Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa
File: fnAwY0TZxr8or3GqeOw99_Z-FSM.roa (raw, json)
Hash identifier: v8t09AvYFbDJgq1vr+FmU0muRFN2nWeca4LwUR0CWlU=
Subject key identifier: 7E:70:30:63:44:D9:C6:BF:28:AF:71:AA:78:EC:3D:F7:F6:7E:15:23
Certificate issuer: /CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Certificate serial: 018CC64B31055DE985BF18C140FEEFC19105
Authority key identifier: FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa
Signing time: Mon 01 Jan 2024 18:31:05 +0000
ROA not before: Mon 01 Jan 2024 18:31:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8245
IP address blocks: 195.26.192.0/19 maxlen: 19
212.236.0.0/18 maxlen: 18
212.236.0.0/16 maxlen: 16
195.26.216.0/22 maxlen: 24
195.26.220.0/22 maxlen: 22
212.236.160.0/19 maxlen: 19
212.236.192.0/18 maxlen: 18
2a02:2750::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:31:05:5d:e9:85:bf:18:c1:40:fe:ef:c1:91:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc983137042fc8c4921707d4eb6da5f6c4a79a5b
Validity
Not Before: Jan 1 18:31:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e70306344d9c6bf28af71aa78ec3df7f67e1523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:1d:70:54:c8:48:56:66:7f:c0:d4:e3:e1:
89:01:8c:e5:c6:0d:c2:7c:12:79:ee:be:0a:35:45:
8c:21:78:92:d3:30:8d:2f:49:94:2e:60:f0:f9:65:
78:22:0f:ba:0a:61:d1:b2:34:a6:58:d1:ce:6a:4c:
51:2b:da:e5:1b:51:d8:d5:b5:88:16:5c:c0:68:87:
d4:86:82:6f:01:75:d7:8e:8e:17:95:86:4b:e7:ed:
36:2c:26:ce:9c:82:31:0a:b4:e4:4f:f1:0b:ad:a6:
19:54:2a:38:54:65:4b:49:99:8e:79:20:32:52:fc:
32:88:5a:be:e5:c0:d1:89:a4:15:04:d7:1e:22:09:
6a:30:0a:91:9a:2e:e5:8e:46:1c:45:13:d3:73:b4:
d3:1f:5d:b3:6f:39:6a:f1:a2:06:e3:5a:4f:ba:f7:
80:3c:b8:d7:fa:8b:c0:37:00:ef:13:95:dc:7c:72:
4e:b9:25:87:02:51:71:54:4c:e6:8f:95:c3:4c:64:
a9:ce:9a:9a:39:e7:61:c9:41:ae:d3:c5:a3:60:f5:
7b:c2:38:2a:98:c5:71:02:fb:f9:03:ab:54:71:f2:
6b:e1:9c:bf:a4:15:ee:40:d6:ed:37:d7:15:1c:5f:
38:2c:1f:77:52:ce:da:33:91:8d:59:9c:12:89:b6:
45:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:70:30:63:44:D9:C6:BF:28:AF:71:AA:78:EC:3D:F7:F6:7E:15:23
X509v3 Authority Key Identifier:
keyid:FC:98:31:37:04:2F:C8:C4:92:17:07:D4:EB:6D:A5:F6:C4:A7:9A:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JgxNwQvyMSSFwfU622l9sSnmls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/fnAwY0TZxr8or3GqeOw99_Z-FSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/421c80-ed3a-47fd-8d2c-224f10a981fe/1/_JgxNwQvyMSSFwfU622l9sSnmls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.192.0/19
