Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/FoTLIGkzvqZM5TzTvD4QKWCaWS4.roa
File: FoTLIGkzvqZM5TzTvD4QKWCaWS4.roa (raw, json)
Hash identifier: mvRv/As9VcH0OZ2bNv6LugP/zeYcijhvpi62yelv2Zo=
Subject key identifier: 16:84:CB:20:69:33:BE:A6:4C:E5:3C:D3:BC:3E:10:29:60:9A:59:2E
Certificate issuer: /CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Certificate serial: 0188FCB05DEF46CD89AAEB84C60EA78A85F7
Authority key identifier: 30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/FoTLIGkzvqZM5TzTvD4QKWCaWS4.roa
Signing time: Tue 27 Jun 2023 11:49:56 +0000
ROA not before: Tue 27 Jun 2023 11:49:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.146.152.0/24 maxlen: 24
185.146.155.0/24 maxlen: 24
185.146.154.0/24 maxlen: 24
2a07:4f80:10::/44 maxlen: 44
2a07:4f80::/44 maxlen: 44
2a07:4f80::/48 maxlen: 48
2a07:4f80:20::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:b0:5d:ef:46:cd:89:aa:eb:84:c6:0e:a7:8a:85:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30056b0375d894b93cb0e26d9b4d64a08c58371e
Validity
Not Before: Jun 27 11:49:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1684cb206933bea64ce53cd3bc3e1029609a592e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:53:b1:10:19:ed:3b:e9:71:26:14:aa:38:69:
8b:b8:00:0d:93:af:17:97:f2:78:50:41:f1:76:9c:
89:be:63:f4:44:e2:56:3e:3b:94:1d:76:59:15:72:
e1:79:53:fd:40:98:c4:3d:f1:eb:b8:85:55:8e:52:
8a:48:50:01:27:08:7d:07:59:3b:77:90:78:65:2b:
fd:aa:6b:6b:de:98:17:a5:61:74:7e:42:b1:96:86:
cd:58:d7:c2:4c:8d:85:0f:46:81:1c:57:8a:bf:4b:
b0:ea:33:74:da:32:23:e0:ff:f3:fe:06:eb:a0:d3:
66:db:f2:d6:b4:c7:62:85:86:70:15:8e:7e:0e:f3:
8d:80:2d:b9:89:13:01:c9:0c:08:15:b2:1c:86:7d:
44:76:ab:cd:af:1a:ab:5c:8c:cf:9a:a1:89:85:0e:
16:09:8c:d9:d9:0c:46:96:6a:57:04:5d:89:81:85:
bf:f5:50:e5:0c:c9:88:2e:b6:2b:7c:05:bf:9b:f0:
79:50:fb:39:dc:d0:4a:f6:64:c0:9a:c3:dc:e2:9e:
6d:5d:8c:e2:e0:09:e3:16:35:bd:ff:04:0e:b1:c9:
93:1e:85:15:39:98:45:85:13:e2:0a:30:17:a1:20:
4a:31:d1:95:5b:47:71:f4:f9:a6:b9:45:4c:5c:1c:
28:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:84:CB:20:69:33:BE:A6:4C:E5:3C:D3:BC:3E:10:29:60:9A:59:2E
X509v3 Authority Key Identifier:
keyid:30:05:6B:03:75:D8:94:B9:3C:B0:E2:6D:9B:4D:64:A0:8C:58:37:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAVrA3XYlLk8sOJtm01koIxYNx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/FoTLIGkzvqZM5TzTvD4QKWCaWS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a7472-cbb8-4c99-be21-11b4afbede19/1/MAVrA3XYlLk8sOJtm01koIxYNx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.152.0/24
