Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/fmpGqPqI0ldkTKz_AlowhrOWkpk.roa
File: fmpGqPqI0ldkTKz_AlowhrOWkpk.roa (raw, json)
Hash identifier: 7APXr953rnXg0Y8MEOl4HGz0d0SUsr8rKeB74RqOR4k=
Subject key identifier: 7E:6A:46:A8:FA:88:D2:57:64:4C:AC:FF:02:5A:30:86:B3:96:92:99
Certificate issuer: /CN=0d4ee193b301665b56f6780f225fd44d144093af
Certificate serial: 018C674CF651522D19790F57D2CA99D25E96
Authority key identifier: 0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/fmpGqPqI0ldkTKz_AlowhrOWkpk.roa
Signing time: Thu 14 Dec 2023 07:49:06 +0000
ROA not before: Thu 14 Dec 2023 07:49:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 194.210.0.0/16 maxlen: 24
194.117.16.0/21 maxlen: 21
193.236.160.0/20 maxlen: 20
193.236.178.0/23 maxlen: 23
193.236.180.0/22 maxlen: 22
193.236.184.0/21 maxlen: 21
194.117.40.0/21 maxlen: 21
193.236.192.0/18 maxlen: 18
194.117.48.0/23 maxlen: 23
192.122.240.0/23 maxlen: 23
192.122.238.0/23 maxlen: 23
193.136.0.0/15 maxlen: 24
193.236.0.0/20 maxlen: 20
192.122.242.0/24 maxlen: 24
193.236.112.0/21 maxlen: 21
193.236.124.0/22 maxlen: 22
194.117.0.0/20 maxlen: 20
193.236.153.0/24 maxlen: 24
193.236.157.0/24 maxlen: 24
193.236.158.0/23 maxlen: 23
193.236.154.0/23 maxlen: 23
139.83.0.0/16 maxlen: 16
185.175.184.0/22 maxlen: 22
193.236.97.0/24 maxlen: 24
193.236.98.0/23 maxlen: 23
193.236.104.0/21 maxlen: 21
193.236.102.0/23 maxlen: 23
2001:690::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:4c:f6:51:52:2d:19:79:0f:57:d2:ca:99:d2:5e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d4ee193b301665b56f6780f225fd44d144093af
Validity
Not Before: Dec 14 07:49:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e6a46a8fa88d257644cacff025a3086b3969299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:45:0d:90:86:75:43:bb:53:53:2f:7b:dc:1f:
ba:28:84:80:7c:11:ac:bc:58:b4:18:d5:ac:12:98:
10:7b:9f:50:43:8a:4b:a1:26:30:ed:f6:55:10:1b:
41:3c:35:45:d4:47:d6:db:fc:4f:44:9c:89:79:4a:
95:9b:bc:25:4c:a1:f5:92:08:c3:4e:d5:1b:99:48:
d0:b9:e5:b2:54:ce:78:fd:4c:5e:6f:c7:52:82:8d:
9c:43:b5:22:2e:45:21:c5:8c:ca:79:69:c9:ef:3b:
61:74:ee:38:33:31:c8:1a:58:8d:fa:f8:fe:82:0c:
4f:48:71:37:d3:6e:5d:6c:4a:72:fe:9a:f5:e2:cf:
f0:25:da:bb:c3:da:09:d3:3f:63:5d:c3:2d:2a:82:
a6:cf:97:83:41:92:fe:38:04:61:c2:08:32:63:9a:
4c:98:c6:58:4c:0f:6f:1b:48:33:cd:4e:0c:01:76:
c2:e9:45:2e:5f:a9:b4:9e:50:19:67:c2:a2:72:b7:
78:17:50:2d:f3:ec:62:5f:0e:ac:44:c7:a2:86:38:
88:c9:35:70:af:f2:fe:7e:18:23:1b:48:5e:ef:07:
49:98:c5:b0:87:72:c5:ea:8c:3d:0a:ec:e5:79:18:
4f:33:98:79:78:96:01:6a:2f:70:f5:69:86:03:87:
4c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6A:46:A8:FA:88:D2:57:64:4C:AC:FF:02:5A:30:86:B3:96:92:99
X509v3 Authority Key Identifier:
keyid:0D:4E:E1:93:B3:01:66:5B:56:F6:78:0F:22:5F:D4:4D:14:40:93:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DU7hk7MBZltW9ngPIl_UTRRAk68.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/fmpGqPqI0ldkTKz_AlowhrOWkpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/097111-3098-4cf7-ac0f-9f7e0f862f1e/1/DU7hk7MBZltW9ngPIl_UTRRAk68.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.83.0.0/16
