Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/FWzwhglq8gQwsGu5PhUJ4xT1Xw0.roa
File: FWzwhglq8gQwsGu5PhUJ4xT1Xw0.roa (raw, json)
Hash identifier: sWPwiOURF5l7Au+iMLd/ZrngoTo8T6qLY/TdD/JSdKg=
Subject key identifier: 15:6C:F0:86:09:6A:F2:04:30:B0:6B:B9:3E:15:09:E3:14:F5:5F:0D
Certificate issuer: /CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Certificate serial: 018572B42774221B479D107C697A651C659D
Authority key identifier: BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/FWzwhglq8gQwsGu5PhUJ4xT1Xw0.roa
Signing time: Mon 02 Jan 2023 13:38:07 +0000
ROA not before: Mon 02 Jan 2023 13:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200308
IP address blocks: 195.189.245.0/24 maxlen: 24
185.248.28.0/22 maxlen: 22
2a0d:dd80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:27:74:22:1b:47:9d:10:7c:69:7a:65:1c:65:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4731884ba0f573fa618b6e7ad503a12c965af3
Validity
Not Before: Jan 2 13:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=156cf086096af20430b06bb93e1509e314f55f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7f:e6:f0:c8:cf:5d:b2:81:73:b6:91:80:d8:
b7:a2:68:29:10:13:f7:86:a0:fd:a1:4f:6c:91:4f:
c4:d8:e6:61:dc:71:10:42:56:2b:4f:18:ee:1a:7d:
54:bf:01:43:71:de:ae:43:02:a7:24:49:be:de:12:
c1:18:f9:b8:cd:6e:04:38:a1:d7:91:53:a9:2e:57:
02:2a:ec:49:97:4e:ec:69:cf:a3:35:fc:19:c5:0b:
31:62:ac:8c:c8:34:0e:77:ae:44:01:4b:b2:a5:bb:
ca:68:8a:b9:32:24:61:c6:ff:08:ae:b8:45:ad:61:
31:6b:b5:2f:e8:89:12:12:a6:81:4c:2e:10:1b:d2:
31:e7:1c:7f:bd:f7:d0:98:22:03:1e:7f:0d:20:e8:
c1:18:3c:ba:80:98:07:7a:ef:d4:8e:1b:92:97:ec:
a1:28:48:aa:03:3a:22:36:d5:c8:15:ff:b8:b9:2a:
6f:69:08:a4:6b:22:af:12:1c:df:68:42:7f:80:38:
e3:5c:36:55:78:d6:13:26:0f:a8:66:3d:42:f7:b2:
5e:92:1e:20:bb:bd:cc:8d:9d:6f:04:7a:d9:41:95:
57:12:ce:8f:5b:2e:fa:0b:8f:40:16:2d:7b:97:be:
25:6d:b3:f7:82:86:5a:9b:4a:bf:cc:55:af:29:67:
05:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6C:F0:86:09:6A:F2:04:30:B0:6B:B9:3E:15:09:E3:14:F5:5F:0D
X509v3 Authority Key Identifier:
keyid:BB:47:31:88:4B:A0:F5:73:FA:61:8B:6E:7A:D5:03:A1:2C:96:5A:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0cxiEug9XP6YYtuetUDoSyWWvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/FWzwhglq8gQwsGu5PhUJ4xT1Xw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/c212a2-37e9-4ad6-bbe6-835a5842b94c/1/u0cxiEug9XP6YYtuetUDoSyWWvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.28.0/22
195.189.245.0/24
IPv6:
2a0d:dd80::/29
