Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/FQB9InVFhxY2MqH1uiL2fGN3HtY.roa
File: FQB9InVFhxY2MqH1uiL2fGN3HtY.roa (raw, json)
Hash identifier: Hy7eQ40JJ5F8ZsLgtHtrSnhx9/jWLTnlSfUsJEbWKfY=
Subject key identifier: 15:00:7D:22:75:45:87:16:36:32:A1:F5:BA:22:F6:7C:63:77:1E:D6
Certificate issuer: /CN=697ea60aca0ddae5eddfbc260cb7da261624e91d
Certificate serial: 01856CA5E38C7266E259790E536D2B47E21A
Authority key identifier: 69:7E:A6:0A:CA:0D:DA:E5:ED:DF:BC:26:0C:B7:DA:26:16:24:E9:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aX6mCsoN2uXt37wmDLfaJhYk6R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/FQB9InVFhxY2MqH1uiL2fGN3HtY.roa
Signing time: Sun 01 Jan 2023 09:24:49 +0000
ROA not before: Sun 01 Jan 2023 09:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47426
IP address blocks: 195.43.157.0/24 maxlen: 24
2001:67c:348::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:a5:e3:8c:72:66:e2:59:79:0e:53:6d:2b:47:e2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=697ea60aca0ddae5eddfbc260cb7da261624e91d
Validity
Not Before: Jan 1 09:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15007d22754587163632a1f5ba22f67c63771ed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:d5:e0:b8:72:ce:b3:22:74:c5:e8:e2:8f:27:
7e:a6:ea:db:c9:e1:44:1e:a1:60:0d:08:2a:15:90:
8d:2c:61:7e:2b:83:2f:7c:c6:bc:24:50:cd:1f:59:
90:73:a3:8f:1f:dd:86:ac:b6:ea:9d:7a:91:df:9c:
ab:0f:1d:ce:10:96:55:f0:0b:f8:19:ce:84:31:b5:
75:f8:d9:56:7f:f0:c0:99:ac:6e:1a:6f:bb:d0:25:
a8:c3:f3:c9:dc:9a:7d:bf:17:34:90:26:d8:41:25:
97:91:18:6f:7d:ce:f3:24:8b:5b:b2:77:e9:2e:8e:
0f:c2:d4:56:f9:49:2f:fd:92:69:f2:32:a8:9f:52:
49:aa:e1:68:56:0c:5b:19:75:a8:d0:0b:a5:aa:ba:
5a:07:60:d0:a1:fa:0f:5b:8a:cf:d4:b7:ee:7a:0d:
a4:c0:7a:b4:74:6a:2b:7b:00:94:54:cc:85:1c:f5:
34:71:ca:f9:90:d0:e8:41:76:a5:44:12:e4:82:ce:
fb:04:26:04:28:fa:58:58:8e:85:26:a9:6e:b8:7c:
eb:3b:5d:23:bf:25:4f:17:9b:e7:43:56:ac:8d:e3:
ea:97:b8:d3:4a:a2:41:d1:ae:88:bb:ce:6a:41:c4:
a7:4e:d3:0d:94:cf:49:e0:5f:2b:e7:56:4a:84:d4:
57:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:00:7D:22:75:45:87:16:36:32:A1:F5:BA:22:F6:7C:63:77:1E:D6
X509v3 Authority Key Identifier:
keyid:69:7E:A6:0A:CA:0D:DA:E5:ED:DF:BC:26:0C:B7:DA:26:16:24:E9:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aX6mCsoN2uXt37wmDLfaJhYk6R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/FQB9InVFhxY2MqH1uiL2fGN3HtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/fb4934-a937-4324-9f17-eead3b8bccb9/1/aX6mCsoN2uXt37wmDLfaJhYk6R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.157.0/24
IPv6:
2001:67c:348::/48
