Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FzP8tNKMbNSoLiHCYPZ_trGFtYY.roa
File: FzP8tNKMbNSoLiHCYPZ_trGFtYY.roa (raw, json)
Hash identifier: /8dKpY5o0593LAUHUAHjUruM5t9buFUdquQhswG3qfY=
Subject key identifier: 17:33:FC:B4:D2:8C:6C:D4:A8:2E:21:C2:60:F6:7F:B6:B1:85:B5:86
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187DC8E932889901590DD81499B57169F28
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FzP8tNKMbNSoLiHCYPZ_trGFtYY.roa
Signing time: Tue 02 May 2023 13:02:23 +0000
ROA not before: Tue 02 May 2023 13:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203790
IP address blocks: 194.50.111.0/24 maxlen: 24
2a0e:97c0:460::/44 maxlen: 48
2a0e:b107:12a0::/44 maxlen: 48
2a10:cc40:1d0::/44 maxlen: 48
2a0e:b101::/32 maxlen: 48
2a10:cc41:110::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 04 May 2023 12:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:dc:8e:93:28:89:90:15:90:dd:81:49:9b:57:16:9f:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 2 13:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1733fcb4d28c6cd4a82e21c260f67fb6b185b586
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:aa:a4:77:7f:e2:3c:02:30:f0:39:9a:83:e7:
34:40:7d:e7:ac:15:ac:fd:f5:65:10:6d:98:96:ab:
60:51:57:d8:a9:a3:6f:d3:74:0b:7c:ae:7f:62:78:
20:85:be:1b:dd:8f:74:9a:f9:5c:63:5a:3e:61:f2:
f7:2b:25:45:51:80:ad:d0:83:2b:28:36:67:90:80:
a0:77:12:4c:da:c1:d6:81:90:03:65:b1:7d:7d:b7:
61:e6:76:41:26:de:89:d6:dd:d4:fc:66:71:4b:27:
89:04:d2:cd:31:08:ed:81:b9:75:3a:83:26:c4:ff:
17:3b:8a:0b:95:1e:90:5f:f9:b9:48:5b:99:4d:f6:
22:4c:0a:ff:d6:31:4b:35:c0:06:9d:9b:6a:95:9a:
79:ec:fc:28:46:75:81:2a:e4:6c:66:b7:54:0a:17:
8a:00:e7:54:24:ba:0c:fc:e2:4f:09:ee:8c:cb:f0:
60:91:08:14:51:01:3c:c7:6b:40:3c:47:e9:07:be:
ee:fb:96:25:05:61:76:d2:4a:ab:81:26:2b:87:ad:
f8:98:7d:40:6d:6a:34:c3:bc:07:44:9e:49:66:f6:
b9:19:dd:f3:44:92:f6:d9:ec:d3:89:95:fb:31:ea:
48:4b:07:f8:26:11:a8:2b:17:d2:6d:88:b1:68:68:
bd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:33:FC:B4:D2:8C:6C:D4:A8:2E:21:C2:60:F6:7F:B6:B1:85:B5:86
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/FzP8tNKMbNSoLiHCYPZ_trGFtYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.111.0/24
IPv6:
2a0e:97c0:460::/44
2a0e:b101::/32
2a0e:b107:12a0::/44
2a10:cc40:1d0::/44
2a10:cc41:110::/44
Signature Algorithm: sha256WithRSAEncryption
3d:08:b1:63:dd:31:8b:6d:47:82:eb:48:8b:08:e3:4d:c8:35:
43:a6:f2:4c:d4:1c:60:e7:13:32:60:e4:f2:3f:9a:9f:e1:0e:
59:73:93:1d:b8:f3:98:45:b4:f9:ef:25:23:f7:54:b9:d0:17:
ad:4a:8c:40:ed:04:e0:be:ef:7b:6d:b3:54:92:56:60:4b:b6:
b2:2f:2e:f1:f6:2f:ed:54:fd:36:22:8c:16:a7:35:39:68:c3:
3e:ed:ff:47:c3:2c:47:e6:f7:f5:94:d9:83:23:d3:e0:9e:d9:
d5:23:82:26:b9:4b:fe:e0:e5:31:0e:4e:3c:e3:48:42:89:23:
6d:4e:13:3a:10:dd:bc:6b:4e:5b:74:21:1f:dc:31:55:29:8c:
10:6a:9a:7c:77:48:c0:b5:9c:3f:14:d5:74:a9:94:47:c4:70:
e0:5a:fa:23:45:06:c1:f3:36:c5:65:23:12:ae:06:5d:62:5a:
0a:4f:54:91:0c:6c:83:1a:03:44:43:e3:47:5c:55:d4:4f:9a:
b5:ce:7c:1f:2d:d9:30:06:ab:ff:9b:bd:23:0d:3e:b5:a3:f4:
68:e9:4f:3b:d8:3f:bd:88:90:26:de:eb:ea:e7:82:a8:15:7e:
d7:d5:3a:8a:95:e0:b4:60:88:01:5a:fb:2d:02:42:82:43:65:
e6:fa:f8:c0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYfcjpMoiZAVkN2BSZtXFp8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAyMTMwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzMzZmNiNGQyOGM2Y2Q0YTgyZTIxYzI2MGY2N2ZiNmIxODViNTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKqkd3/iPAIw8Dmag+c0QH3nrBWs
/fVlEG2YlqtgUVfYqaNv03QLfK5/Yngghb4b3Y90mvlcY1o+YfL3KyVFUYCt0IMr
KDZnkICgdxJM2sHWgZADZbF9fbdh5nZBJt6J1t3U/GZxSyeJBNLNMQjtgbl1OoMm
xP8XO4oLlR6QX/m5SFuZTfYiTAr/1jFLNcAGnZtqlZp57PwoRnWBKuRsZrdUCheK
AOdUJLoM/OJPCe6My/BgkQgUUQE8x2tAPEfpB77u+5YlBWF20kqrgSYrh634mH1A
bWo0w7wHRJ5JZva5Gd3zRJL22ezTiZX7MepISwf4JhGoKxfSbYixaGi98QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBcz/LTSjGzUqC4hwmD2f7axhbWGMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvRnpQOHROS01iTlNvTGlIQ1lQWl90ckdGdFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQAwjJvMDEE
AgACMCsDBwQqDpfABGADBQAqDrEBAwcEKg6xBxKgAwcEKhDMQAHQAwcEKhDMQQEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA9CLFj3TGLbUeC60iLCONNyDVDpvJM1Bxg5xMy
YOTyP5qf4Q5Zc5MduPOYRbT57yUj91S50BetSoxA7QTgvu97bbNUklZgS7ayLy7x
9i/tVP02IowWpzU5aMM+7f9HwyxH5vf1lNmDI9PgntnVI4ImuUv+4OUxDk4840hC
iSNtThM6EN28a05bdCEf3DFVKYwQapp8d0jAtZw/FNV0qZRHxHDgWvojRQbB8zbF
ZSMSrgZdYloKT1SRDGyDGgNEQ+NHXFXUT5q1znwfLdkwBqv/m70jDT61o/Ro6U87
2D+9iJAm3uvq54KoFX7X1TqKleC0YIgBWvstAkKCQ2Xm+vjA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:28 2024 by rpki-client on console-fra.rpki-client.org