Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/FUBzOoalqLQzJIJ85vKUgL7wch0.roa
File: FUBzOoalqLQzJIJ85vKUgL7wch0.roa (raw, json)
Hash identifier: f/V3dd4CvVx8HsxkbWFp+KTDOuLmaTcLUcz/js/y0hU=
Subject key identifier: 15:40:73:3A:86:A5:A8:B4:33:24:82:7C:E6:F2:94:80:BE:F0:72:1D
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01918F4D70C4BD2448D56141C51104CBE8E0
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/FUBzOoalqLQzJIJ85vKUgL7wch0.roa
Signing time: Mon 26 Aug 2024 15:28:22 +0000
ROA not before: Mon 26 Aug 2024 15:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.155.0/24 maxlen: 24
79.135.102.0/23 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 05:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8f:4d:70:c4:bd:24:48:d5:61:41:c5:11:04:cb:e8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 26 15:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1540733a86a5a8b43324827ce6f29480bef0721d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:43:57:14:a8:d6:53:62:b2:9e:1e:18:f2:e3:
6b:c0:1d:6f:d7:07:6c:a4:31:56:f0:ab:22:af:f5:
6a:be:d8:4b:3d:46:3f:78:00:a0:c1:6a:7a:b9:32:
f4:16:74:af:10:ec:d2:17:74:9c:6d:32:28:48:82:
3d:f9:26:5a:bd:d5:2a:19:c7:21:d8:26:12:18:e9:
df:ae:c4:cb:ad:db:02:d7:3f:97:d2:f9:06:d4:98:
60:52:ec:ac:c3:e4:62:28:6a:53:73:50:47:74:e9:
69:ec:31:36:31:ec:62:6f:b6:96:bc:02:c4:17:cd:
b3:b9:04:b2:b5:1f:cf:f6:97:71:f9:f8:30:a5:bb:
ea:8e:16:ab:10:19:9b:82:ed:22:de:d8:da:22:65:
e1:8a:37:99:bd:ad:f7:88:98:cc:8c:b9:7f:47:55:
b7:65:32:22:6d:54:f7:94:2e:51:78:36:b2:f2:a2:
e8:b8:f6:f8:3d:56:91:0b:75:dd:aa:7a:66:18:f2:
da:e9:41:90:8a:d4:8d:88:11:aa:5b:e5:e4:7a:82:
be:ac:f8:29:62:d6:9a:da:8f:46:ea:11:59:da:e9:
e4:ba:d6:18:9a:33:ce:13:6c:1e:59:78:7d:6e:bc:
19:67:d5:33:fc:6e:f1:61:25:6a:a3:71:fb:01:bf:
75:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:40:73:3A:86:A5:A8:B4:33:24:82:7C:E6:F2:94:80:BE:F0:72:1D
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/FUBzOoalqLQzJIJ85vKUgL7wch0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.155.0/24
79.135.102.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:c8:35:e7:68:38:93:bf:eb:fb:c1:a1:af:0b:df:8f:0b:e1:
0d:2b:83:9f:e2:ec:17:71:73:63:8e:31:b1:73:48:9e:bc:6a:
83:28:3c:6e:df:2b:89:b2:fb:e8:79:28:25:47:f5:77:9d:34:
63:ee:fc:f7:1e:29:73:37:57:bb:9a:e3:52:af:c8:12:1f:21:
1d:47:eb:88:5f:91:00:fc:49:6e:2c:14:79:92:0b:46:e5:a2:
08:58:d3:ef:77:82:ab:04:81:37:22:20:72:60:b9:63:49:dd:
2a:cc:ac:eb:09:64:1a:d1:74:c5:a0:ea:ce:ad:bb:51:be:4e:
83:06:0d:dd:8f:3a:e5:8d:72:bf:73:52:ce:d2:93:4c:82:12:
c5:44:1c:7a:ad:a2:bb:28:f0:3e:e6:49:e3:61:4c:28:99:de:
2d:c4:10:a8:16:a1:0e:0b:40:da:86:ff:a7:1f:cd:cc:58:1b:
a3:b9:63:da:95:ff:2e:91:6b:56:8d:c1:01:6c:ab:b1:8f:59:
45:a4:57:56:51:ed:b1:25:f1:7e:65:50:aa:9d:61:16:ec:3e:
e8:26:06:a2:bc:50:1b:5c:e3:a6:01:e8:ea:a5:8d:45:e3:34:
bb:1e:fc:65:aa:e4:e3:ca:5e:53:2f:d1:cc:62:89:57:90:0e:
6c:20:9d:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGPTXDEvSRI1WFBxREEy+jgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODI2MTUyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQwNzMzYTg2YTVhOGI0MzMyNDgyN2NlNmYyOTQ4MGJlZjA3MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkNXFKjWU2Kynh4Y8uNrwB1v1wds
pDFW8Ksir/VqvthLPUY/eACgwWp6uTL0FnSvEOzSF3ScbTIoSII9+SZavdUqGcch
2CYSGOnfrsTLrdsC1z+X0vkG1JhgUuysw+RiKGpTc1BHdOlp7DE2Mexib7aWvALE
F82zuQSytR/P9pdx+fgwpbvqjharEBmbgu0i3tjaImXhijeZva33iJjMjLl/R1W3
ZTIibVT3lC5ReDay8qLouPb4PVaRC3XdqnpmGPLa6UGQitSNiBGqW+XkeoK+rPgp
Ytaa2o9G6hFZ2unkutYYmjPOE2weWXh9brwZZ9Uz/G7xYSVqo3H7Ab91dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBVAczqGpai0MySCfObylIC+8HIdMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvRlVCek9vYWxxTFF6SklKODV2S1VnTDd3Y2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZCbAwQB
T4dmAwQBwiGWMA0GCSqGSIb3DQEBCwUAA4IBAQB9yDXnaDiTv+v7waGvC9+PC+EN
K4Of4uwXcXNjjjGxc0ievGqDKDxu3yuJsvvoeSglR/V3nTRj7vz3HilzN1e7muNS
r8gSHyEdR+uIX5EA/EluLBR5kgtG5aIIWNPvd4KrBIE3IiByYLljSd0qzKzrCWQa
0XTFoOrOrbtRvk6DBg3djzrljXK/c1LO0pNMghLFRBx6raK7KPA+5knjYUwomd4t
xBCoFqEOC0Dahv+nH83MWBujuWPalf8ukWtWjcEBbKuxj1lFpFdWUe2xJfF+ZVCq
nWEW7D7oJgaivFAbXOOmAejqpY1F4zS7HvxlquTjyl5TL9HMYolXkA5sIJ3G
-----END CERTIFICATE-----
Generated at Tue Sep 3 08:22:49 2024 by rpki-client on console-ams.rpki-client.org