185.146.154.0/23
IPv6:
2a07:4f80::-2a07:4f80:20:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
90:3a:e3:2b:e3:ed:47:53:6b:2f:8d:33:e9:1a:7e:6c:c4:5b:
3b:03:7d:d7:d6:91:3b:49:c4:60:a5:2c:70:27:7f:e3:01:8f:
bd:69:ef:0a:9b:39:9f:41:44:78:34:a8:17:83:58:05:60:02:
00:66:4c:19:da:3d:b8:55:7d:c4:96:29:f5:a0:bc:42:e3:e4:
2b:b7:c2:a3:85:8f:3e:31:e4:b5:5b:07:53:38:7a:2a:cd:1a:
87:25:c8:6e:71:00:24:cd:68:d4:13:35:c8:e9:1a:2a:e6:30:
ef:5b:84:5b:f9:64:de:51:b4:a6:b5:fe:92:77:20:dc:b8:9c:
95:97:7f:aa:97:43:19:a8:c4:15:3c:fc:a1:c5:23:bf:65:57:
09:5c:e0:d2:12:b7:25:13:24:59:06:c0:e0:dd:1a:f7:a3:f2:
7d:8d:9d:1b:a0:2f:ee:b0:89:fb:d7:c5:d4:c0:8e:c2:f1:50:
f7:c0:28:26:61:b3:06:73:9b:d1:ff:88:a0:9d:5f:1f:76:78:
97:3b:38:e4:d9:2a:16:cf:80:98:9d:39:d0:20:c0:d8:ef:11:
f8:bd:91:1b:31:46:bb:0f:bd:71:bb:dd:b2:3c:40:4d:89:9d:
31:cc:6d:97:1d:bc:7b:0b:b3:eb:ab:4e:ae:d2:cc:db:92:4a:
f5:4f:d8:d3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYj8sF3vRs2JquuExg6nioX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDU2YjAzNzVkODk0YjkzY2IwZTI2ZDliNGQ2NGEwOGM1
ODM3MWUwHhcNMjMwNjI3MTE0OTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg0Y2IyMDY5MzNiZWE2NGNlNTNjZDNiYzNlMTAyOTYwOWE1OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1OxEBntO+lxJhSqOGmLuAANk68X
l/J4UEHxdpyJvmP0ROJWPjuUHXZZFXLheVP9QJjEPfHruIVVjlKKSFABJwh9B1k7
d5B4ZSv9qmtr3pgXpWF0fkKxlobNWNfCTI2FD0aBHFeKv0uw6jN02jIj4P/z/gbr
oNNm2/LWtMdihYZwFY5+DvONgC25iRMByQwIFbIchn1EdqvNrxqrXIzPmqGJhQ4W
CYzZ2QxGlmpXBF2JgYW/9VDlDMmILrYrfAW/m/B5UPs53NBK9mTAmsPc4p5tXYzi
4AnjFjW9/wQOscmTHoUVOZhFhRPiCjAXoSBKMdGVW0dx9PmmuUVMXBwoHQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBaEyyBpM76mTOU807w+EClgmlkuMB8GA1UdIwQY
MBaAFDAFawN12JS5PLDibZtNZKCMWDceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEt
MTFiNGFmYmVkZTE5LzEvRm9UTElHa3p2cVpNNVR6VHZENFFLV0NhV1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTc0NzItY2JiOC00Yzk5LWJlMjEtMTFiNGFmYmVkZTE5
LzEvTUFWckEzWFlsTGs4c09KdG0wMWtvSXhZTng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAuZKYAwQB
uZKaMBgEAgACMBIwEAMFByoHT4ADBwAqB0+AACAwDQYJKoZIhvcNAQELBQADggEB
AJA64yvj7UdTay+NM+kafmzEWzsDfdfWkTtJxGClLHAnf+MBj71p7wqbOZ9BRHg0
qBeDWAVgAgBmTBnaPbhVfcSWKfWgvELj5Cu3wqOFjz4x5LVbB1M4eirNGoclyG5x
ACTNaNQTNcjpGirmMO9bhFv5ZN5RtKa1/pJ3INy4nJWXf6qXQxmoxBU8/KHFI79l
Vwlc4NIStyUTJFkGwODdGvej8n2NnRugL+6wifvXxdTAjsLxUPfAKCZhswZzm9H/
iKCdXx92eJc7OOTZKhbPgJidOdAgwNjvEfi9kRsxRrsPvXG73bI8QE2JnTHMbZcd
vHsLs+urTq7SzNuSSvVP2NM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:49 2024 by rpki-client on console-ams.rpki-client.org