Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa
File: ab87BMpkEQ_QyogPotzvVMhp4V0.roa (raw, json)
Hash identifier: TPFPflT6Cre+0B8+tYHJYX3xSQFJxuTbI4ShJsb207g=
Subject key identifier: 69:BF:3B:04:CA:64:11:0F:D0:CA:88:0F:A2:DC:EF:54:C8:69:E1:5D
Certificate issuer: /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial: 018571277680B222126E13FF77F2B4299025
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa
Signing time: Mon 02 Jan 2023 06:24:49 +0000
ROA not before: Mon 02 Jan 2023 06:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8245
IP address blocks: 195.26.192.0/19 maxlen: 19
212.236.0.0/18 maxlen: 18
212.236.0.0/16 maxlen: 16
195.26.220.0/22 maxlen: 22
212.236.160.0/19 maxlen: 19
212.236.192.0/18 maxlen: 18
2a02:2750::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 05 Feb 2023 07:11:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:76:80:b2:22:12:6e:13:ff:77:f2:b4:29:90:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Validity
Not Before: Jan 2 06:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69bf3b04ca64110fd0ca880fa2dcef54c869e15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:75:c0:b1:32:58:7a:16:9f:9d:c2:50:53:57:
5d:f0:c9:66:e1:00:06:73:82:17:d7:02:9b:60:e3:
a3:85:07:93:c5:a7:fe:a9:20:e1:b7:f4:82:30:ff:
89:43:cc:f7:a2:f7:67:5d:b8:45:6c:d1:eb:dd:bc:
fd:c2:39:a2:3f:90:0c:8f:96:51:b2:08:f1:2f:d7:
3f:f2:76:64:2c:05:9a:90:a3:e3:ad:43:ca:e1:2b:
74:ec:a2:0a:36:44:29:7e:ff:1c:74:75:2d:7f:96:
c0:2d:23:e6:10:22:61:37:bd:da:67:8f:29:79:23:
e2:93:fc:c0:7d:17:02:61:ee:f4:da:7c:df:68:2f:
93:07:10:2d:8e:4a:8f:49:de:b4:07:19:a6:67:d0:
a2:69:e6:64:54:67:6d:75:8d:e7:6f:a0:db:c6:b9:
38:89:61:24:fd:40:a4:e2:07:0e:9b:6b:18:a6:e9:
98:6a:e0:6d:f3:aa:ad:f5:88:8b:83:76:26:e1:d2:
9f:18:86:f9:16:d1:0b:9a:f6:b0:01:7d:8e:e3:41:
0d:dc:bd:14:73:a4:4b:12:74:fe:11:59:17:b0:8e:
1a:06:6d:72:57:15:05:a2:64:18:f7:c4:50:c4:ba:
23:32:25:57:87:7f:2b:f5:f1:9e:dc:2a:68:09:ec:
21:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BF:3B:04:CA:64:11:0F:D0:CA:88:0F:A2:DC:EF:54:C8:69:E1:5D
X509v3 Authority Key Identifier:
keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/ab87BMpkEQ_QyogPotzvVMhp4V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.192.0/19
212.236.0.0/16
IPv6:
2a02:2750::/32
Signature Algorithm: sha256WithRSAEncryption
b7:56:f4:c3:97:47:d7:2e:df:01:23:30:ba:22:a1:14:21:47:
ae:31:8d:ad:ee:8a:aa:1f:c4:a9:70:5c:aa:bf:41:1f:15:26:
cf:6d:23:76:2a:a5:18:aa:f0:10:01:9c:2c:96:2d:1c:76:77:
e5:76:7e:03:ca:3a:8a:58:bb:5e:b6:9d:7b:46:48:6e:bf:0f:
b6:68:37:11:b7:2f:8a:e3:46:07:7e:18:0d:4c:7c:9e:6d:5d:
7f:4f:b8:59:39:c3:46:43:eb:51:26:71:fc:03:f9:bb:e4:5e:
66:dc:81:ff:ec:2c:4e:20:ed:10:73:31:0d:a9:cf:05:dd:93:
a7:5b:de:83:bd:ca:fc:a7:46:96:ab:1b:60:9d:a6:f3:f0:27:
5b:5b:bd:dc:99:22:23:59:23:6b:cd:f2:17:a6:cf:c1:00:a8:
c6:d5:a1:ef:5f:1d:f5:f5:c6:8a:36:4e:f0:ce:e6:0c:e9:69:
88:78:b0:2d:ea:0b:c2:e7:51:77:8b:8a:51:d4:18:d9:8f:3b:
b1:09:a5:4a:ad:f5:c9:38:79:d1:2e:00:a9:bc:97:92:7b:27:
5c:fc:1c:76:6d:73:18:46:3c:2d:d6:c7:8c:55:eb:53:dd:12:
a6:5b:25:c1:e4:ad:22:04:5d:a4:42:fd:d5:e8:9e:26:bf:31:
c0:3e:ce:ef
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVxJ3aAsiISbhP/d/K0KZAlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTgzMTM3MDQyZmM4YzQ5MjE3MDdkNGViNmRhNWY2YzRh
NzlhNWIwHhcNMjMwMTAyMDYyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJmM2IwNGNhNjQxMTBmZDBjYTg4MGZhMmRjZWY1NGM4NjllMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXXAsTJYehafncJQU1dd8Mlm4QAG
c4IX1wKbYOOjhQeTxaf+qSDht/SCMP+JQ8z3ovdnXbhFbNHr3bz9wjmiP5AMj5ZR
sgjxL9c/8nZkLAWakKPjrUPK4St07KIKNkQpfv8cdHUtf5bALSPmECJhN73aZ48p
eSPik/zAfRcCYe702nzfaC+TBxAtjkqPSd60BxmmZ9CiaeZkVGdtdY3nb6Dbxrk4
iWEk/UCk4gcOm2sYpumYauBt86qt9YiLg3Ym4dKfGIb5FtELmvawAX2O40EN3L0U
c6RLEnT+EVkXsI4aBm1yVxUFomQY98RQxLojMiVXh38r9fGe3CpoCewhPwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGm/OwTKZBEP0MqID6Lc71TIaeFdMB8GA1UdIwQY
MBaAFPyYMTcEL8jEkhcH1OttpfbEp5pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMt
MjI0ZjEwYTk4MWZlLzEvYWI4N0JNcGtFUV9ReW9nUG90enZWTWhwNFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMtMjI0ZjEwYTk4MWZl
LzEvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFwxrAAwMA
1OwwDQQCAAIwBwMFACoCJ1AwDQYJKoZIhvcNAQELBQADggEBALdW9MOXR9cu3wEj
MLoioRQhR64xja3uiqofxKlwXKq/QR8VJs9tI3YqpRiq8BABnCyWLRx2d+V2fgPK
OopYu162nXtGSG6/D7ZoNxG3L4rjRgd+GA1MfJ5tXX9PuFk5w0ZD61EmcfwD+bvk
Xmbcgf/sLE4g7RBzMQ2pzwXdk6db3oO9yvynRparG2CdpvPwJ1tbvdyZIiNZI2vN
8hemz8EAqMbVoe9fHfX1xoo2TvDO5gzpaYh4sC3qC8LnUXeLilHUGNmPO7EJpUqt
9ck4edEuAKm8l5J7J1z8HHZtcxhGPC3Wx4xV61PdEqZbJcHkrSIEXaRC/dXonia/
McA+zu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:37 2024 by rpki-client on console-fra.rpki-client.org