185.175.184.0/22
192.122.238.0-192.122.242.255
193.136.0.0/15
193.236.0.0/20
193.236.97.0-193.236.99.255
193.236.102.0-193.236.119.255
193.236.124.0/22
193.236.153.0-193.236.155.255
193.236.157.0-193.236.175.255
193.236.178.0-193.236.255.255
194.117.0.0-194.117.23.255
194.117.40.0-194.117.49.255
194.210.0.0/16
IPv6:
2001:690::/32
Signature Algorithm: sha256WithRSAEncryption
90:45:eb:05:4e:64:65:3f:eb:c2:53:bb:2a:c3:f5:b7:bb:26:
a2:87:d5:be:cb:ca:41:04:b4:ec:27:1d:3e:bf:ad:f7:f3:01:
72:40:f7:66:9f:3e:a3:97:99:89:e7:55:17:dd:0f:50:55:8b:
04:12:b2:28:bc:60:73:74:bc:0b:71:6a:46:a5:06:0c:86:09:
14:7f:a4:ac:d1:37:d5:d4:99:0f:f4:8f:43:99:b8:34:c4:9f:
b3:b8:ee:ee:6f:d1:f0:24:e6:77:0c:9c:11:13:84:a6:66:af:
35:7b:07:01:54:15:2c:b1:f0:48:72:6b:f6:0e:b9:33:1e:95:
36:b7:81:b3:04:a3:8a:56:19:aa:78:27:ed:7a:4d:b5:f1:44:
66:f6:10:9c:d8:ee:93:64:64:cb:a1:e0:30:80:21:ce:b7:9a:
ee:20:a7:87:bb:35:2a:11:05:aa:c6:ed:0f:f1:cc:e0:62:1d:
31:73:e4:eb:2d:f2:c4:b6:4c:db:98:5c:22:fc:11:8f:da:12:
02:24:49:db:36:b5:f9:c3:fe:59:be:8e:3e:6b:fe:ab:14:42:
2c:61:46:80:8f:e4:99:7e:d4:b7:6a:11:6a:38:bd:40:69:d1:
f2:5a:9d:46:44:7c:23:39:cd:55:5f:0d:f4:eb:ce:6a:67:5d:
73:5f:b4:a9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAYxnTPZRUi0ZeQ9X0sqZ0l6WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNGVlMTkzYjMwMTY2NWI1NmY2NzgwZjIyNWZkNDRkMTQ0
MDkzYWYwHhcNMjMxMjE0MDc0OTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTZhNDZhOGZhODhkMjU3NjQ0Y2FjZmYwMjVhMzA4NmIzOTY5Mjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0UNkIZ1Q7tTUy973B+6KISAfBGs
vFi0GNWsEpgQe59QQ4pLoSYw7fZVEBtBPDVF1EfW2/xPRJyJeUqVm7wlTKH1kgjD
TtUbmUjQueWyVM54/Uxeb8dSgo2cQ7UiLkUhxYzKeWnJ7zthdO44MzHIGliN+vj+
ggxPSHE3025dbEpy/pr14s/wJdq7w9oJ0z9jXcMtKoKmz5eDQZL+OARhwggyY5pM
mMZYTA9vG0gzzU4MAXbC6UUuX6m0nlAZZ8Kicrd4F1At8+xiXw6sRMeihjiIyTVw
r/L+fhgjG0he7wdJmMWwh3LF6ow9CuzleRhPM5h5eJYBai9w9WmGA4dMwwIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFH5qRqj6iNJXZEys/wJaMIazlpKZMB8GA1UdIwQY
MBaAFA1O4ZOzAWZbVvZ4DyJf1E0UQJOvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYt
OWY3ZTBmODYyZjFlLzEvZm1wR3FQcUkwbGRrVEt6X0Fsb3dock9Xa3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8wOTcxMTEtMzA5OC00Y2Y3LWFjMGYtOWY3ZTBmODYyZjFl
LzEvRFU3aGs3TUJabHRXOW5nUElsX1VUUlJBazY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBlgQCAAEwgY8DAwCL
UwMEArmvuDAMAwQBwHruAwQAwHryAwMBwYgDBATB7AAwDAMEAMHsYQMEAsHsYDAM
AwQBwexmAwQDwexwAwQCwex8MAwDBADB7JkDBALB7JgwDAMEAMHsnQMEBMHsoDAL
AwQBweyyAwMAwewwCwMDAMJ1AwQDwnUQMAwDBAPCdSgDBAHCdTADAwDC0jANBAIA
AjAHAwUAIAEGkDANBgkqhkiG9w0BAQsFAAOCAQEAkEXrBU5kZT/rwlO7KsP1t7sm
oofVvsvKQQS07CcdPr+t9/MBckD3Zp8+o5eZiedVF90PUFWLBBKyKLxgc3S8C3Fq
RqUGDIYJFH+krNE31dSZD/SPQ5m4NMSfs7ju7m/R8CTmdwycEROEpmavNXsHAVQV
LLHwSHJr9g65Mx6VNreBswSjilYZqngn7XpNtfFEZvYQnNjuk2Rky6HgMIAhzrea
7iCnh7s1KhEFqsbtD/HM4GIdMXPk6y3yxLZM25hcIvwRj9oSAiRJ2za1+cP+Wb6O
Pmv+qxRCLGFGgI/kmX7Ut2oRaji9QGnR8lqdRkR8IznNVV8N9OvOamddc1+0qQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:58 2024 by rpki-client on console-ams.rpki-client.org