Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fMB5QkLAwlfxIhjQZ0Q_umBJU88.roa
File: fMB5QkLAwlfxIhjQZ0Q_umBJU88.roa (raw, json)
Hash identifier: ZU5kWuUlwYC6fM3zY710GzTmPFq6pDVQwoWCRpJAjE8=
Subject key identifier: 7C:C0:79:42:42:C0:C2:57:F1:22:18:D0:67:44:3F:BA:60:49:53:CF
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 018869297581958904F2C86EC2D111F1B1D5
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fMB5QkLAwlfxIhjQZ0Q_umBJU88.roa
Signing time: Mon 29 May 2023 20:18:24 +0000
ROA not before: Mon 29 May 2023 20:18:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25098
IP address blocks: 193.32.184.0/22 maxlen: 22
31.40.196.0/22 maxlen: 22
212.115.100.0/22 maxlen: 22
212.107.4.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
188.119.68.0/22 maxlen: 22
85.8.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 15 Jun 2023 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:69:29:75:81:95:89:04:f2:c8:6e:c2:d1:11:f1:b1:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: May 29 20:18:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc0794242c0c257f12218d067443fba604953cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2d:e5:e6:98:39:52:de:67:40:4e:ac:23:45:
dc:b1:bb:a4:da:f7:a3:13:e3:09:32:c6:bb:17:a2:
cb:50:44:b1:33:19:af:52:b3:e3:a4:20:96:5d:2b:
e9:49:2c:fd:e3:45:c2:69:f0:07:3e:03:f0:f6:d5:
e2:99:7f:f1:d1:a9:25:3e:ee:e3:f4:97:49:54:83:
39:d9:fb:85:d4:b5:49:31:c3:4f:d1:c0:1f:a7:f2:
87:56:4b:d8:ff:c1:14:88:46:38:e7:36:fc:fd:a0:
c2:83:bd:68:56:c8:0b:a7:cc:c2:9e:f0:6b:06:e5:
ab:0e:4e:59:95:60:57:dd:87:02:4b:46:5b:33:2a:
51:7e:a0:77:f9:ab:0e:73:16:52:f0:03:d6:be:24:
d5:83:5b:12:67:77:18:fe:af:8b:c5:7e:ef:f1:09:
32:a0:27:4e:73:df:e9:45:58:a9:60:36:dd:e5:4e:
68:73:e4:81:12:5f:5f:d1:15:e4:f9:04:d3:83:d1:
dd:77:f9:d5:b9:ba:73:98:a1:48:4a:64:c7:fc:59:
4c:87:7f:66:49:86:9f:58:27:ba:40:43:d6:f2:8b:
35:bf:0e:6c:35:fe:2e:96:e5:44:00:74:ce:fc:66:
de:c5:64:65:bd:59:92:95:2a:63:c9:4b:68:5e:4e:
0e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C0:79:42:42:C0:C2:57:F1:22:18:D0:67:44:3F:BA:60:49:53:CF
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/fMB5QkLAwlfxIhjQZ0Q_umBJU88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/22
85.8.144.0/22
141.98.48.0/22
188.119.68.0/22
193.32.184.0/22
212.107.4.0/22
212.115.100.0/22
Signature Algorithm: sha256WithRSAEncryption
db:ad:00:0c:15:1d:39:a0:9e:d6:8e:1f:15:27:54:f8:12:1c:
bc:b8:9b:c2:25:41:68:23:a1:58:84:64:68:f0:53:6d:d8:52:
5b:75:2e:55:76:2d:cb:fb:8c:67:e9:b0:5c:e1:ba:cc:de:f3:
20:59:a8:d8:f3:73:d9:f7:c0:ab:24:ab:ae:d9:dc:c3:df:4e:
d1:e2:19:cc:5c:2e:a6:60:bc:a8:f3:ac:32:69:56:0c:68:13:
eb:ac:f2:79:2d:c1:e5:a5:f1:3e:7e:44:61:d5:aa:a4:ae:7b:
b0:14:87:c7:17:17:a0:a3:dd:b2:6e:9f:d3:2c:b0:75:88:e1:
ca:c9:7a:39:c6:18:64:11:7c:2e:a5:50:2f:09:5e:47:2c:ff:
50:89:78:a8:e3:8c:27:93:2f:f4:75:3b:bf:25:cd:7c:e0:18:
71:e1:a8:89:e8:98:3b:fb:15:02:99:2a:c0:27:00:d6:38:2b:
e2:98:fc:09:67:f6:27:42:c2:b4:c7:e1:11:31:62:0c:65:a6:
1b:27:47:0e:56:e2:66:8c:8f:9a:3f:af:53:93:3c:4f:01:a1:
8a:fb:96:93:66:72:98:a9:80:06:33:79:c3:3d:2a:fd:20:a9:
56:9d:db:8f:c4:ba:d7:6a:e5:7b:ea:90:d2:30:38:ce:33:08:
46:da:d3:6a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYhpKXWBlYkE8shuwtER8bHVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwNTI5MjAxODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2MwNzk0MjQyYzBjMjU3ZjEyMjE4ZDA2NzQ0M2ZiYTYwNDk1M2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAki3l5pg5Ut5nQE6sI0Xcsbuk2vej
E+MJMsa7F6LLUESxMxmvUrPjpCCWXSvpSSz940XCafAHPgPw9tXimX/x0aklPu7j
9JdJVIM52fuF1LVJMcNP0cAfp/KHVkvY/8EUiEY45zb8/aDCg71oVsgLp8zCnvBr
BuWrDk5ZlWBX3YcCS0ZbMypRfqB3+asOcxZS8APWviTVg1sSZ3cY/q+LxX7v8Qky
oCdOc9/pRVipYDbd5U5oc+SBEl9f0RXk+QTTg9Hdd/nVubpzmKFISmTH/FlMh39m
SYafWCe6QEPW8os1vw5sNf4uluVEAHTO/GbexWRlvVmSlSpjyUtoXk4O6wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHzAeUJCwMJX8SIY0GdEP7pgSVPPMB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvZk1CNVFrTEF3bGZ4SWhqUVowUV91bUJKVTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCHyjEAwQC
VQiQAwQCjWIwAwQCvHdEAwQCwSC4AwQC1GsEAwQC1HNkMA0GCSqGSIb3DQEBCwUA
A4IBAQDbrQAMFR05oJ7Wjh8VJ1T4Ehy8uJvCJUFoI6FYhGRo8FNt2FJbdS5Vdi3L
+4xn6bBc4brM3vMgWajY83PZ98CrJKuu2dzD307R4hnMXC6mYLyo86wyaVYMaBPr
rPJ5LcHlpfE+fkRh1aqkrnuwFIfHFxego92ybp/TLLB1iOHKyXo5xhhkEXwupVAv
CV5HLP9QiXio44wnky/0dTu/Jc184Bhx4aiJ6Jg7+xUCmSrAJwDWOCvimPwJZ/Yn
QsK0x+ERMWIMZaYbJ0cOVuJmjI+aP69TkzxPAaGK+5aTZnKYqYAGM3nDPSr9IKlW
nduPxLrXauV76pDSMDjOMwhG2tNq
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org