Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/fumIYO117zflgKlGeVNdkD4wLNs.roa
File: fumIYO117zflgKlGeVNdkD4wLNs.roa (raw, json)
Hash identifier: XZOLHbfuz0/unhGcKlAePj76NxF7SETU2xfnQy6SGvk=
Subject key identifier: 7E:E9:88:60:ED:75:EF:37:E5:80:A9:46:79:53:5D:90:3E:30:2C:DB
Certificate issuer: /CN=6cedf4158ade98f1457cec858955626f161d2aef
Certificate serial: 018D1C2483BE3892BD2EF042BBD14B6FEE8A
Authority key identifier: 6C:ED:F4:15:8A:DE:98:F1:45:7C:EC:85:89:55:62:6F:16:1D:2A:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bO30FYremPFFfOyFiVVibxYdKu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/fumIYO117zflgKlGeVNdkD4wLNs.roa
Signing time: Thu 18 Jan 2024 10:36:11 +0000
ROA not before: Thu 18 Jan 2024 10:36:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43317
IP address blocks: 94.242.0.0/19 maxlen: 19
94.242.32.0/20 maxlen: 20
2a00:1838::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 12 Feb 2024 07:39:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:24:83:be:38:92:bd:2e:f0:42:bb:d1:4b:6f:ee:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cedf4158ade98f1457cec858955626f161d2aef
Validity
Not Before: Jan 18 10:36:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ee98860ed75ef37e580a94679535d903e302cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:23:0c:02:14:43:44:77:98:5d:42:89:25:53:
d9:d2:1d:ad:80:53:64:01:d1:66:f8:2b:28:23:4e:
6e:22:fd:aa:16:56:8b:53:05:aa:23:ed:00:0a:d4:
d5:4b:0a:06:4e:da:cc:ab:29:28:32:29:a2:eb:08:
28:4e:e1:a2:8a:4b:7e:4d:5e:d1:cc:ae:d0:e3:13:
fd:13:74:6a:53:58:40:09:28:d1:46:40:78:43:20:
20:de:25:90:2f:c8:3f:bb:4e:3c:d8:89:81:64:14:
28:be:42:f3:1e:36:ce:d3:44:60:1c:9c:4a:3a:81:
bb:6d:c9:b8:a0:67:41:fd:df:12:d6:8b:c3:cc:ba:
71:8d:30:56:6f:e1:de:ee:8e:5d:78:56:eb:3b:59:
c1:1a:e7:ca:2a:6f:77:e7:cc:92:78:0f:78:27:13:
3d:dd:16:d5:33:50:95:14:02:f2:c3:93:56:41:b6:
b0:e4:0f:f4:a9:f8:f4:d2:12:19:ed:9c:71:58:37:
b6:37:d4:6e:84:59:d8:ab:2a:71:2b:93:2b:20:92:
64:2a:ad:71:19:64:bc:07:56:1e:87:45:46:bd:9d:
45:5a:71:fe:33:9e:bd:e1:a4:28:63:33:35:cb:ab:
ad:07:a4:aa:4d:51:36:5d:d3:68:aa:72:b5:99:a8:
42:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E9:88:60:ED:75:EF:37:E5:80:A9:46:79:53:5D:90:3E:30:2C:DB
X509v3 Authority Key Identifier:
keyid:6C:ED:F4:15:8A:DE:98:F1:45:7C:EC:85:89:55:62:6F:16:1D:2A:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bO30FYremPFFfOyFiVVibxYdKu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/fumIYO117zflgKlGeVNdkD4wLNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c4213d-0de0-4db4-a508-822d9f855984/1/bO30FYremPFFfOyFiVVibxYdKu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.242.0.0-94.242.47.255
