Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/fdzsmnIvVZj7XWUHVXQgDXxR7gU.roa
File: fdzsmnIvVZj7XWUHVXQgDXxR7gU.roa (raw, json)
Hash identifier: V2cjtWwraYr+1Ph7X4maj/QnI9/dyLtwcnV0KiIaFkc=
Subject key identifier: 7D:DC:EC:9A:72:2F:55:98:FB:5D:65:07:55:74:20:0D:7C:51:EE:05
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 0185B08730E197E9D0A28B338A80A3DD86A0
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/fdzsmnIvVZj7XWUHVXQgDXxR7gU.roa
Signing time: Sat 14 Jan 2023 13:45:27 +0000
ROA not before: Sat 14 Jan 2023 13:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15544
IP address blocks: 185.104.144.0/24 maxlen: 24
185.104.144.0/22 maxlen: 22
185.104.145.0/24 maxlen: 24
185.104.146.0/24 maxlen: 24
185.104.147.0/24 maxlen: 25
213.140.132.0/24 maxlen: 24
213.140.131.0/24 maxlen: 24
213.140.128.0/24 maxlen: 24
213.140.130.0/24 maxlen: 24
213.140.128.0/19 maxlen: 19
213.140.129.0/24 maxlen: 24
213.140.133.0/24 maxlen: 24
213.140.135.0/24 maxlen: 24
213.140.134.0/24 maxlen: 24
213.140.137.0/24 maxlen: 24
213.140.136.0/24 maxlen: 24
213.140.139.0/24 maxlen: 24
213.140.138.0/24 maxlen: 24
213.140.143.0/24 maxlen: 24
213.140.146.0/24 maxlen: 24
2a02:2298::/36 maxlen: 36
2a02:2298:8000::/36 maxlen: 36
2a02:2298:4000::/36 maxlen: 36
2a02:2298::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Feb 2023 12:56:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b0:87:30:e1:97:e9:d0:a2:8b:33:8a:80:a3:dd:86:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 14 13:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ddcec9a722f5598fb5d65075574200d7c51ee05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7b:84:fa:31:4c:35:03:c3:7b:9e:8e:ab:8d:
ea:85:a3:36:da:bd:24:24:bd:32:a2:b8:45:ec:dc:
dc:3d:48:07:21:74:4a:7e:f6:c4:59:ac:6e:f1:96:
0a:65:53:f8:97:ce:f4:35:ab:54:a4:d1:78:88:17:
2c:68:e7:40:2d:38:97:f3:cf:ed:40:fa:53:9f:c8:
d5:f9:46:09:ea:9a:a7:c9:c6:d9:a5:f1:5a:38:bf:
02:f5:ba:b4:a0:9b:ef:6e:e4:17:bd:05:a8:9a:ac:
47:98:f7:b5:0c:e8:dc:42:9f:0f:1e:f4:e3:40:b6:
3a:bb:53:c8:3a:a8:7f:a5:b3:16:d7:9b:8f:26:e0:
3f:fe:36:e6:71:96:3f:2b:aa:a4:ba:85:b9:04:6d:
6c:82:41:8d:26:d4:cc:eb:ed:83:19:95:2e:2b:9f:
c2:a6:4f:51:75:5d:5b:ac:1e:71:7d:b5:b5:29:f8:
8d:1c:d6:8f:9b:eb:f8:6b:32:da:89:2d:8b:c3:2f:
9e:6f:1d:7a:b7:97:65:2f:15:3d:4a:c4:35:e9:da:
ce:70:73:06:40:d6:9d:d3:d5:ca:98:a9:ce:99:ee:
0a:7b:2c:92:6b:bb:7a:15:2c:a8:a0:2f:8a:5a:8e:
aa:9f:47:e3:ee:c8:74:da:02:6a:1a:51:4c:a3:57:
f2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DC:EC:9A:72:2F:55:98:FB:5D:65:07:55:74:20:0D:7C:51:EE:05
