Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/fFJgKSdyIP4BNwT1V6CcFHbRcYY.roa
File: fFJgKSdyIP4BNwT1V6CcFHbRcYY.roa (raw, json)
Hash identifier: sW0IwoHacl1v6GUW5HlB6AHZEZ79hqZ3qp+mo4dTHjg=
Subject key identifier: 7C:52:60:29:27:72:20:FE:01:37:04:F5:57:A0:9C:14:76:D1:71:86
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A93BC93FC9AAEBC8C97D36DF3F76
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/fFJgKSdyIP4BNwT1V6CcFHbRcYY.roa
Signing time: Sun 01 Jan 2023 21:54:57 +0000
ROA not before: Sun 01 Jan 2023 21:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15372
IP address blocks: 153.96.101.0/24 maxlen: 24
153.96.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a9:3b:c9:3f:c9:aa:eb:c8:c9:7d:36:df:3f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c526029277220fe013704f557a09c1476d17186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:8e:89:72:97:51:b9:3d:af:c9:16:48:4f:
58:5f:18:df:5c:68:94:f0:f6:af:fb:02:40:e1:9f:
b2:6c:2c:a3:2f:5b:d2:2a:c8:4d:ca:60:94:b4:22:
36:42:8f:5e:5e:4a:4c:a9:07:7c:79:28:b0:c9:90:
b5:fc:5c:3c:3a:92:65:71:84:30:80:c0:38:2b:56:
ad:53:5a:e8:16:77:f1:86:9a:e5:02:7d:db:bf:9f:
3d:ee:e0:49:73:3c:4b:99:ab:14:85:28:0d:b9:c4:
e2:15:e4:37:b8:4d:9e:e1:0b:d6:a3:28:ea:55:2b:
a7:3e:8b:39:b5:27:a8:a8:ff:02:b1:db:fb:ff:77:
4b:12:cc:42:32:6c:df:cf:d3:08:f2:6a:a0:17:8b:
e6:e1:55:50:a5:03:da:d6:ca:6d:fe:e8:72:24:ae:
b9:6a:f0:a8:31:35:dd:7d:7d:40:b5:c6:3a:9a:a4:
ab:c2:19:19:9e:de:f5:88:ea:da:fe:9a:ec:74:3d:
89:46:72:70:d9:70:7a:0a:44:14:3f:99:c3:0e:ea:
40:46:ca:2c:5e:a5:8f:f5:61:ea:96:08:52:a9:67:
ad:dc:a5:0c:92:8b:b3:9b:29:e1:7a:0d:a9:3e:99:
57:aa:de:96:fe:68:eb:d7:8b:41:aa:04:35:13:e2:
c8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:52:60:29:27:72:20:FE:01:37:04:F5:57:A0:9C:14:76:D1:71:86
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/fFJgKSdyIP4BNwT1V6CcFHbRcYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.96.101.0/24
153.96.230.0/24
Signature Algorithm: sha256WithRSAEncryption
30:97:be:f9:9c:45:7e:46:4b:d7:48:08:28:94:26:c9:6a:16:
a9:c6:f7:1a:ce:0f:bb:65:f4:ae:41:43:52:58:91:fa:42:bc:
72:e0:6f:b9:dd:d5:c6:2d:26:3a:e1:b9:9f:3f:3b:9f:b2:07:
7c:6f:7f:61:c1:1d:7f:e3:2f:03:c3:c0:ff:c9:43:c5:80:dd:
04:56:f2:5b:96:9a:d3:28:e5:2f:76:31:35:73:25:19:ca:30:
f6:fc:35:d5:60:ed:bf:53:b9:38:29:30:be:7b:5b:fd:22:08:
32:18:93:19:e9:d1:30:c2:f8:b6:d0:e5:d2:f9:33:0a:c8:c3:
1a:41:3b:c6:db:91:93:e0:c5:7b:b7:88:ca:d1:7e:28:19:f4:
e3:34:11:42:19:54:24:01:dd:de:54:08:fa:c3:6f:28:de:ae:
fb:2d:0a:47:9d:7e:da:5e:79:38:9c:bb:9d:63:d7:ca:81:8d:
be:45:da:b3:b1:7e:8d:e9:5c:da:85:41:fc:a1:fa:9e:5c:64:
b0:5d:ee:41:bd:ab:00:f8:d6:a8:71:31:2f:35:0b:4c:10:0a:
e3:2d:e9:3d:be:c3:9d:2b:09:48:c1:b5:d7:7c:b3:8e:25:13:
22:35:f8:e5:e9:d1:33:e4:7b:f5:11:ea:8a:f1:8b:ab:6f:aa:
b2:d5:ff:d1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvVKk7yT/JquvIyX023z92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzUyNjAyOTI3NzIyMGZlMDEzNzA0ZjU1N2EwOWMxNDc2ZDE3MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSuOiXKXUbk9r8kWSE9YXxjfXGiU
8Pav+wJA4Z+ybCyjL1vSKshNymCUtCI2Qo9eXkpMqQd8eSiwyZC1/Fw8OpJlcYQw
gMA4K1atU1roFnfxhprlAn3bv5897uBJczxLmasUhSgNucTiFeQ3uE2e4QvWoyjq
VSunPos5tSeoqP8Csdv7/3dLEsxCMmzfz9MI8mqgF4vm4VVQpQPa1spt/uhyJK65
avCoMTXdfX1AtcY6mqSrwhkZnt71iOra/prsdD2JRnJw2XB6CkQUP5nDDupARsos
XqWP9WHqlghSqWet3KUMkouzmynheg2pPplXqt6W/mjr14tBqgQ1E+LI8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHxSYCknciD+ATcE9VegnBR20XGGMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvZkZKZ0tTZHlJUDRCTndUMVY2Q2NGSGJSY1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmWBlAwQA
mWDmMA0GCSqGSIb3DQEBCwUAA4IBAQAwl775nEV+RkvXSAgolCbJahapxvcazg+7
ZfSuQUNSWJH6Qrxy4G+53dXGLSY64bmfPzufsgd8b39hwR1/4y8Dw8D/yUPFgN0E
VvJblprTKOUvdjE1cyUZyjD2/DXVYO2/U7k4KTC+e1v9IggyGJMZ6dEwwvi20OXS
+TMKyMMaQTvG25GT4MV7t4jK0X4oGfTjNBFCGVQkAd3eVAj6w28o3q77LQpHnX7a
Xnk4nLudY9fKgY2+RdqzsX6N6VzahUH8ofqeXGSwXe5BvasA+NaocTEvNQtMEArj
Lek9vsOdKwlIwbXXfLOOJRMiNfjl6dEz5Hv1EeqK8Yurb6qy1f/R
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:59 2024 by rpki-client on console-fra.rpki-client.org