Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Fu-djKY6auUELQfQsWNvCuMGqxY.roa
File: Fu-djKY6auUELQfQsWNvCuMGqxY.roa (raw, json)
Hash identifier: RHAPmALcPyWAYs/Syf1fuKQa9X9I6tikVFzz9OhN7Ns=
Subject key identifier: 16:EF:9D:8C:A6:3A:6A:E5:04:2D:07:D0:B1:63:6F:0A:E3:06:AB:16
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018D692B058C680C36E3F287553C464F23E1
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Fu-djKY6auUELQfQsWNvCuMGqxY.roa
Signing time: Fri 02 Feb 2024 09:34:03 +0000
ROA not before: Fri 02 Feb 2024 09:34:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 05 Feb 2024 18:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:2b:05:8c:68:0c:36:e3:f2:87:55:3c:46:4f:23:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 2 09:34:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16ef9d8ca63a6ae5042d07d0b1636f0ae306ab16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:50:c8:2a:a6:68:0c:b0:f1:f9:08:92:ce:
a8:d0:1a:16:70:ab:ad:05:3c:d2:12:aa:36:26:02:
81:0c:ae:9b:71:62:34:2b:2f:dd:54:ee:5e:94:19:
8c:e7:6f:2b:c8:0b:7d:55:1f:bc:cd:e3:c4:f7:b5:
b8:63:c3:3b:45:b4:59:47:66:86:26:87:2c:3e:7b:
6a:cd:e9:fb:90:11:3b:27:2d:8c:68:98:44:ab:72:
c8:57:27:9c:5f:2d:c4:d3:c9:4b:59:5d:a5:90:c6:
0e:79:46:bb:7a:9a:fb:eb:8e:3d:e5:f0:62:84:1e:
04:29:6c:bd:fe:9f:49:ad:0c:73:b3:e0:43:ee:ac:
2b:45:e1:83:4c:e8:4c:20:87:98:f0:5d:00:14:cc:
5e:57:0b:6d:90:be:bd:01:e2:bc:64:80:ab:76:ec:
fd:b8:66:75:25:96:b3:f0:a3:1a:11:8a:54:fb:1e:
e6:8f:6a:50:1d:57:25:d4:35:08:b2:5f:c1:95:20:
2b:8c:ff:da:2d:7a:1a:a5:d5:72:e1:26:5a:58:e1:
d0:4f:97:60:43:9a:76:5f:4b:06:03:d1:83:49:93:
68:27:37:5d:56:ec:d7:6a:02:6c:93:f2:3f:05:37:
83:c9:b1:5f:e0:d1:a4:b1:8d:c7:81:7d:18:e6:d8:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:EF:9D:8C:A6:3A:6A:E5:04:2D:07:D0:B1:63:6F:0A:E3:06:AB:16
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/Fu-djKY6auUELQfQsWNvCuMGqxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
45.14.220.0/23
45.80.120.0/22
Signature Algorithm: sha256WithRSAEncryption
83:56:64:50:9e:03:84:d5:6c:7a:ef:da:55:6c:e0:9b:b9:2a:
fe:65:da:26:9c:e0:a5:3c:c1:38:17:c2:08:1a:e8:3a:3b:f0:
12:ec:b0:f5:15:5a:96:c7:02:76:d5:84:e4:ac:50:9e:55:58:
e7:ef:8b:19:cf:0a:e8:51:d0:6d:77:93:81:55:d7:b4:46:91:
7d:ef:7d:9a:60:2f:24:78:b4:f5:f0:3b:a4:2f:3f:9d:8a:b7:
bf:5b:5b:e7:9a:15:99:b6:ee:00:5f:6a:33:91:22:b7:90:9f:
2b:94:1e:e2:35:10:12:87:41:ae:e1:21:f0:68:8a:05:3a:c9:
de:31:6e:97:c1:cb:a5:c7:86:34:51:24:80:06:34:0f:c5:18:
13:dd:e7:45:a6:a7:d4:f5:32:2d:58:3e:54:6d:b9:cb:fc:ac:
6a:65:aa:d5:3a:a2:60:d4:f2:a6:29:b6:f9:d8:1e:24:09:4b:
fd:49:15:5d:18:b5:05:36:9a:44:cf:ac:01:ae:8b:c2:4c:01:
a4:20:70:91:7a:14:f7:1a:5d:12:6c:c6:66:93:fc:48:14:42:
55:58:42:d8:d4:53:af:c4:e3:53:1e:fa:d5:89:bd:a9:df:20:
17:ad:99:30:5a:53:50:80:ad:ca:7a:8d:30:0a:b8:08:ae:33:
35:dc:04:1a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1pKwWMaAw24/KHVTxGTyPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjAyMDkzNDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmVmOWQ4Y2E2M2E2YWU1MDQyZDA3ZDBiMTYzNmYwYWUzMDZhYjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzdQyCqmaAyw8fkIks6o0BoWcKut
BTzSEqo2JgKBDK6bcWI0Ky/dVO5elBmM528ryAt9VR+8zePE97W4Y8M7RbRZR2aG
JocsPntqzen7kBE7Jy2MaJhEq3LIVyecXy3E08lLWV2lkMYOeUa7epr764495fBi
hB4EKWy9/p9JrQxzs+BD7qwrReGDTOhMIIeY8F0AFMxeVwttkL69AeK8ZICrduz9
uGZ1JZaz8KMaEYpU+x7mj2pQHVcl1DUIsl/BlSArjP/aLXoapdVy4SZaWOHQT5dg
Q5p2X0sGA9GDSZNoJzddVuzXagJsk/I/BTeDybFf4NGksY3HgX0Y5tgZ0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBbvnYymOmrlBC0H0LFjbwrjBqsWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRnUtZGpLWTZhdVVFTFFmUXNXTnZDdU1HcXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjswAwQB
LQ7cAwQCLVB4MA0GCSqGSIb3DQEBCwUAA4IBAQCDVmRQngOE1Wx679pVbOCbuSr+
ZdomnOClPME4F8IIGug6O/AS7LD1FVqWxwJ21YTkrFCeVVjn74sZzwroUdBtd5OB
Vde0RpF9732aYC8keLT18DukLz+dire/W1vnmhWZtu4AX2ozkSK3kJ8rlB7iNRAS
h0Gu4SHwaIoFOsneMW6Xwculx4Y0USSABjQPxRgT3edFpqfU9TItWD5UbbnL/Kxq
ZarVOqJg1PKmKbb52B4kCUv9SRVdGLUFNppEz6wBrovCTAGkIHCRehT3Gl0SbMZm
k/xIFEJVWELY1FOvxONTHvrVib2p3yAXrZkwWlNQgK3Keo0wCrgIrjM13AQa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:48 2024 by rpki-client on console-ams.rpki-client.org