Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FIK6IYNV7tysECiilPAT8DDLR34.roa
File: FIK6IYNV7tysECiilPAT8DDLR34.roa (raw, json)
Hash identifier: VfBWfkxcj1t9U/MuFXeNc6MyR5SlIF8kJVWlahSJbBU=
Subject key identifier: 14:82:BA:21:83:55:EE:DC:AC:10:28:A2:94:F0:13:F0:30:CB:47:7E
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018E79EE0227A6E7F56AF8E70C4FF1E79C4B
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FIK6IYNV7tysECiilPAT8DDLR34.roa
Signing time: Tue 26 Mar 2024 08:43:44 +0000
ROA not before: Tue 26 Mar 2024 08:43:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60606
IP address blocks: 95.173.204.0/22 maxlen: 22
95.173.216.0/21 maxlen: 21
185.111.108.0/22 maxlen: 24
2a06:5d80::/32 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Jun 2024 08:37:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:79:ee:02:27:a6:e7:f5:6a:f8:e7:0c:4f:f1:e7:9c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Mar 26 08:43:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1482ba218355eedcac1028a294f013f030cb477e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3f:cc:2f:7b:4d:e4:35:8c:a2:5a:81:25:9b:
ba:e3:2d:38:b4:c8:41:aa:b9:d0:80:07:c9:93:a1:
63:fe:5b:6b:8a:f4:7b:0b:6a:24:ec:4a:64:92:18:
7e:70:cc:3c:42:69:bd:d3:56:bd:53:6d:c5:3d:b7:
cf:3a:5f:e1:c5:58:c8:c4:be:07:bf:d0:0a:df:e6:
57:ac:84:0b:32:c6:45:44:06:9d:bd:ec:05:1c:74:
79:54:6c:a9:27:7a:5c:80:f6:57:64:82:18:ba:58:
f5:15:98:a2:4b:e1:13:65:e2:bf:0a:65:cc:fc:81:
f9:47:04:5c:d8:a9:64:d6:d8:90:08:45:a5:62:22:
3c:5a:00:a1:45:4e:89:87:7e:b0:cb:e1:9c:63:88:
b6:7c:b6:08:cf:c6:c5:bd:9a:41:2e:2c:e7:41:13:
03:5c:35:b1:90:8e:24:c6:cf:b9:9e:4b:5f:5c:78:
65:86:16:e9:56:8d:8e:c2:f3:3c:ab:d7:b3:9f:6f:
2d:5d:97:04:60:3f:4c:58:43:03:c7:b5:ea:cd:07:
1b:3a:46:22:98:ca:81:81:dc:18:59:d5:67:6f:1f:
10:3d:e9:2c:27:4e:9a:1c:f1:56:0e:ae:0e:ff:67:
37:0e:c1:41:da:39:af:45:a9:49:66:f1:1e:a9:c5:
58:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:82:BA:21:83:55:EE:DC:AC:10:28:A2:94:F0:13:F0:30:CB:47:7E
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/FIK6IYNV7tysECiilPAT8DDLR34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.204.0/22
95.173.216.0/21
185.111.108.0/22
IPv6:
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
6a:43:9d:cf:98:9d:60:d1:5f:52:06:fd:10:57:60:97:bf:55:
3b:3e:c0:85:90:2f:8d:ab:c5:44:1f:5f:d0:ea:0c:0e:3c:c6:
c2:e4:35:9d:f7:12:de:e8:91:23:57:37:2c:c5:bb:d2:f8:f6:
57:f3:91:8f:4f:af:d8:47:f3:4c:22:4f:2a:31:58:76:34:ee:
c1:fc:ab:1a:65:d3:a0:2e:14:0a:34:93:38:d2:25:69:a7:c9:
13:b1:60:f9:e7:40:aa:80:2f:41:a4:3a:4e:24:13:59:b3:ca:
80:9e:5f:51:52:50:5a:df:dd:6a:47:00:f5:d1:72:cb:41:90:
24:34:de:14:93:bf:fc:ce:01:de:32:77:90:85:a7:d1:bd:f2:
43:44:bc:f7:dc:14:24:a4:a4:a6:e6:eb:a9:4b:5b:7c:47:61:
e6:14:b2:bf:98:fb:a5:88:ec:61:b2:e6:84:e2:28:73:8d:ff:
b9:22:50:e7:19:30:2d:cf:8d:f0:66:07:62:e6:70:14:33:93:
b0:cf:76:11:0a:8b:65:19:d2:16:7c:3a:6a:b9:e1:36:61:38:
8d:3a:45:93:90:0d:c5:a5:9a:fb:16:70:8a:29:a4:09:c7:fc:
aa:ce:93:00:87:9c:be:f7:8f:52:25:81:dc:99:ff:e4:2b:6d:
a9:2a:59:ca
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY557gInpuf1avjnDE/x55xLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjQwMzI2MDg0MzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDgyYmEyMTgzNTVlZWRjYWMxMDI4YTI5NGYwMTNmMDMwY2I0NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoT/ML3tN5DWMolqBJZu64y04tMhB
qrnQgAfJk6Fj/ltrivR7C2ok7Epkkhh+cMw8Qmm901a9U23FPbfPOl/hxVjIxL4H
v9AK3+ZXrIQLMsZFRAadvewFHHR5VGypJ3pcgPZXZIIYulj1FZiiS+ETZeK/CmXM
/IH5RwRc2Klk1tiQCEWlYiI8WgChRU6Jh36wy+GcY4i2fLYIz8bFvZpBLiznQRMD
XDWxkI4kxs+5nktfXHhlhhbpVo2OwvM8q9ezn28tXZcEYD9MWEMDx7XqzQcbOkYi
mMqBgdwYWdVnbx8QPeksJ06aHPFWDq4O/2c3DsFB2jmvRalJZvEeqcVYCQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBSCuiGDVe7crBAoopTwE/Awy0d+MB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvRklLNklZTlY3dHlzRUNpaWxQQVQ4RERMUjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCX63MAwQD
X63YAwQCuW9sMA0EAgACMAcDBQAqBl2AMA0GCSqGSIb3DQEBCwUAA4IBAQBqQ53P
mJ1g0V9SBv0QV2CXv1U7PsCFkC+Nq8VEH1/Q6gwOPMbC5DWd9xLe6JEjVzcsxbvS
+PZX85GPT6/YR/NMIk8qMVh2NO7B/KsaZdOgLhQKNJM40iVpp8kTsWD550CqgC9B
pDpOJBNZs8qAnl9RUlBa391qRwD10XLLQZAkNN4Uk7/8zgHeMneQhafRvfJDRLz3
3BQkpKSm5uupS1t8R2HmFLK/mPuliOxhsuaE4ihzjf+5IlDnGTAtz43wZgdi5nAU
M5Owz3YRCotlGdIWfDpqueE2YTiNOkWTkA3FpZr7FnCKKaQJx/yqzpMAh5y+949S
JYHcmf/kK22pKlnK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:42 2024 by rpki-client on console-fra.rpki-client.org