Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/FmE-WPxavHwfLtbAaGtzh23cEL8.roa
File: FmE-WPxavHwfLtbAaGtzh23cEL8.roa (raw, json)
Hash identifier: LnXJBZivWy/DygAMyEM1BiGi/B42fBKJ83n5hMldoYE=
Subject key identifier: 16:61:3E:58:FC:5A:BC:7C:1F:2E:D6:C0:68:6B:73:87:6D:DC:10:BF
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 01874C1A248702458593DB8E1BB58579A7F9
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/FmE-WPxavHwfLtbAaGtzh23cEL8.roa
Signing time: Tue 04 Apr 2023 11:49:54 +0000
ROA not before: Tue 04 Apr 2023 11:49:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199775
IP address blocks: 185.95.108.0/22 maxlen: 24
185.6.152.0/22 maxlen: 24
185.168.135.0/24 maxlen: 24
185.168.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Aug 2023 09:34:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:1a:24:87:02:45:85:93:db:8e:1b:b5:85:79:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Apr 4 11:49:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16613e58fc5abc7c1f2ed6c0686b73876ddc10bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:1c:14:e7:14:bf:4d:0b:64:a0:93:3b:76:fe:
3d:cc:88:e6:a5:11:3c:02:f2:e4:36:62:f8:21:f1:
f2:28:48:40:18:3a:1b:cb:2f:94:c7:58:57:51:01:
8b:05:57:16:86:68:7f:fb:05:61:c5:73:b2:43:b3:
8d:5b:13:98:ef:95:32:ef:c4:24:23:66:f3:18:39:
e3:0a:7c:bb:9c:64:48:b9:83:1c:7b:a0:08:d6:92:
2a:dd:47:f4:0d:ee:b0:a1:af:85:0a:6c:f9:bf:a6:
9c:a4:83:d1:05:a7:a7:cd:64:22:33:70:6b:b9:c3:
a1:0c:d7:33:20:1b:c9:b8:66:8a:1d:be:e9:83:53:
28:97:d1:32:18:7c:ae:35:c5:c1:d9:f9:7e:3d:01:
21:2a:c6:79:5c:fe:55:a6:49:bf:74:d1:94:25:29:
25:55:e4:f3:af:18:25:65:6e:9f:a6:55:0e:29:ef:
12:83:ad:25:c0:ea:73:0a:f0:45:44:48:44:d7:35:
78:7c:85:92:59:8a:5b:eb:d7:03:83:77:41:7e:fb:
dd:06:4b:f4:00:22:d2:13:7a:c1:50:bf:ee:2d:2d:
1e:5a:1b:32:2d:bc:e4:11:c9:e5:b9:8c:24:be:ae:
3a:fd:06:a0:8c:25:bb:1e:20:8c:e6:5c:6a:38:0a:
8a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:61:3E:58:FC:5A:BC:7C:1F:2E:D6:C0:68:6B:73:87:6D:DC:10:BF
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/FmE-WPxavHwfLtbAaGtzh23cEL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.152.0/22
185.95.108.0/22
185.168.134.0/23
Signature Algorithm: sha256WithRSAEncryption
66:a1:07:e8:2f:7d:c8:c7:70:38:88:65:97:d0:bc:e5:ea:97:
a7:51:a8:1b:96:0f:6f:01:c4:da:7d:8f:6e:25:1e:79:ee:28:
53:cb:c5:86:28:ad:74:76:90:42:79:b3:a8:28:11:c3:c4:01:
5d:73:73:be:a1:0f:b3:66:94:64:e0:26:1e:c9:65:b7:1b:87:
f3:95:84:31:ab:db:9e:01:23:74:70:de:0c:ae:07:83:a8:52:
ac:14:3b:7c:06:d1:b9:ae:70:39:ad:c0:55:b4:fe:67:e6:5b:
cb:b1:bc:4b:ff:a9:08:91:0a:5b:6e:85:3f:c3:b8:42:e4:74:
f9:5c:97:79:c8:c6:94:28:4e:22:50:a2:5d:52:7a:84:10:fc:
61:f7:9e:a0:2b:9a:69:6e:f5:45:57:cf:62:36:98:a0:34:0a:
9f:d0:f2:d2:12:7d:bc:a4:5c:8f:5f:21:e6:cb:43:f6:b4:81:
8b:c8:c8:82:47:61:94:3d:0b:8a:cd:53:a1:ac:db:54:e8:9b:
10:82:9a:ab:65:f3:00:8a:92:cd:a5:1d:ab:ad:1f:40:d3:df:
32:c2:b8:77:8a:79:8c:2f:21:5d:57:ba:ac:e9:15:44:a9:d3:
b6:a2:e2:7c:89:7d:75:d9:bc:42:a8:5b:4f:dc:b1:ee:ad:02:
51:f2:bf:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYdMGiSHAkWFk9uOG7WFeaf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjMwNDA0MTE0OTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjYxM2U1OGZjNWFiYzdjMWYyZWQ2YzA2ODZiNzM4NzZkZGMxMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhwU5xS/TQtkoJM7dv49zIjmpRE8
AvLkNmL4IfHyKEhAGDobyy+Ux1hXUQGLBVcWhmh/+wVhxXOyQ7ONWxOY75Uy78Qk
I2bzGDnjCny7nGRIuYMce6AI1pIq3Uf0De6woa+FCmz5v6acpIPRBaenzWQiM3Br
ucOhDNczIBvJuGaKHb7pg1Mol9EyGHyuNcXB2fl+PQEhKsZ5XP5Vpkm/dNGUJSkl
VeTzrxglZW6fplUOKe8Sg60lwOpzCvBFREhE1zV4fIWSWYpb69cDg3dBfvvdBkv0
ACLSE3rBUL/uLS0eWhsyLbzkEcnluYwkvq46/QagjCW7HiCM5lxqOAqKEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBZhPlj8Wrx8Hy7WwGhrc4dt3BC/MB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvRm1FLVdQeGF2SHdmTHRiQWFHdHpoMjNjRUw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuQaYAwQC
uV9sAwQBuaiGMA0GCSqGSIb3DQEBCwUAA4IBAQBmoQfoL33Ix3A4iGWX0Lzl6pen
Uagblg9vAcTafY9uJR557ihTy8WGKK10dpBCebOoKBHDxAFdc3O+oQ+zZpRk4CYe
yWW3G4fzlYQxq9ueASN0cN4MrgeDqFKsFDt8BtG5rnA5rcBVtP5n5lvLsbxL/6kI
kQpbboU/w7hC5HT5XJd5yMaUKE4iUKJdUnqEEPxh956gK5ppbvVFV89iNpigNAqf
0PLSEn28pFyPXyHmy0P2tIGLyMiCR2GUPQuKzVOhrNtU6JsQgpqrZfMAipLNpR2r
rR9A098ywrh3inmMLyFdV7qs6RVEqdO2ouJ8iX112bxCqFtP3LHurQJR8r96
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:21 2024 by rpki-client on console-ams.rpki-client.org