Signature Algorithm: sha256WithRSAEncryption
07:ba:8f:22:b3:02:bd:37:3e:14:41:b5:94:70:47:e8:21:35:
4f:95:ac:f7:06:91:15:40:87:f0:97:67:36:4d:54:18:9d:e5:
d0:4a:35:eb:53:fb:53:cd:e0:c0:cc:53:4b:88:41:9b:2a:b4:
88:30:3b:6e:58:41:59:2b:8d:19:09:c3:46:16:fb:20:cd:1b:
e9:5c:50:80:5f:8d:e6:70:97:53:ad:6f:b8:22:eb:5f:40:2e:
22:c2:b7:de:96:a2:5c:c4:25:3a:8b:0b:a9:e3:2e:63:cc:d2:
bb:da:42:f2:dc:fa:32:9b:6a:ad:81:0c:eb:67:62:73:bd:35:
f4:49:af:07:59:2a:5d:1d:77:2b:98:bf:49:db:28:8e:00:0d:
dd:b7:89:57:b8:31:58:f3:a7:35:48:d7:03:63:91:18:0a:82:
46:aa:82:dd:2c:c8:17:6c:0c:12:ae:a7:b8:f1:dd:cf:21:b3:
e4:d1:a7:54:ea:48:16:e4:e9:37:87:bf:c2:c0:44:f2:83:6c:
5a:4b:cf:a5:1e:a0:28:d1:f7:b6:64:58:d7:95:54:05:ca:1e:
2b:21:94:13:36:61:ad:24:65:86:3b:09:ea:ed:cf:89:65:10:
e1:43:33:f5:0d:44:c7:e9:17:6a:d1:b0:ec:25:b3:35:7a:94:
f4:0e:48:d6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytCd0IhtHnRB8aXplHGWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiNDczMTg4NGJhMGY1NzNmYTYxOGI2ZTdhZDUwM2ExMmM5
NjVhZjMwHhcNMjMwMTAyMTMzODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTZjZjA4NjA5NmFmMjA0MzBiMDZiYjkzZTE1MDllMzE0ZjU1ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX/m8MjPXbKBc7aRgNi3omgpEBP3
hqD9oU9skU/E2OZh3HEQQlYrTxjuGn1UvwFDcd6uQwKnJEm+3hLBGPm4zW4EOKHX
kVOpLlcCKuxJl07sac+jNfwZxQsxYqyMyDQOd65EAUuypbvKaIq5MiRhxv8IrrhF
rWExa7Uv6IkSEqaBTC4QG9Ix5xx/vffQmCIDHn8NIOjBGDy6gJgHeu/UjhuSl+yh
KEiqAzoiNtXIFf+4uSpvaQikayKvEhzfaEJ/gDjjXDZVeNYTJg+oZj1C97Jekh4g
u73MjZ1vBHrZQZVXEs6PWy76C49AFi17l74lbbP3goZam0q/zFWvKWcFBQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBVs8IYJavIEMLBruT4VCeMU9V8NMB8GA1UdIwQY
MBaAFLtHMYhLoPVz+mGLbnrVA6EsllrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYt
ODM1YTU4NDJiOTRjLzEvRld6d2hnbHE4Z1F3c0d1NVBoVUo0eFQxWHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jMjEyYTItMzdlOS00YWQ2LWJiZTYtODM1YTU4NDJiOTRj
LzEvdTBjeGlFdWc5WFA2WVl0dWV0VURvU3lXV3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCufgcAwQA
w731MA0EAgACMAcDBQMqDd2AMA0GCSqGSIb3DQEBCwUAA4IBAQAHuo8iswK9Nz4U
QbWUcEfoITVPlaz3BpEVQIfwl2c2TVQYneXQSjXrU/tTzeDAzFNLiEGbKrSIMDtu
WEFZK40ZCcNGFvsgzRvpXFCAX43mcJdTrW+4IutfQC4iwrfelqJcxCU6iwup4y5j
zNK72kLy3Poym2qtgQzrZ2JzvTX0Sa8HWSpdHXcrmL9J2yiOAA3dt4lXuDFY86c1
SNcDY5EYCoJGqoLdLMgXbAwSrqe48d3PIbPk0adU6kgW5Ok3h7/CwETyg2xaS8+l
HqAo0fe2ZFjXlVQFyh4rIZQTNmGtJGWGOwnq7c+JZRDhQzP1DUTH6Rdq0bDsJbM1
epT0DkjW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:14 2024 by rpki-client on console-fra.rpki-client.org