IPv6:
2a00:1838::/32
Signature Algorithm: sha256WithRSAEncryption
6c:48:29:c0:e6:4a:32:5a:ea:cc:bb:24:e0:86:6b:a7:70:31:
71:6a:e4:1e:10:d6:99:7b:e2:9d:b8:9d:dd:69:59:41:8f:9e:
1c:fe:f2:8d:b9:bf:d7:ea:10:5a:82:02:59:ab:a7:d9:b4:03:
05:a4:e3:56:65:83:fb:9e:0c:cc:1a:47:fe:a3:c8:59:43:24:
d5:be:a4:72:ce:cf:3a:96:1c:ca:40:37:20:9d:7f:96:b6:e2:
bc:3d:a9:47:9f:46:4a:b1:46:e3:51:38:42:71:5a:88:18:95:
8a:93:8a:60:92:a1:67:32:e7:b0:7f:54:af:13:f4:a3:86:38:
e3:e1:55:42:d7:0a:45:1b:01:58:e8:56:43:65:ad:80:d4:7a:
46:57:a8:b8:f7:74:f2:d8:c4:68:7b:8c:f0:4e:e6:a8:0b:78:
6f:2c:aa:9e:c6:74:3a:4c:b7:15:f0:76:6c:3b:de:a8:24:a4:
32:8f:e5:51:cd:60:bd:64:c9:21:45:5d:39:7b:5b:3a:75:02:
29:af:cd:6d:a2:21:79:d6:3d:b8:40:64:bf:6d:47:98:d6:0f:
45:01:39:6b:8c:fa:8b:ec:1d:6d:1a:44:c5:3d:e5:4d:6f:fd:
d5:c6:9f:52:bb:46:f4:0f:1d:ea:1a:c3:bc:81:7b:7a:62:42:
6c:44:2e:f6
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAY0cJIO+OJK9LvBCu9FLb+6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZWRmNDE1OGFkZTk4ZjE0NTdjZWM4NTg5NTU2MjZmMTYx
ZDJhZWYwHhcNMjQwMTE4MTAzNjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU5ODg2MGVkNzVlZjM3ZTU4MGE5NDY3OTUzNWQ5MDNlMzAyY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiMMAhRDRHeYXUKJJVPZ0h2tgFNk
AdFm+CsoI05uIv2qFlaLUwWqI+0ACtTVSwoGTtrMqykoMimi6wgoTuGiikt+TV7R
zK7Q4xP9E3RqU1hACSjRRkB4QyAg3iWQL8g/u0482ImBZBQovkLzHjbO00RgHJxK
OoG7bcm4oGdB/d8S1ovDzLpxjTBWb+He7o5deFbrO1nBGufKKm9358ySeA94JxM9
3RbVM1CVFALyw5NWQbaw5A/0qfj00hIZ7ZxxWDe2N9RuhFnYqypxK5MrIJJkKq1x
GWS8B1Yeh0VGvZ1FWnH+M5694aQoYzM1y6utB6SqTVE2XdNoqnK1mahCjQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFH7piGDtde835YCpRnlTXZA+MCzbMB8GA1UdIwQY
MBaAFGzt9BWK3pjxRXzshYlVYm8WHSrvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk8zMEZZcmVtUEZGZk95RmlWVmlieFlkS3U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNDIxM2QtMGRlMC00ZGI0LWE1MDgt
ODIyZDlmODU1OTg0LzEvZnVtSVlPMTE3emZsZ0tsR2VWTmRrRDR3TE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jNDIxM2QtMGRlMC00ZGI0LWE1MDgtODIyZDlmODU1OTg0
LzEvYk8zMEZZcmVtUEZGZk95RmlWVmlieFlkS3U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDATBAIAATANMAsDAwFe8gME
BF7yIDANBAIAAjAHAwUAKgAYODANBgkqhkiG9w0BAQsFAAOCAQEAbEgpwOZKMlrq
zLsk4IZrp3AxcWrkHhDWmXvinbid3WlZQY+eHP7yjbm/1+oQWoICWaun2bQDBaTj
VmWD+54MzBpH/qPIWUMk1b6kcs7POpYcykA3IJ1/lrbivD2pR59GSrFG41E4QnFa
iBiVipOKYJKhZzLnsH9UrxP0o4Y44+FVQtcKRRsBWOhWQ2WtgNR6RleouPd08tjE
aHuM8E7mqAt4byyqnsZ0Oky3FfB2bDveqCSkMo/lUc1gvWTJIUVdOXtbOnUCKa/N
baIhedY9uEBkv21HmNYPRQE5a4z6i+wdbRpExT3lTW/91cafUrtG9A8d6hrDvIF7
emJCbEQu9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:44 2024 by rpki-client on console-ams.rpki-client.org