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/fdzsmnIvVZj7XWUHVXQgDXxR7gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.144.0/22
213.140.128.0/19
IPv6:
2a02:2298::/32
Signature Algorithm: sha256WithRSAEncryption
51:4f:d7:3b:62:29:56:bd:90:02:9a:cd:97:db:48:05:f5:8f:
17:42:fc:cf:7d:f0:6a:3e:f5:ba:17:ae:d2:f2:dc:e2:9d:ec:
d7:9d:b4:3a:ef:59:48:7f:2e:84:02:46:2e:fb:55:28:01:12:
d9:04:36:24:f3:58:4e:14:2a:d7:ae:05:40:c4:f7:66:51:c5:
fc:25:3a:24:f5:16:65:85:97:de:14:a4:6e:40:a1:3b:bf:73:
5f:8b:1b:08:5c:b0:6d:20:26:83:a0:16:80:b3:5c:32:12:bc:
3d:d5:d5:c6:69:a4:5e:84:4c:1b:9c:38:7c:11:9c:79:81:96:
b6:19:00:b4:d3:c3:2d:c0:6b:02:f8:2e:cb:15:91:c4:3b:bd:
30:98:10:81:a1:a3:70:bb:92:b0:a9:c7:ed:9c:ee:d2:bd:af:
26:b7:0e:ba:3f:30:fe:e2:a5:f4:e8:42:5a:1d:bf:a8:7a:7c:
03:74:fb:9c:12:b4:3f:de:cf:7a:cd:1c:b3:f5:8d:e9:a1:3b:
f9:fd:81:17:e7:99:47:2d:f4:bf:42:40:c0:5f:56:b1:ff:1f:
9c:36:da:fa:d0:05:84:ef:4d:bd:30:92:84:71:5b:96:5a:17:
46:30:84:59:62:f5:99:c8:a5:25:83:c5:df:73:5f:2d:6b:e8:
a5:d7:27:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYWwhzDhl+nQooszioCj3YagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkOGE5ZmQ3YzUxOTI2ZTIyZWE4YWEzM2IzYjg4MzhlOTNl
OGJlZGQwHhcNMjMwMTE0MTM0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRjZWM5YTcyMmY1NTk4ZmI1ZDY1MDc1NTc0MjAwZDdjNTFlZTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHuE+jFMNQPDe56Oq43qhaM22r0k
JL0yorhF7NzcPUgHIXRKfvbEWaxu8ZYKZVP4l870NatUpNF4iBcsaOdALTiX88/t
QPpTn8jV+UYJ6pqnycbZpfFaOL8C9bq0oJvvbuQXvQWomqxHmPe1DOjcQp8PHvTj
QLY6u1PIOqh/pbMW15uPJuA//jbmcZY/K6qkuoW5BG1sgkGNJtTM6+2DGZUuK5/C
pk9RdV1brB5xfbW1KfiNHNaPm+v4azLaiS2Lwy+ebx16t5dlLxU9SsQ16drOcHMG
QNad09XKmKnOme4KeyySa7t6FSyooC+KWo6qn0fj7sh02gJqGlFMo1fyTQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH3c7JpyL1WY+11lB1V0IA18Ue4FMB8GA1UdIwQY
MBaAFF2Kn9fFGSbiLqiqM7O4g46T6L7dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMt
NjZjNTNmMmIxZjAyLzEvZmR6c21uSXZWWmo3WFdVSFZYUWdEWHhSN2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9iYjg2MWQtMzMwZi00YTk3LTlmOWMtNjZjNTNmMmIxZjAy
LzEvWFlxZjE4VVpKdUl1cUtvenM3aURqcFBvdnQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuWiQAwQF
1YyAMA0EAgACMAcDBQAqAiKYMA0GCSqGSIb3DQEBCwUAA4IBAQBRT9c7YilWvZAC
ms2X20gF9Y8XQvzPffBqPvW6F67S8tzinezXnbQ671lIfy6EAkYu+1UoARLZBDYk
81hOFCrXrgVAxPdmUcX8JTok9RZlhZfeFKRuQKE7v3NfixsIXLBtICaDoBaAs1wy
Erw91dXGaaRehEwbnDh8EZx5gZa2GQC008MtwGsC+C7LFZHEO70wmBCBoaNwu5Kw
qcftnO7Sva8mtw66PzD+4qX06EJaHb+oenwDdPucErQ/3s96zRyz9Y3poTv5/YEX
55lHLfS/QkDAX1ax/x+cNtr60AWE7029MJKEcVuWWhdGMIRZYvWZyKUlg8Xfc18t
a+il1ycV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org