Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/FiWUBufnwfk1m669i1Nmub1qaNA.roa
File: FiWUBufnwfk1m669i1Nmub1qaNA.roa (raw, json)
Hash identifier: u5UBcP98DeeLitAUK/3XGxEm7UtHPEacNUvZyzC7WaY=
Subject key identifier: 16:25:94:06:E7:E7:C1:F9:35:9B:AE:BD:8B:53:66:B9:BD:6A:68:D0
Certificate issuer: /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial: 01856D787745D9696135513E311C2406DEAF
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/FiWUBufnwfk1m669i1Nmub1qaNA.roa
Signing time: Sun 01 Jan 2023 13:14:49 +0000
ROA not before: Sun 01 Jan 2023 13:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14413
IP address blocks: 144.2.192.0/19 maxlen: 24
144.2.0.0/19 maxlen: 24
185.63.144.0/22 maxlen: 24
144.2.176.0/20 maxlen: 24
2a04:f540::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:30:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:77:45:d9:69:61:35:51:3e:31:1c:24:06:de:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Validity
Not Before: Jan 1 13:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16259406e7e7c1f9359baebd8b5366b9bd6a68d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:03:8d:d0:c3:75:8e:b1:db:b2:db:22:76:1c:
1e:e3:77:03:3c:9f:a2:45:02:ec:63:ac:a0:bc:05:
bd:bf:bf:40:22:91:e5:16:43:f7:20:e7:3a:9b:e3:
1e:d9:9f:4c:58:04:27:ff:28:cc:e3:06:9a:45:7f:
82:18:3e:28:b3:38:a4:95:a5:18:33:17:68:7f:41:
61:b2:d4:54:70:d9:5b:3e:63:c7:30:50:1f:b9:64:
6f:17:0c:b3:d3:72:0d:50:3d:83:8b:cf:68:1f:73:
a2:b6:bb:d7:5f:ba:ad:3c:35:d2:5d:17:78:5d:54:
eb:62:46:49:ce:80:4f:41:de:33:65:98:55:4b:32:
49:d2:d7:56:c7:8a:4b:98:32:72:69:a2:4d:22:7e:
5a:b0:0e:32:bc:e8:e4:77:b7:f5:d2:cd:5e:5a:7a:
96:b6:90:bd:82:af:cd:1d:f1:16:54:ab:3a:f2:c1:
46:d1:f5:9f:69:a9:ab:1e:3f:e8:73:d2:da:71:df:
67:7f:23:76:32:98:83:37:e4:b6:fa:65:0d:62:b4:
ce:95:bd:c0:9d:24:fa:c8:ef:e9:4b:92:f2:b9:dd:
cc:6e:ac:6a:e0:11:7c:00:3b:72:22:bd:53:63:7c:
27:e3:8b:d0:7f:17:87:ba:0b:0b:c1:ce:a0:fb:35:
cf:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:25:94:06:E7:E7:C1:F9:35:9B:AE:BD:8B:53:66:B9:BD:6A:68:D0
X509v3 Authority Key Identifier:
keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/FiWUBufnwfk1m669i1Nmub1qaNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.0.0/19
144.2.176.0-144.2.223.255
185.63.144.0/22
IPv6:
2a04:f540::/29
Signature Algorithm: sha256WithRSAEncryption
0f:d9:fa:7f:31:05:65:8d:20:0e:a2:98:99:ce:cc:1c:0d:45:
