Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/FfiRu7eU9t_cbn9lEzvr1BfJKTc.roa
File: FfiRu7eU9t_cbn9lEzvr1BfJKTc.roa (raw, json)
Hash identifier: iovW82ZkFPbKatS5wTADNuj9P1iViYY3a9A7nclm1RI=
Subject key identifier: 15:F8:91:BB:B7:94:F6:DF:DC:6E:7F:65:13:3B:EB:D4:17:C9:29:37
Certificate issuer: /CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Certificate serial: 018578035163D5B7926C143AADF351713A36
Authority key identifier: 53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/FfiRu7eU9t_cbn9lEzvr1BfJKTc.roa
Signing time: Tue 03 Jan 2023 14:22:41 +0000
ROA not before: Tue 03 Jan 2023 14:22:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50020
IP address blocks: 185.201.36.0/22 maxlen: 22
193.104.79.0/24 maxlen: 24
46.16.192.0/21 maxlen: 21
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:03:51:63:d5:b7:92:6c:14:3a:ad:f3:51:71:3a:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5336a106cecdeba92e0b80e5e9a5c789ba74c62b
Validity
Not Before: Jan 3 14:22:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15f891bbb794f6dfdc6e7f65133bebd417c92937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a5:45:87:05:e5:a2:c1:12:57:97:21:ae:69:
7b:ff:26:0f:f1:ab:37:c5:f8:0a:f0:ef:4c:2b:38:
78:2a:fe:6d:c5:a6:ce:5a:a4:bd:a8:38:8a:fa:75:
67:00:54:a2:18:05:71:25:a5:bd:d6:d2:e8:fb:f4:
da:3c:c0:b8:2f:9d:c4:aa:35:3c:92:90:c8:d2:ad:
02:6a:dc:ad:a0:39:4e:50:2a:27:2c:80:9b:d1:1f:
95:69:6d:5f:00:43:42:50:24:fa:37:6a:32:9b:f9:
db:d1:84:46:ad:de:b7:e7:eb:56:c8:6a:5b:07:cd:
e9:fe:32:02:37:64:87:75:a7:1b:24:c9:ea:56:ad:
49:d9:28:f0:6d:66:db:cd:0d:b4:10:b9:bd:13:29:
48:83:6a:56:ad:af:ab:12:60:f5:e5:11:0a:4d:ad:
58:b4:c8:42:f6:5b:dd:4f:bd:fa:47:13:34:40:aa:
57:44:98:ff:1a:84:0c:ab:07:81:a9:62:20:71:04:
10:c3:19:7b:44:2d:c9:6c:4c:fe:d5:67:c6:64:72:
e0:6f:fe:58:63:15:30:d7:a4:47:fb:2f:40:4b:04:
c1:9e:7c:c1:0e:5f:be:e4:4f:a4:68:e1:84:4d:fe:
c9:6f:ed:5a:fa:7d:20:8c:d8:cf:f3:3b:83:23:e2:
7d:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:F8:91:BB:B7:94:F6:DF:DC:6E:7F:65:13:3B:EB:D4:17:C9:29:37
X509v3 Authority Key Identifier:
keyid:53:36:A1:06:CE:CD:EB:A9:2E:0B:80:E5:E9:A5:C7:89:BA:74:C6:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzahBs7N66kuC4Dl6aXHibp0xis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/FfiRu7eU9t_cbn9lEzvr1BfJKTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2669ee-4ba7-4110-8370-dd803c5b85db/1/UzahBs7N66kuC4Dl6aXHibp0xis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.192.0/21
185.201.36.0/22
