3:f3:56:c1:51:41:e4:98:0f:6c:2d:
6b:fd:af:bc:f0:e7:a7:76:0a:9f:5e:8b:8e:77:a1:7a:7e:28:
5e:d4:b8:d7:16:79:30:a0:23:cd:d8:fc:6e:1f:8a:17:f5:1a:
7b:94:3e:f7:3d:2c:48:8f:56:41:0b:50:de:c1:af:db:7a:73:
20:74:da:c9:bc:cf:6e:53:1a:81:04:68:37:eb:94:b3:92:59:
bb:58:1c:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYWhDQsD/3NlxHy2G5oB0qASMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTExMTMzNzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzJlZGVmNTIwNTVjYTQ5OTgwNjljMGNlN2ViZmYxNmU4ZjdjZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKcd9R5Eb0T19IukuJvmkjcKzHje
Qtlk6tThUDharZVJB96ElSttHwQPJOzbnIj7REib+QDk0KrjUCKXai5CxLFdZYy2
7h+W/seD3xfDRNe2Uxyfn1RPXetuKs4WxuS0HMC0pmlWol6DDqoNYIG/e71unfAM
nJny48VJOL7ayoJ45Wgtq3l34GSy0NFPyjCyPRHk4OhliyphoXKgzeyb/bWgSyNW
QnSqo3aNNPQyJlf61dc8S0HY+s0mAcUSF/kahnuva3Fd6kp9TK4a1GHtRiiJ7XoR
fHRKZUL8SUKs0NWdZKyXTMMmoUfSYU0joTAyrNZv6B1U9FngFEbb2diQNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPwu3vUgVcpJmAacDOfr/xbo982FMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvX0M3ZTlTQlZ5a21ZQnB3TTUtdl9GdWozellVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUbTIAwQB
VXgQAwQAweJEMA0GCSqGSIb3DQEBCwUAA4IBAQBtDBT9mEsChTuSrExhCS1Zlp0D
tLEZ3B/f8JDTtbb7s04+gWnWGTdMNDk8gHDVui5OE5dzIpP3gXO2rJwRn11y9WcN
woioidYpIoS2k19kKa3bTZuhU31DVwfMNCwhgcBwgfja/PqytaJRr68B4gcrBv0g
x4Gz529BKtwJFCf3qgCKD+NFl5qFBXequR8UlUFtVlEnQIa4A3CWIuIec1rmvyAB
a8rIHPNh4/NWwVFB5JgPbC1r/a+88OendgqfXouOd6F6fihe1LjXFnkwoCPN2Pxu
H4oX9Rp7lD73PSxIj1ZBC1Dewa/benMgdNrJvM9uUxqBBGg365Szklm7WBwa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org