Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a9ced2-3fa4-46ed-88e0-38411a312d86/1/FkMwM6utr0EuZ-FSAs0RVoa1qf8.roa
File: FkMwM6utr0EuZ-FSAs0RVoa1qf8.roa (raw, json)
Hash identifier: xvrwF0gxgNssU6lgNDaaK9q2qykH68e7YjOu6S8HbLU=
Subject key identifier: 16:43:30:33:AB:AD:AF:41:2E:67:E1:52:02:CD:11:56:86:B5:A9:FF
Certificate issuer: /CN=7cb8b8730375c92853b99ae3af5797c123dd1507
Certificate serial: 01856C25D745C4978D97DDA43C21DBF387DB
Authority key identifier: 7C:B8:B8:73:03:75:C9:28:53:B9:9A:E3:AF:57:97:C1:23:DD:15:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fLi4cwN1yShTuZrjr1eXwSPdFQc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/a9ced2-3fa4-46ed-88e0-38411a312d86/1/FkMwM6utr0EuZ-FSAs0RVoa1qf8.roa
Signing time: Sun 01 Jan 2023 07:04:57 +0000
ROA not before: Sun 01 Jan 2023 07:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50904
IP address blocks: 185.18.192.0/22 maxlen: 22
31.216.224.0/21 maxlen: 21
2a03:d540::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:d7:45:c4:97:8d:97:dd:a4:3c:21:db:f3:87:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7cb8b8730375c92853b99ae3af5797c123dd1507
Validity
Not Before: Jan 1 07:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16433033abadaf412e67e15202cd115686b5a9ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ef:41:93:4b:c8:1c:4d:93:f7:92:1d:91:19:
bb:c5:25:ac:02:5b:d6:e0:ee:5e:05:ee:64:3a:d1:
6d:f5:45:f4:dc:fe:bc:71:e7:7e:cf:96:a4:c5:c7:
1f:e9:ec:6c:a7:f0:dc:76:c1:8c:7d:4e:0a:ea:e8:
d6:09:ad:71:34:ae:bb:f2:c5:96:cf:10:f6:7b:ed:
8e:62:3e:8a:bd:6c:1d:28:6e:20:fd:9f:e3:e9:23:
51:b5:0a:2e:6d:a6:de:07:a0:d0:38:5c:ed:62:38:
9d:99:b2:07:65:1e:d3:b4:19:50:79:08:d6:82:55:
28:fd:e0:ef:4f:5e:b0:85:8c:8c:dc:b3:43:02:f6:
f7:7c:13:ea:e7:d4:60:a8:8f:f9:74:f1:40:06:43:
df:03:92:32:27:ad:06:d2:28:be:aa:da:e4:f4:be:
cb:a5:14:82:fd:b0:0b:6b:79:c6:3e:3d:f2:ee:86:
f9:48:cd:59:24:f2:d3:dc:dc:d1:02:3e:e0:44:91:
ab:03:2f:d7:86:df:26:49:eb:a8:4a:94:50:03:5f:
91:4a:8e:92:a5:96:d4:7e:24:12:e1:27:a2:f0:b3:
20:14:ec:02:5e:9f:bb:a4:e1:41:d7:7a:a0:cf:eb:
54:a5:09:55:c8:7a:76:e1:eb:fa:32:e3:e7:2f:b4:
b7:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:43:30:33:AB:AD:AF:41:2E:67:E1:52:02:CD:11:56:86:B5:A9:FF
X509v3 Authority Key Identifier:
keyid:7C:B8:B8:73:03:75:C9:28:53:B9:9A:E3:AF:57:97:C1:23:DD:15:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fLi4cwN1yShTuZrjr1eXwSPdFQc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a9ced2-3fa4-46ed-88e0-38411a312d86/1/FkMwM6utr0EuZ-FSAs0RVoa1qf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a9ced2-3fa4-46ed-88e0-38411a312d86/1/fLi4cwN1yShTuZrjr1eXwSPdFQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.224.0/21