193.104.79.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:f7:e5:54:c2:03:84:7c:63:07:e1:ca:1d:48:ad:16:e5:b9:
8b:6f:41:09:f9:b8:c6:7f:28:f9:ec:8e:43:7a:81:5a:ed:69:
27:92:2c:8a:9e:d4:f5:23:d1:44:dd:dd:ce:8c:5d:05:fc:02:
36:9f:61:db:45:fe:3f:f8:70:7f:55:c8:ef:a9:8a:73:de:18:
5b:52:60:ca:d5:38:9b:d4:bd:3f:72:98:cf:4e:e9:90:a6:5d:
ad:98:54:03:a1:42:90:6b:19:8e:6f:b3:66:78:09:69:03:e6:
10:60:a4:7c:94:16:f9:03:db:04:bc:15:01:6a:14:69:9e:e5:
ea:a6:93:a1:eb:88:58:91:33:45:dd:7f:90:e2:3f:c5:65:1d:
30:f7:29:f2:7c:50:21:c3:3a:e2:1b:02:7f:6c:ca:a6:b1:d0:
3b:a1:b8:e1:06:84:f1:0c:89:30:01:4a:94:bf:53:96:b9:b4:
a0:6d:f2:c7:42:d6:0d:50:36:88:36:34:03:4c:32:74:6e:95:
46:88:4c:d3:37:9c:c0:5f:aa:1a:40:1a:69:22:2f:3d:b8:2d:
aa:39:2c:0f:52:c2:df:2d:52:4f:82:47:ec:36:c6:b5:c7:ce:
08:55:52:ef:84:31:9d:f7:95:b4:35:00:4e:95:fd:59:ef:87:
29:b5:63:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYV4A1Fj1beSbBQ6rfNRcTo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzZhMTA2Y2VjZGViYTkyZTBiODBlNWU5YTVjNzg5YmE3
NGM2MmIwHhcNMjMwMTAzMTQyMjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWY4OTFiYmI3OTRmNmRmZGM2ZTdmNjUxMzNiZWJkNDE3YzkyOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6VFhwXlosESV5chrml7/yYP8as3
xfgK8O9MKzh4Kv5txabOWqS9qDiK+nVnAFSiGAVxJaW91tLo+/TaPMC4L53EqjU8
kpDI0q0CatytoDlOUConLICb0R+VaW1fAENCUCT6N2oym/nb0YRGrd635+tWyGpb
B83p/jICN2SHdacbJMnqVq1J2SjwbWbbzQ20ELm9EylIg2pWra+rEmD15REKTa1Y
tMhC9lvdT736RxM0QKpXRJj/GoQMqweBqWIgcQQQwxl7RC3JbEz+1WfGZHLgb/5Y
YxUw16RH+y9ASwTBnnzBDl++5E+kaOGETf7Jb+1a+n0gjNjP8zuDI+J9uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBX4kbu3lPbf3G5/ZRM769QXySk3MB8GA1UdIwQY
MBaAFFM2oQbOzeupLguA5emlx4m6dMYrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAt
ZGQ4MDNjNWI4NWRiLzEvRmZpUnU3ZVU5dF9jYm45bEV6dnIxQmZKS1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8yNjY5ZWUtNGJhNy00MTEwLTgzNzAtZGQ4MDNjNWI4NWRi
LzEvVXphaEJzN042Nmt1QzREbDZhWEhpYnAweGlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDLhDAAwQC
uckkAwQAwWhPMA0GCSqGSIb3DQEBCwUAA4IBAQDD9+VUwgOEfGMH4codSK0W5bmL
b0EJ+bjGfyj57I5DeoFa7WknkiyKntT1I9FE3d3OjF0F/AI2n2HbRf4/+HB/Vcjv
qYpz3hhbUmDK1Tib1L0/cpjPTumQpl2tmFQDoUKQaxmOb7NmeAlpA+YQYKR8lBb5
A9sEvBUBahRpnuXqppOh64hYkTNF3X+Q4j/FZR0w9ynyfFAhwzriGwJ/bMqmsdA7
objhBoTxDIkwAUqUv1OWubSgbfLHQtYNUDaINjQDTDJ0bpVGiEzTN5zAX6oaQBpp
Ii89uC2qOSwPUsLfLVJPgkfsNsa1x84IVVLvhDGd95W0NQBOlf1Z74cptWPl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:38 2024 by rpki-client on console-ams.rpki-client.org