Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa
File: 623lqH58IFN4Rt4oXuMus4gn8FU.roa (raw, json)
Hash identifier: F0yvi13V8pIxMJwJyvBgk2J2e9nYJE/hBxvt6oNy1f0=
Subject key identifier: EB:6D:E5:A8:7E:7C:20:53:78:46:DE:28:5E:E3:2E:B3:88:27:F0:55
Certificate issuer: /CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Certificate serial: 018CC2DB41F50B115109B42B7ED1447BED7A
Authority key identifier: FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 139.28.226.0/24 maxlen: 24
194.93.32.0/24 maxlen: 24
194.93.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 08:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:41:f5:0b:11:51:09:b4:2b:7e:d1:44:7b:ed:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc195bd682a8e9a124d5853dc5e908aae7339bae
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb6de5a87e7c20537846de285ee32eb38827f055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:37:71:ed:30:6f:a5:b4:26:d9:05:d9:41:de:
73:9c:83:64:92:85:17:cc:9f:a6:5e:28:39:a5:74:
6d:61:2b:69:5c:2b:8b:6c:05:d3:35:22:91:4f:1c:
1d:7f:56:29:4f:b6:cc:ae:a2:61:c2:6d:ec:ed:62:
62:7e:80:7f:da:96:ff:a6:c8:7a:eb:3d:f6:ee:ee:
e8:2c:da:0a:cd:81:5d:62:b6:08:76:fa:47:21:2a:
49:b2:59:e0:40:dc:24:86:28:e3:3a:c8:e7:f0:ed:
82:20:fe:f9:e4:cd:a8:c5:0a:c6:b0:9a:9d:5e:94:
29:8b:b5:76:c6:bb:5a:f3:21:b0:9c:12:5c:39:77:
b5:65:1b:0b:9b:93:61:96:be:b0:9e:37:e2:f6:66:
28:2b:8b:77:bf:fd:f5:16:1f:03:f0:50:f2:69:a0:
08:2f:3b:9a:a3:4c:94:ca:4c:f1:eb:21:f3:d5:23:
de:6e:74:59:a3:32:cf:f9:43:21:81:ca:77:31:00:
78:30:9a:bc:8a:72:7a:49:e6:49:9e:0a:a8:da:a3:
2c:fe:a6:81:2e:06:da:cb:bb:36:24:7e:24:68:fd:
67:54:77:14:59:7c:7d:4b:9e:60:cc:e0:40:2e:69:
ed:6d:75:6d:ec:60:42:43:d4:32:74:be:b3:81:84:
8b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6D:E5:A8:7E:7C:20:53:78:46:DE:28:5E:E3:2E:B3:88:27:F0:55
X509v3 Authority Key Identifier:
keyid:FC:19:5B:D6:82:A8:E9:A1:24:D5:85:3D:C5:E9:08:AA:E7:33:9B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Blb1oKo6aEk1YU9xekIquczm64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/623lqH58IFN4Rt4oXuMus4gn8FU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/db912f-bf6d-4f24-96ae-cc7b28990b81/1/_Blb1oKo6aEk1YU9xekIquczm64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.226.0/24
194.93.32.0/23
Signature Algorithm: sha256WithRSAEncryption
12:08:1c:f4:50:82:86:17:cc:dd:50:79:af:67:da:d2:15:35:
b2:e6:ab:8c:25:ae:23:6d:01:bb:9f:b3:65:19:a3:1a:ab:dc:
98:34:3a:bf:28:fa:06:81:0b:ed:d1:ec:24:c3:67:37:11:75:
cf:91:ec:76:be:0d:b1:b4:a0:da:dd:c5:9f:3e:59:88:b1:68:
6f:a5:9b:af:bb:ad:8b:5b:4e:a8:b6:54:f6:ef:af:eb:34:b6:
6e:a4:5b:e4:2f:05:84:91:fc:ad:15:51:d6:71:c8:a9:93:43:
3e:99:b8:42:cf:7a:fd:60:a8:10:7b:54:ac:40:cf:b9:72:e7:
ed:ed:4b:02:fe:15:ce:cc:aa:22:77:87:85:c5:f8:13:d4:54:
cf:63:e2:88:4d:31:1d:e6:8f:f9:66:84:36:55:37:16:ce:8c:
6a:98:f0:4b:68:b0:6a:4f:07:4e:f4:79:bb:a4:03:66:9f:35:
e0:58:7d:fd:e9:09:e1:77:61:bb:14:fe:e5:95:cc:73:9e:87:
a5:ab:b5:bd:87:63:47:14:3c:d9:e4:5f:2f:29:57:10:d9:d2:
fc:b9:80:93:f6:4c:c5:ba:27:6d:54:f5:d2:d7:03:85:44:02:
97:89:09:e3:ba:26:29:82:ff:6a:4c:e0:70:ab:37:a7:5a:a3:
fe:a5:4f:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC20H1CxFRCbQrftFEe+16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTk1YmQ2ODJhOGU5YTEyNGQ1ODUzZGM1ZTkwOGFhZTcz
MzliYWUwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjZkZTVhODdlN2MyMDUzNzg0NmRlMjg1ZWUzMmViMzg4MjdmMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijdx7TBvpbQm2QXZQd5znINkkoUX
zJ+mXig5pXRtYStpXCuLbAXTNSKRTxwdf1YpT7bMrqJhwm3s7WJifoB/2pb/psh6
6z327u7oLNoKzYFdYrYIdvpHISpJslngQNwkhijjOsjn8O2CIP755M2oxQrGsJqd
XpQpi7V2xrta8yGwnBJcOXe1ZRsLm5Nhlr6wnjfi9mYoK4t3v/31Fh8D8FDyaaAI
Lzuao0yUykzx6yHz1SPebnRZozLP+UMhgcp3MQB4MJq8inJ6SeZJngqo2qMs/qaB
Lgbay7s2JH4kaP1nVHcUWXx9S55gzOBALmntbXVt7GBCQ9QydL6zgYSLswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOtt5ah+fCBTeEbeKF7jLrOIJ/BVMB8GA1UdIwQY
MBaAFPwZW9aCqOmhJNWFPcXpCKrnM5uuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUt
Y2M3YjI4OTkwYjgxLzEvNjIzbHFINThJRk40UnQ0b1h1TXVzNGduOEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9kYjkxMmYtYmY2ZC00ZjI0LTk2YWUtY2M3YjI4OTkwYjgx
LzEvX0JsYjFvS282YUVrMVlVOXhla0lxdWN6bTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAixziAwQB
wl0gMA0GCSqGSIb3DQEBCwUAA4IBAQASCBz0UIKGF8zdUHmvZ9rSFTWy5quMJa4j
bQG7n7NlGaMaq9yYNDq/KPoGgQvt0ewkw2c3EXXPkex2vg2xtKDa3cWfPlmIsWhv
pZuvu62LW06otlT276/rNLZupFvkLwWEkfytFVHWccipk0M+mbhCz3r9YKgQe1Ss
QM+5cuft7UsC/hXOzKoid4eFxfgT1FTPY+KITTEd5o/5ZoQ2VTcWzoxqmPBLaLBq
TwdO9Hm7pANmnzXgWH396Qnhd2G7FP7llcxznoelq7W9h2NHFDzZ5F8vKVcQ2dL8
uYCT9kzFuidtVPXS1wOFRAKXiQnjuiYpgv9qTOBwqzenWqP+pU8v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:30 2024 by rpki-client on console-fra.rpki-client.org