185.18.192.0/22
IPv6:
2a03:d540::/32
Signature Algorithm: sha256WithRSAEncryption
9a:18:ba:b4:24:b5:e0:6b:0e:12:65:a0:e4:3d:d4:00:b8:8a:
19:37:91:f4:03:44:8d:61:30:49:d5:d2:5a:4b:93:50:17:67:
b2:a2:bd:54:01:86:25:cd:66:fc:37:24:2f:f4:16:3d:63:48:
07:0d:d3:d3:a8:ba:70:4e:de:99:cc:de:71:86:40:08:69:4a:
2a:df:83:ca:c3:51:e4:b3:cd:56:3e:ec:ce:27:c1:f8:a9:0b:
3f:28:fa:60:87:ac:8a:b8:26:f5:dc:79:c4:93:8b:d2:8d:9c:
d7:a3:2b:b5:1d:9e:44:99:a7:a2:e0:16:4d:d9:a1:da:b7:e2:
b7:35:3b:8d:44:39:61:f1:2a:e5:a0:7a:7c:e2:8e:6d:4e:5e:
71:8c:b1:bc:e2:4e:a4:e8:84:f4:7a:81:02:97:9e:c5:3b:75:
6e:eb:b4:4e:fb:bb:ed:c8:b9:fc:c1:d9:0f:6d:12:de:a9:d9:
a8:dd:04:c2:c9:cb:78:62:6b:1e:b2:8c:b6:b9:fd:b2:75:11:
ec:28:f3:12:a9:be:3e:cf:ad:de:9f:02:1f:3a:7d:5c:c9:92:
76:57:c0:65:89:f4:d0:35:76:10:79:a7:7b:54:08:eb:e7:bd:
ca:cc:a0:dc:b9:66:cc:cf:94:ab:fb:de:1f:b2:83:f8:92:76:
a3:7c:c3:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsJddFxJeNl92kPCHb84fbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjYjhiODczMDM3NWM5Mjg1M2I5OWFlM2FmNTc5N2MxMjNk
ZDE1MDcwHhcNMjMwMTAxMDcwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjQzMzAzM2FiYWRhZjQxMmU2N2UxNTIwMmNkMTE1Njg2YjVhOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+9Bk0vIHE2T95IdkRm7xSWsAlvW
4O5eBe5kOtFt9UX03P68ced+z5akxccf6exsp/DcdsGMfU4K6ujWCa1xNK678sWW
zxD2e+2OYj6KvWwdKG4g/Z/j6SNRtQoubabeB6DQOFztYjidmbIHZR7TtBlQeQjW
glUo/eDvT16whYyM3LNDAvb3fBPq59RgqI/5dPFABkPfA5IyJ60G0ii+qtrk9L7L
pRSC/bALa3nGPj3y7ob5SM1ZJPLT3NzRAj7gRJGrAy/Xht8mSeuoSpRQA1+RSo6S
pZbUfiQS4Sei8LMgFOwCXp+7pOFB13qgz+tUpQlVyHp24ev6MuPnL7S3ZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBZDMDOrra9BLmfhUgLNEVaGtan/MB8GA1UdIwQY
MBaAFHy4uHMDdckoU7ma469Xl8Ej3RUHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkxpNGN3TjF5U2hUdVpyanIxZVh3U1BkRlFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hOWNlZDItM2ZhNC00NmVkLTg4ZTAt
Mzg0MTFhMzEyZDg2LzEvRmtNd002dXRyMEV1Wi1GU0FzMFJWb2ExcWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hOWNlZDItM2ZhNC00NmVkLTg4ZTAtMzg0MTFhMzEyZDg2
LzEvZkxpNGN3TjF5U2hUdVpyanIxZVh3U1BkRlFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDH9jgAwQC
uRLAMA0EAgACMAcDBQAqA9VAMA0GCSqGSIb3DQEBCwUAA4IBAQCaGLq0JLXgaw4S
ZaDkPdQAuIoZN5H0A0SNYTBJ1dJaS5NQF2eyor1UAYYlzWb8NyQv9BY9Y0gHDdPT
qLpwTt6ZzN5xhkAIaUoq34PKw1Hks81WPuzOJ8H4qQs/KPpgh6yKuCb13HnEk4vS
jZzXoyu1HZ5Emaei4BZN2aHat+K3NTuNRDlh8SrloHp84o5tTl5xjLG84k6k6IT0
eoECl57FO3Vu67RO+7vtyLn8wdkPbRLeqdmo3QTCyct4Ymsesoy2uf2ydRHsKPMS
qb4+z63enwIfOn1cyZJ2V8BlifTQNXYQead7VAjr573KzKDcuWbMz5Sr+94fsoP4
knajfMOZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:57 2024 by rpki-client on console-ams.rpki-client.org