Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/FM-tZ3cbojCf6tUg6CR2q3EysZ8.roa
File: FM-tZ3cbojCf6tUg6CR2q3EysZ8.roa (raw, json)
Hash identifier: Lon3MTlBp2bFRLmOTw2+flQP4wHmE4euOwMZiFS/6sA=
Subject key identifier: 14:CF:AD:67:77:1B:A2:30:9F:EA:D5:20:E8:24:76:AB:71:32:B1:9F
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280F5E79A171E6CE3A72471B318BB2
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/FM-tZ3cbojCf6tUg6CR2q3EysZ8.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204492
IP address blocks: 82.194.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0f:5e:79:a1:71:e6:ce:3a:72:47:1b:31:8b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14cfad67771ba2309fead520e82476ab7132b19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:1b:b3:6f:21:8f:a9:74:36:ae:0b:d0:73:7b:
07:d9:51:e5:9d:5b:65:fb:6f:e1:78:05:a1:08:58:
58:5d:05:01:db:06:ad:e3:eb:37:ad:30:5d:53:4f:
6e:ca:9e:77:40:f9:f2:ed:d6:9a:8c:49:3f:29:1d:
f7:d5:e2:7d:81:50:52:6c:74:79:6e:44:b8:c1:51:
a5:30:55:ec:85:0a:f2:16:6e:55:3b:c6:f3:5e:3a:
83:de:e0:30:9d:4b:9c:e3:58:f7:47:5e:6d:1b:26:
0b:5d:fb:a5:2c:13:62:54:f9:01:e3:98:b2:1b:dc:
93:75:28:13:07:9e:76:d3:1d:b8:81:81:66:92:82:
29:3d:68:9e:05:8b:c7:c9:65:b9:46:ce:0a:29:9d:
02:d8:cc:f7:c5:7a:18:39:a4:c7:6a:67:c1:75:c0:
49:23:c8:24:17:a8:64:f6:38:e2:46:42:3b:f2:74:
9c:da:3c:5b:cc:bf:11:5a:b6:de:d2:c4:36:a0:54:
c1:bf:59:67:01:96:4e:13:c4:3f:f8:82:0f:6a:46:
53:89:9f:92:87:df:ee:3d:d3:04:dd:d2:34:d8:47:
bb:dc:26:7f:47:bd:d0:9d:44:20:00:c6:1b:98:f6:
5c:8a:8a:88:6d:b2:73:04:eb:ee:f7:bf:98:62:66:
49:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:CF:AD:67:77:1B:A2:30:9F:EA:D5:20:E8:24:76:AB:71:32:B1:9F
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/FM-tZ3cbojCf6tUg6CR2q3EysZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.194.236.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9e:28:fb:c6:34:e0:2a:9e:dc:87:48:5f:78:09:e0:e8:db:
1e:2f:23:52:d2:a5:ef:4a:3b:83:0b:99:9e:b3:70:14:bc:6b:
0a:7d:b3:5d:17:ed:dc:7a:f3:9c:5c:af:46:96:63:4a:d5:40:
68:9a:2a:9b:15:00:3d:46:eb:44:fe:77:6c:28:a0:6e:2a:47:
2c:fa:ed:d3:31:93:5c:62:6e:0b:9e:aa:84:22:1e:d8:3c:c0:
1d:78:0f:bb:29:b4:a7:39:9b:9c:ee:85:9b:ee:4e:fc:c9:79:
6e:a8:1d:68:de:09:65:05:44:00:31:dc:a7:d1:8b:52:cf:29:
b3:43:5d:bb:da:fa:b8:f4:46:74:59:05:e2:88:3c:b8:32:45:
44:49:6f:eb:57:c2:e4:15:ef:eb:d7:f0:4a:6c:63:8a:3e:c1:
57:af:c6:2d:f3:52:6f:b6:28:32:a4:51:db:1d:aa:82:a9:62:
f4:09:c4:2d:9e:fc:fb:79:7e:69:48:1c:bb:63:6f:f8:82:5d:
f7:76:4a:58:2e:8a:ee:2c:37:7c:6f:15:73:15:94:ed:2a:6a:
79:b2:e0:aa:27:5b:de:18:02:9e:bc:06:04:59:23:a2:64:f6:
f4:6c:0b:0d:9d:ec:39:46:ed:a4:3d:b0:2f:92:9e:a6:85:9f:
6e:7f:4c:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyKA9eeaFx5s46ckcbMYuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGNmYWQ2Nzc3MWJhMjMwOWZlYWQ1MjBlODI0NzZhYjcxMzJiMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhuzbyGPqXQ2rgvQc3sH2VHlnVtl
+2/heAWhCFhYXQUB2wat4+s3rTBdU09uyp53QPny7daajEk/KR331eJ9gVBSbHR5
bkS4wVGlMFXshQryFm5VO8bzXjqD3uAwnUuc41j3R15tGyYLXfulLBNiVPkB45iy
G9yTdSgTB5520x24gYFmkoIpPWieBYvHyWW5Rs4KKZ0C2Mz3xXoYOaTHamfBdcBJ
I8gkF6hk9jjiRkI78nSc2jxbzL8RWrbe0sQ2oFTBv1lnAZZOE8Q/+IIPakZTiZ+S
h9/uPdME3dI02Ee73CZ/R73QnUQgAMYbmPZcioqIbbJzBOvu97+YYmZJeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBTPrWd3G6Iwn+rVIOgkdqtxMrGfMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvRk0tdFozY2JvakNmNnRVZzZDUjJxM0V5c1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUsLsMA0G
CSqGSIb3DQEBCwUAA4IBAQBfnij7xjTgKp7ch0hfeAng6NseLyNS0qXvSjuDC5me
s3AUvGsKfbNdF+3cevOcXK9GlmNK1UBomiqbFQA9RutE/ndsKKBuKkcs+u3TMZNc
Ym4LnqqEIh7YPMAdeA+7KbSnOZuc7oWb7k78yXluqB1o3gllBUQAMdyn0YtSzymz
Q1272vq49EZ0WQXiiDy4MkVESW/rV8LkFe/r1/BKbGOKPsFXr8Yt81JvtigypFHb
HaqCqWL0CcQtnvz7eX5pSBy7Y2/4gl33dkpYLoruLDd8bxVzFZTtKmp5suCqJ1ve
GAKevAYEWSOiZPb0bAsNnew5Ru2kPbAvkp6mhZ9uf0xJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:26 2024 by rpki-client on console-fra.rpki-client.org