Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/1c8b69-4b7b-4bfd-bce5-37afbdf4d847/1/l7Q4-FUO49OQPVwwwEL4LIvYq8I.roa
File: l7Q4-FUO49OQPVwwwEL4LIvYq8I.roa (raw, json)
Hash identifier: Z/GrtAv+CI4mJNI69OW1QxvIKNV6EQg44eHLd51Wpw8=
Subject key identifier: 97:B4:38:F8:55:0E:E3:D3:90:3D:5C:30:C0:42:F8:2C:8B:D8:AB:C2
Certificate issuer: /CN=fcbeb9b302ceb6f58d327b494d81459433be738d
Certificate serial: 018571D7D3036A0704EA2C87A00DE500A4D4
Authority key identifier: FC:BE:B9:B3:02:CE:B6:F5:8D:32:7B:49:4D:81:45:94:33:BE:73:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_L65swLOtvWNMntJTYFFlDO-c40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/1c8b69-4b7b-4bfd-bce5-37afbdf4d847/1/l7Q4-FUO49OQPVwwwEL4LIvYq8I.roa
Signing time: Mon 02 Jan 2023 09:37:27 +0000
ROA not before: Mon 02 Jan 2023 09:37:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25318
IP address blocks: 193.47.162.0/24 maxlen: 24
195.234.177.0/24 maxlen: 24
2001:67c:154::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:d3:03:6a:07:04:ea:2c:87:a0:0d:e5:00:a4:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fcbeb9b302ceb6f58d327b494d81459433be738d
Validity
Not Before: Jan 2 09:37:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97b438f8550ee3d3903d5c30c042f82c8bd8abc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:86:f6:db:14:21:33:c0:57:99:bf:8b:ba:4e:
70:51:9a:d5:c2:06:55:68:fe:91:f2:29:c4:af:aa:
96:e6:d6:45:f3:1a:cd:2d:ef:a3:6d:22:7d:2b:a5:
31:ca:f4:29:b3:02:e3:35:8a:5f:8c:fb:2b:cd:c2:
dc:13:b2:41:25:40:b9:1b:9e:45:c4:f3:ec:0c:6b:
91:45:ba:96:4d:10:68:46:41:1e:c3:f6:2b:c5:a5:
69:e2:81:ad:bd:7f:50:16:25:3f:33:84:7c:cc:3e:
c5:2b:cf:71:f1:56:81:7b:31:41:67:48:e6:a6:ac:
3e:71:d6:d1:3a:75:d6:91:46:49:a7:f7:61:95:5e:
fa:95:d3:44:f7:3f:3a:b7:f0:75:19:d8:98:98:02:
bf:2d:5c:3c:2f:e3:2f:1f:07:74:13:d3:d2:cf:4f:
7a:8b:52:a5:28:67:f8:32:76:df:93:5b:85:87:7f:
dc:77:e0:b8:ce:3b:7e:82:39:60:78:74:61:19:ad:
6f:c8:a5:12:97:df:9c:1c:3c:82:78:bc:34:1f:3f:
8a:ce:b6:e2:64:96:86:fa:83:6e:5d:87:8a:f5:ed:
96:b4:8e:6b:bd:be:54:2f:84:b3:a7:e5:ca:55:fb:
1c:90:ad:b1:cf:be:95:a7:46:80:f3:7d:73:2d:e8:
ee:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B4:38:F8:55:0E:E3:D3:90:3D:5C:30:C0:42:F8:2C:8B:D8:AB:C2
X509v3 Authority Key Identifier:
keyid:FC:BE:B9:B3:02:CE:B6:F5:8D:32:7B:49:4D:81:45:94:33:BE:73:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_L65swLOtvWNMntJTYFFlDO-c40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/1c8b69-4b7b-4bfd-bce5-37afbdf4d847/1/l7Q4-FUO49OQPVwwwEL4LIvYq8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/1c8b69-4b7b-4bfd-bce5-37afbdf4d847/1/_L65swLOtvWNMntJTYFFlDO-c40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.47.162.0/24
