Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FwAUcymINGf5ZUQeoisbsE6RqFo.roa
File: FwAUcymINGf5ZUQeoisbsE6RqFo.roa (raw, json)
Hash identifier: qBplb0VaR9VR6bRLBBtcpGK/5RhYUyIpC2jwmCivkmA=
Subject key identifier: 17:00:14:73:29:88:34:67:F9:65:44:1E:A2:2B:1B:B0:4E:91:A8:5A
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0191B2F47E70DB20A171B6E09916E265B77A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FwAUcymINGf5ZUQeoisbsE6RqFo.roa
Signing time: Mon 02 Sep 2024 13:37:33 +0000
ROA not before: Mon 02 Sep 2024 13:37:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204914
IP address blocks: 2.56.165.0/24 maxlen: 24
77.83.242.0/24 maxlen: 24
185.234.75.0/24 maxlen: 24
194.56.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 11:46:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:f4:7e:70:db:20:a1:71:b6:e0:99:16:e2:65:b7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Sep 2 13:37:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1700147329883467f965441ea22b1bb04e91a85a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:53:91:37:e3:55:c0:28:8f:bc:26:d0:89:ff:
dc:1f:7c:ef:89:88:b8:38:64:eb:4f:9d:6b:50:2c:
c8:d0:a3:c5:1d:b9:ed:6e:50:cf:c0:3f:81:59:d8:
64:15:64:76:99:58:f3:e6:19:ef:ac:99:90:df:6c:
a5:2c:34:ba:ee:c8:b1:52:14:71:36:78:69:27:02:
6b:e7:a3:20:3d:14:f9:32:80:72:b5:f0:6f:95:37:
cc:0c:80:93:bc:6d:cf:8f:01:de:23:ff:4f:59:b3:
a4:55:34:20:e5:cd:09:c1:51:e1:c0:0b:0e:b9:ec:
94:e2:85:2e:46:9c:82:42:3e:16:af:5c:ff:64:9d:
ee:57:59:43:29:fe:66:a8:8a:f1:09:a4:49:ab:1e:
b1:59:b5:51:58:82:4d:f3:9e:cd:2d:56:41:fa:53:
cd:ac:ac:ce:30:c3:c2:c1:93:28:c5:07:32:e6:2e:
d8:f8:2f:8f:a0:80:35:f1:f4:9e:42:12:c4:3c:4d:
d2:27:51:71:79:99:5d:96:7b:55:72:25:72:fc:ea:
41:b6:85:ef:f8:0a:4b:f0:d5:d7:21:2c:ce:f2:dd:
a7:40:42:dd:c9:ae:ee:ef:11:27:3a:df:ca:44:ed:
ad:c6:d7:fe:a7:6a:23:01:14:36:70:73:46:b7:c0:
02:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:00:14:73:29:88:34:67:F9:65:44:1E:A2:2B:1B:B0:4E:91:A8:5A
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/FwAUcymINGf5ZUQeoisbsE6RqFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.165.0/24
77.83.242.0/24
185.234.75.0/24
194.56.226.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:6a:fa:5c:82:f3:ee:e4:2d:11:57:16:ea:9f:b6:bd:eb:81:
86:a1:8d:05:bc:30:a5:cd:18:b3:7d:58:ea:c5:34:d7:79:25:
37:43:1b:b8:c9:3a:bb:d8:c9:92:a5:33:5b:eb:29:a8:b7:b9:
c4:63:77:31:fa:11:e9:7f:a6:0c:fd:c9:97:f2:d9:ad:41:7c:
0c:e9:c3:cb:ae:9f:46:31:ba:d6:85:19:34:0d:80:04:d5:ec:
f0:78:80:91:44:31:aa:7e:d0:d0:70:78:a5:db:d1:81:85:ed:
91:49:5b:cc:14:bd:36:33:99:5d:0a:ae:30:cd:bc:9c:c5:11:
b5:4b:3b:59:6a:27:76:8c:15:5e:76:19:79:31:e5:96:c5:90:
40:28:e1:40:fe:c7:82:f6:b9:25:4c:55:7b:22:d6:52:05:5c:
8e:45:a3:e4:dc:92:e8:5c:f3:56:65:86:3d:8c:42:42:32:42:
88:ba:da:eb:1e:a5:de:f8:13:4b:e2:c9:92:a9:04:58:10:82:
72:7a:63:23:90:37:67:2c:7f:46:da:aa:80:5d:bc:16:55:ad:
0a:fb:cd:86:fa:ac:42:d0:3e:08:8e:00:4c:28:f1:2a:01:df:
53:e1:df:2f:dc:71:41:f0:ad:13:de:b7:20:8c:17:0a:23:05:
ca:c7:1e:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGy9H5w2yChcbbgmRbiZbd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwOTAyMTMzNzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzAwMTQ3MzI5ODgzNDY3Zjk2NTQ0MWVhMjJiMWJiMDRlOTFhODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslORN+NVwCiPvCbQif/cH3zviYi4
OGTrT51rUCzI0KPFHbntblDPwD+BWdhkFWR2mVjz5hnvrJmQ32ylLDS67sixUhRx
NnhpJwJr56MgPRT5MoBytfBvlTfMDICTvG3PjwHeI/9PWbOkVTQg5c0JwVHhwAsO
ueyU4oUuRpyCQj4Wr1z/ZJ3uV1lDKf5mqIrxCaRJqx6xWbVRWIJN857NLVZB+lPN
rKzOMMPCwZMoxQcy5i7Y+C+PoIA18fSeQhLEPE3SJ1FxeZldlntVciVy/OpBtoXv
+ApL8NXXISzO8t2nQELdya7u7xEnOt/KRO2txtf+p2ojARQ2cHNGt8ACeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBcAFHMpiDRn+WVEHqIrG7BOkahaMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvRndBVWN5bUlOR2Y1WlVRZW9pc2JzRTZScUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjilAwQA
TVPyAwQAuepLAwQAwjjiMA0GCSqGSIb3DQEBCwUAA4IBAQC9avpcgvPu5C0RVxbq
n7a964GGoY0FvDClzRizfVjqxTTXeSU3Qxu4yTq72MmSpTNb6ymot7nEY3cx+hHp
f6YM/cmX8tmtQXwM6cPLrp9GMbrWhRk0DYAE1ezweICRRDGqftDQcHil29GBhe2R
SVvMFL02M5ldCq4wzbycxRG1SztZaid2jBVedhl5MeWWxZBAKOFA/seC9rklTFV7
ItZSBVyORaPk3JLoXPNWZYY9jEJCMkKIutrrHqXe+BNL4smSqQRYEIJyemMjkDdn
LH9G2qqAXbwWVa0K+82G+qxC0D4IjgBMKPEqAd9T4d8v3HFB8K0T3rcgjBcKIwXK
xx7f
-----END CERTIFICATE-----
Generated at Mon Oct 14 13:08:42 2024 by rpki-client on console-fra.rpki-client.org