1c:82:b1:2b:6d:f4:18:38:40:d6:33:11:53:8e:bb:e6:06:8a:
f4:9f:d1:57:f8:10:08:d6:f1:38:9d:9c:15:7f:85:39:c9:68:
e8:c6:65:59:cc:69:b6:84:7c:fa:66:7b:a7:99:e2:47:ef:d4:
12:84:f6:c9:09:5a:dc:54:aa:88:2c:b5:84:d1:e0:08:81:72:
8f:c9:0d:92:91:d5:a6:e5:74:9e:be:93:ce:91:2e:00:7d:e6:
00:dc:cf:e0:df:a8:f4:00:12:0a:bf:39:82:70:17:fc:d7:ff:
4e:ce:34:fc:9a:a3:53:7c:a9:35:c3:09:18:4b:a4:00:45:b8:
8f:a0:10:4b:83:3e:0b:5b:d5:b1:91:3a:33:22:7e:9d:ba:c6:
68:66:c9:c5:50:f5:d7:ea:c8:b1:a3:4c:c0:47:a0:a7:13:da:
8d:58:ae:76:9b:63:b4:bd:49:4f:66:e0:8f:9e:b7:58:4f:4f:
68:e8:56:5b:24:81:4f:d1:da:d7:e5:e3:71:a5:87:68:8c:71:
80:a0:1e:42:41:fb:77:c3:ab:55:5c:16:36:61:d3:b6:a2:83:
c7:d8:a9:97:69:db:fa:c8:38:ce:f6:3d:90:06:02:a1:39:61:
9d:56:37:bc
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVteHdF2WlhNVE+MRwkBt6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxZTg2ZmY5OTczYzkzYWJlNjM5OGYwMzE5NjZjMjlkNzVh
M2JhODYwHhcNMjMwMTAxMTMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjI1OTQwNmU3ZTdjMWY5MzU5YmFlYmQ4YjUzNjZiOWJkNmE2OGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgON0MN1jrHbstsidhwe43cDPJ+i
RQLsY6ygvAW9v79AIpHlFkP3IOc6m+Me2Z9MWAQn/yjM4waaRX+CGD4osziklaUY
Mxdof0FhstRUcNlbPmPHMFAfuWRvFwyz03INUD2Di89oH3OitrvXX7qtPDXSXRd4
XVTrYkZJzoBPQd4zZZhVSzJJ0tdWx4pLmDJyaaJNIn5asA4yvOjkd7f10s1eWnqW
tpC9gq/NHfEWVKs68sFG0fWfaamrHj/oc9Lacd9nfyN2MpiDN+S2+mUNYrTOlb3A
nST6yO/pS5Lyud3Mbqxq4BF8ADtyIr1TY3wn44vQfxeHugsLwc6g+zXPKwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBYllAbn58H5NZuuvYtTZrm9amjQMB8GA1UdIwQY
MBaAFCHob/mXPJOr5jmPAxlmwp11o7qGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWIt
MzJmZWViNTY2ZWU2LzEvRmlXVUJ1Zm53ZmsxbTY2OWkxTm11YjFxYU5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi8yZjZkZDAtYjc2Zi00N2Q1LWE0YWItMzJmZWViNTY2ZWU2
LzEvSWVodi1aYzhrNnZtT1k4REdXYkNuWFdqdW9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQFkAIAMAwD
BASQArADBAWQAsADBAK5P5AwDQQCAAIwBwMFAyoE9UAwDQYJKoZIhvcNAQELBQAD
ggEBAA/Z+n8xBWWNIA6imJnOzBwNRRyCsStt9Bg4QNYzEVOOu+YGivSf0Vf4EAjW
8TidnBV/hTnJaOjGZVnMabaEfPpme6eZ4kfv1BKE9skJWtxUqogstYTR4AiBco/J
DZKR1abldJ6+k86RLgB95gDcz+DfqPQAEgq/OYJwF/zX/07ONPyao1N8qTXDCRhL
pABFuI+gEEuDPgtb1bGROjMifp26xmhmycVQ9dfqyLGjTMBHoKcT2o1YrnabY7S9
SU9m4I+et1hPT2joVlskgU/R2tfl43Glh2iMcYCgHkJB+3fDq1VcFjZh07aig8fY
qZdp2/rIOM72PZAGAqE5YZ1WN7w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:47 2024 by rpki-client on console-fra.rpki-client.org