Signature Algorithm: sha256WithRSAEncryption
34:d6:ba:13:26:97:55:3a:ce:37:53:11:7b:ab:91:7b:8e:d8:
c4:a1:a3:57:1f:ad:0e:78:7c:cc:df:8e:3c:b0:63:79:4d:fe:
dd:66:45:fd:e3:3c:40:f0:12:44:55:3c:e1:81:ed:4e:c5:9b:
06:be:05:e7:cd:26:e0:aa:68:2c:a4:19:0f:0b:29:f1:b2:8b:
83:e6:eb:36:ff:59:82:fa:0d:7e:99:06:9a:eb:6f:df:ed:93:
ad:32:49:40:5b:70:41:1f:47:7f:9c:81:2d:a1:da:91:b7:91:
c2:f5:31:22:6c:d3:65:be:40:26:b1:4c:5c:fb:57:3a:01:46:
de:c2:f5:8a:21:a1:a2:6a:05:a2:d9:75:a1:e1:36:02:c5:4d:
f5:6f:5b:2e:2d:25:67:c8:2d:fd:23:9a:59:06:c7:74:5d:a3:
33:47:c8:8e:46:6c:3b:66:23:d0:21:08:e8:56:27:7a:42:3e:
53:3c:d8:b8:32:b4:c4:48:62:dc:f1:77:3f:95:e5:dd:f4:b8:
d1:d9:b1:2c:cd:ca:58:fd:4c:e3:6c:f2:35:6e:91:b9:ae:e5:
23:2b:f4:55:12:ba:7c:ea:57:4f:8f:df:40:72:19:34:cf:5e:
98:76:74:e1:b8:a3:2c:dd:66:84:68:c6:45:21:1c:38:57:65:
8b:c2:31:66
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVspeOMcmbiWXkOU20rR+IaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5N2VhNjBhY2EwZGRhZTVlZGRmYmMyNjBjYjdkYTI2MTYy
NGU5MWQwHhcNMjMwMTAxMDkyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTAwN2QyMjc1NDU4NzE2MzYzMmExZjViYTIyZjY3YzYzNzcxZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgtXguHLOsyJ0xejijyd+purbyeFE
HqFgDQgqFZCNLGF+K4MvfMa8JFDNH1mQc6OPH92GrLbqnXqR35yrDx3OEJZV8Av4
Gc6EMbV1+NlWf/DAmaxuGm+70CWow/PJ3Jp9vxc0kCbYQSWXkRhvfc7zJItbsnfp
Lo4PwtRW+Ukv/ZJp8jKon1JJquFoVgxbGXWo0AulqrpaB2DQofoPW4rP1Lfueg2k
wHq0dGorewCUVMyFHPU0ccr5kNDoQXalRBLkgs77BCYEKPpYWI6FJqluuHzrO10j
vyVPF5vnQ1asjePql7jTSqJB0a6Iu85qQcSnTtMNlM9J4F8r51ZKhNRXPwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBUAfSJ1RYcWNjKh9boi9nxjdx7WMB8GA1UdIwQY
MBaAFGl+pgrKDdrl7d+8Jgy32iYWJOkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVg2bUNzb04ydVh0Mzd3bURMZmFKaFlrNlIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9mYjQ5MzQtYTkzNy00MzI0LTlmMTct
ZWVhZDNiOGJjY2I5LzEvRlFCOUluVkZoeFkyTXFIMXVpTDJmR04zSHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9mYjQ5MzQtYTkzNy00MzI0LTlmMTctZWVhZDNiOGJjY2I5
LzEvYVg2bUNzb04ydVh0Mzd3bURMZmFKaFlrNlIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwyudMA8E
AgACMAkDBwAgAQZ8A0gwDQYJKoZIhvcNAQELBQADggEBADTWuhMml1U6zjdTEXur
kXuO2MSho1cfrQ54fMzfjjywY3lN/t1mRf3jPEDwEkRVPOGB7U7Fmwa+BefNJuCq
aCykGQ8LKfGyi4Pm6zb/WYL6DX6ZBprrb9/tk60ySUBbcEEfR3+cgS2h2pG3kcL1
MSJs02W+QCaxTFz7VzoBRt7C9YohoaJqBaLZdaHhNgLFTfVvWy4tJWfILf0jmlkG
x3RdozNHyI5GbDtmI9AhCOhWJ3pCPlM82LgytMRIYtzxdz+V5d30uNHZsSzNylj9
TONs8jVukbmu5SMr9FUSunzqV0+P30ByGTTPXph2dOG4oyzdZoRoxkUhHDhXZYvC
MWY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:07 2024 by rpki-client on console-ams.rpki-client.org