212.236.0.0/16
IPv6:
2a02:2750::/32
Signature Algorithm: sha256WithRSAEncryption
bd:a7:8c:5b:7d:d9:5e:00:ca:56:ae:c6:d5:a1:00:3d:45:82:
18:9a:3c:e5:99:0d:fd:03:bf:73:c2:97:37:5f:d3:63:42:84:
1f:4c:c8:4f:88:1c:63:8a:be:f3:cb:07:08:9f:8f:b1:66:3f:
72:84:73:6a:56:99:6c:29:f1:c5:c2:57:c1:85:ef:2f:ef:60:
cb:c6:c0:a6:06:06:a2:e0:15:e0:45:90:ff:58:eb:20:b0:d1:
ac:4a:98:b9:e6:98:0b:ad:17:bf:8d:1a:15:f0:e7:05:a9:bf:
74:ea:d4:71:bb:19:65:69:5d:3f:5d:20:55:ff:68:0a:8d:16:
b7:74:38:a9:f6:c6:f1:df:87:8f:72:2a:77:a1:1c:ce:ec:e5:
79:e7:27:48:16:71:1b:1e:41:07:db:9f:ac:b0:fc:e2:40:38:
06:04:f1:5b:12:e7:ce:9b:9a:95:08:ef:ec:a7:fe:91:01:62:
84:2f:13:81:18:2a:90:8f:f5:11:3b:6a:69:21:d0:e0:b6:e6:
b3:4d:8e:14:c1:8b:b4:f0:48:8c:75:f5:2a:45:dc:2a:7e:2a:
e3:9e:1d:32:b0:60:99:77:55:c2:ef:b9:af:34:f1:3d:52:fd:
c9:62:16:05:f1:02:8f:47:bb:5f:61:f5:6c:db:99:ad:1a:b1:
46:11:3c:03
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGSzEFXemFvxjBQP7vwZEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTgzMTM3MDQyZmM4YzQ5MjE3MDdkNGViNmRhNWY2YzRh
NzlhNWIwHhcNMjQwMTAxMTgzMTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTcwMzA2MzQ0ZDljNmJmMjhhZjcxYWE3OGVjM2RmN2Y2N2UxNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfcdcFTISFZmf8DU4+GJAYzlxg3C
fBJ57r4KNUWMIXiS0zCNL0mULmDw+WV4Ig+6CmHRsjSmWNHOakxRK9rlG1HY1bWI
FlzAaIfUhoJvAXXXjo4XlYZL5+02LCbOnIIxCrTkT/ELraYZVCo4VGVLSZmOeSAy
UvwyiFq+5cDRiaQVBNceIglqMAqRmi7ljkYcRRPTc7TTH12zbzlq8aIG41pPuveA
PLjX+ovANwDvE5XcfHJOuSWHAlFxVEzmj5XDTGSpzpqaOedhyUGu08WjYPV7wjgq
mMVxAvv5A6tUcfJr4Zy/pBXuQNbtN9cVHF84LB93Us7aM5GNWZwSibZFHwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH5wMGNE2ca/KK9xqnjsPff2fhUjMB8GA1UdIwQY
MBaAFPyYMTcEL8jEkhcH1OttpfbEp5pbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMt
MjI0ZjEwYTk4MWZlLzEvZm5Bd1kwVFp4cjhvcjNHcWVPdzk5X1otRlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MjFjODAtZWQzYS00N2ZkLThkMmMtMjI0ZjEwYTk4MWZl
LzEvX0pneE53UXZ5TVNTRndmVTYyMmw5c1NubWxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwQFwxrAAwMA
1OwwDQQCAAIwBwMFACoCJ1AwDQYJKoZIhvcNAQELBQADggEBAL2njFt92V4Aylau
xtWhAD1FghiaPOWZDf0Dv3PClzdf02NChB9MyE+IHGOKvvPLBwifj7FmP3KEc2pW
mWwp8cXCV8GF7y/vYMvGwKYGBqLgFeBFkP9Y6yCw0axKmLnmmAutF7+NGhXw5wWp
v3Tq1HG7GWVpXT9dIFX/aAqNFrd0OKn2xvHfh49yKnehHM7s5XnnJ0gWcRseQQfb
n6yw/OJAOAYE8VsS586bmpUI7+yn/pEBYoQvE4EYKpCP9RE7amkh0OC25rNNjhTB
i7TwSIx19SpF3Cp+KuOeHTKwYJl3VcLvua808T1S/cliFgXxAo9Hu19h9Wzbma0a
sUYRPAM=
-----END CERTIFICATE-----
Generated at Wed Jan 3 21:19:23 2024 by rpki-client on console-ams.rpki-client.org