Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fo9BVKAvtQGb7KLFBsKxg649UE0.roa
File: fo9BVKAvtQGb7KLFBsKxg649UE0.roa (raw, json)
Hash identifier: hb0F+qDjTkP7E9z3tIgD13xp2usURTN2w3H//vaA0zs=
Subject key identifier: 7E:8F:41:54:A0:2F:B5:01:9B:EC:A2:C5:06:C2:B1:83:AE:3D:50:4D
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018FE8AEE9153BAB3CA39B603FE75DE0AEED
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fo9BVKAvtQGb7KLFBsKxg649UE0.roa
Signing time: Wed 05 Jun 2024 13:55:28 +0000
ROA not before: Wed 05 Jun 2024 13:55:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8474
IP address blocks: 194.50.200.0/23 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.96.0/19 maxlen: 24
195.138.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 17:07:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e8:ae:e9:15:3b:ab:3c:a3:9b:60:3f:e7:5d:e0:ae:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 5 13:55:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e8f4154a02fb5019beca2c506c2b183ae3d504d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2a:48:90:7b:24:25:70:98:a9:ce:dd:e6:d1:
ed:c8:24:3b:50:23:cb:fd:2a:c0:cb:f0:6b:8e:f0:
f3:0a:90:9d:26:b5:57:57:cf:a2:80:f3:16:e8:0e:
7e:68:e0:cd:e1:91:13:58:81:23:d7:f5:89:f2:06:
36:82:38:41:6e:33:27:13:b9:77:3e:b1:f0:cb:5f:
87:24:c5:a5:14:3d:82:a5:7b:30:89:c0:6f:95:54:
9b:14:11:5a:c1:16:82:71:ee:5e:ad:a4:3f:9c:7d:
b5:4d:69:cc:db:8b:bb:e0:b1:ff:a3:91:b5:95:f4:
2a:5b:3b:31:a6:b7:70:bc:f2:e6:de:23:e5:68:cc:
2d:07:07:29:44:86:a4:3a:0d:61:db:95:13:4b:71:
76:ad:c3:8e:8f:0d:54:b5:9a:29:55:ff:57:ab:d1:
c8:a7:49:48:43:b0:3c:d6:98:14:68:b6:ac:07:60:
6a:6d:a5:e8:f1:24:36:cb:e5:ae:ca:fa:62:f1:40:
ec:f2:1c:f5:5a:48:19:be:b7:35:51:cb:5b:34:bc:
77:86:bd:15:b7:22:97:98:a1:c2:b9:2f:d5:eb:85:
6b:11:93:d0:6b:09:1f:0e:fb:a4:c8:a1:ff:9b:fb:
ef:29:44:d7:21:97:ba:cc:17:78:20:57:53:24:3a:
8a:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8F:41:54:A0:2F:B5:01:9B:EC:A2:C5:06:C2:B1:83:AE:3D:50:4D
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fo9BVKAvtQGb7KLFBsKxg649UE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
66:7c:cc:f6:72:d0:7e:78:c6:88:9d:89:b0:b1:95:99:14:d6:
15:c2:9c:36:8a:0b:a7:26:c3:1c:92:92:fa:f2:8a:b1:c8:f8:
75:4b:3c:cc:08:9d:20:54:53:e5:b2:df:8e:2a:35:20:d9:31:
90:72:c8:de:a7:75:46:91:41:12:2a:8c:c1:42:74:0e:cc:cd:
a8:cb:48:4a:0c:63:6c:c7:7f:40:e3:13:3c:e7:15:59:27:f0:
62:c5:be:7a:21:9f:ea:41:21:e5:d2:18:7c:d1:5a:9c:af:c7:
44:7e:38:c9:85:27:7a:7c:7c:15:12:c7:75:2a:66:ff:32:8b:
18:2a:b2:a5:d3:b9:18:cf:f2:56:af:f7:5c:3b:1d:4d:01:3f:
c0:33:4d:d4:d8:65:fe:3d:c1:aa:10:a5:99:b8:86:b3:ad:0d:
17:27:c1:a1:7d:ce:12:31:99:e0:85:0b:9b:53:8e:b2:99:78:
c2:95:4d:2d:fc:86:38:4f:98:06:31:82:40:65:7b:de:ea:04:
a8:18:dd:f5:63:2c:c4:79:a4:d3:3f:21:12:b4:2d:e6:ed:be:
93:2e:57:d5:1e:61:33:3b:37:f6:fc:36:80:80:1c:d0:d3:26:
6c:37:e7:91:4d:29:99:3b:fb:b0:4f:b9:9b:5c:e6:9c:88:70:
ee:c7:71:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/orukVO6s8o5tgP+dd4K7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNjA1MTM1NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZThmNDE1NGEwMmZiNTAxOWJlY2EyYzUwNmMyYjE4M2FlM2Q1MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCpIkHskJXCYqc7d5tHtyCQ7UCPL
/SrAy/BrjvDzCpCdJrVXV8+igPMW6A5+aODN4ZETWIEj1/WJ8gY2gjhBbjMnE7l3
PrHwy1+HJMWlFD2CpXswicBvlVSbFBFawRaCce5eraQ/nH21TWnM24u74LH/o5G1
lfQqWzsxprdwvPLm3iPlaMwtBwcpRIakOg1h25UTS3F2rcOOjw1UtZopVf9Xq9HI
p0lIQ7A81pgUaLasB2BqbaXo8SQ2y+Wuyvpi8UDs8hz1WkgZvrc1UctbNLx3hr0V
tyKXmKHCuS/V64VrEZPQawkfDvukyKH/m/vvKUTXIZe6zBd4IFdTJDqKEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH6PQVSgL7UBm+yixQbCsYOuPVBNMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZm85QlZLQXZ0UUdiN0tMRkJzS3hnNjQ5VUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwjLIAwQB
wjLOAwQFw4pgMA0GCSqGSIb3DQEBCwUAA4IBAQBmfMz2ctB+eMaInYmwsZWZFNYV
wpw2igunJsMckpL68oqxyPh1SzzMCJ0gVFPlst+OKjUg2TGQcsjep3VGkUESKozB
QnQOzM2oy0hKDGNsx39A4xM85xVZJ/Bixb56IZ/qQSHl0hh80Vqcr8dEfjjJhSd6
fHwVEsd1Kmb/MosYKrKl07kYz/JWr/dcOx1NAT/AM03U2GX+PcGqEKWZuIazrQ0X
J8Ghfc4SMZnghQubU46ymXjClU0t/IY4T5gGMYJAZXve6gSoGN31YyzEeaTTPyES
tC3m7b6TLlfVHmEzOzf2/DaAgBzQ0yZsN+eRTSmZO/uwT7mbXOaciHDux3Hk
-----END CERTIFICATE-----
Generated at Wed Oct 16 21:17:35 2024 by rpki-client on console-ams.rpki-client.org