195.234.177.0/24
IPv6:
2001:67c:154::/48
Signature Algorithm: sha256WithRSAEncryption
c6:df:28:bd:1f:4e:c5:5c:38:6b:59:5c:3a:02:b9:26:04:91:
13:02:9f:db:b1:5a:3d:ca:e3:43:25:c6:5a:fc:7c:8a:e6:ea:
87:ce:22:e1:33:78:d0:04:46:55:c4:0b:4d:00:12:a3:2e:4d:
37:9f:55:a4:42:05:04:53:89:57:f1:d5:dd:17:8b:79:22:ec:
f4:b5:de:82:3e:aa:a9:a4:ae:d8:91:fa:90:1e:6f:af:de:e1:
4b:22:42:b8:3c:b0:1c:76:c2:de:44:aa:3a:3c:03:a2:a1:42:
81:8b:e0:47:0c:50:41:d4:49:e8:c3:bd:d9:22:48:10:ef:16:
f5:00:e6:b1:26:82:6d:c8:5d:eb:ab:e5:29:a5:a5:ae:c8:e2:
50:05:d0:3c:b5:96:d3:ea:e2:5c:98:4e:72:4a:cc:b3:80:f2:
97:30:91:09:d6:e0:58:fb:e6:ff:61:bc:7c:c3:e0:6a:f7:b5:
b8:d1:fb:8d:8c:bd:e5:bd:29:e5:69:5b:5c:97:e0:ae:f5:e6:
13:5b:32:5b:37:eb:80:71:c3:29:07:c9:99:bc:e9:f2:43:ec:
fa:08:a5:d3:82:3c:2c:8e:7e:f9:ca:04:5f:cb:9b:fb:a1:11:
c9:3b:11:cb:62:07:0d:a2:ff:9f:4f:5d:6b:85:b5:51:9e:87:
61:3c:c0:c5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVx19MDagcE6iyHoA3lAKTUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYmViOWIzMDJjZWI2ZjU4ZDMyN2I0OTRkODE0NTk0MzNi
ZTczOGQwHhcNMjMwMTAyMDkzNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2I0MzhmODU1MGVlM2QzOTAzZDVjMzBjMDQyZjgyYzhiZDhhYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYb22xQhM8BXmb+Luk5wUZrVwgZV
aP6R8inEr6qW5tZF8xrNLe+jbSJ9K6UxyvQpswLjNYpfjPsrzcLcE7JBJUC5G55F
xPPsDGuRRbqWTRBoRkEew/YrxaVp4oGtvX9QFiU/M4R8zD7FK89x8VaBezFBZ0jm
pqw+cdbROnXWkUZJp/dhlV76ldNE9z86t/B1GdiYmAK/LVw8L+MvHwd0E9PSz096
i1KlKGf4Mnbfk1uFh3/cd+C4zjt+gjlgeHRhGa1vyKUSl9+cHDyCeLw0Hz+Kzrbi
ZJaG+oNuXYeK9e2WtI5rvb5UL4Szp+XKVfsckK2xz76Vp0aA831zLeju1wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJe0OPhVDuPTkD1cMMBC+CyL2KvCMB8GA1UdIwQY
MBaAFPy+ubMCzrb1jTJ7SU2BRZQzvnONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0w2NXN3TE90dldOTW50SlRZRkZsRE8tYzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8xYzhiNjktNGI3Yi00YmZkLWJjZTUt
MzdhZmJkZjRkODQ3LzEvbDdRNC1GVU80OU9RUFZ3d3dFTDRMSXZZcThJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC8xYzhiNjktNGI3Yi00YmZkLWJjZTUtMzdhZmJkZjRkODQ3
LzEvX0w2NXN3TE90dldOTW50SlRZRkZsRE8tYzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwS+iAwQA
w+qxMA8EAgACMAkDBwAgAQZ8AVQwDQYJKoZIhvcNAQELBQADggEBAMbfKL0fTsVc
OGtZXDoCuSYEkRMCn9uxWj3K40Mlxlr8fIrm6ofOIuEzeNAERlXEC00AEqMuTTef
VaRCBQRTiVfx1d0Xi3ki7PS13oI+qqmkrtiR+pAeb6/e4UsiQrg8sBx2wt5Eqjo8
A6KhQoGL4EcMUEHUSejDvdkiSBDvFvUA5rEmgm3IXeur5Smlpa7I4lAF0Dy1ltPq
4lyYTnJKzLOA8pcwkQnW4Fj75v9hvHzD4Gr3tbjR+42MveW9KeVpW1yX4K715hNb
Mls364BxwykHyZm86fJD7PoIpdOCPCyOfvnKBF/Lm/uhEck7EctiBw2i/59PXWuF
tVGeh2E8wMU=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:49:22 2024 by rpki-client on console-fra.rpki-client.org