Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6ac4da-f56a-4c1b-b5bd-faac90802908/1/t3ZVl-FJens0-Ogngccg1Ny3MRM.roa
File: t3ZVl-FJens0-Ogngccg1Ny3MRM.roa (raw, json)
Hash identifier: mFUWugyOs9HAB5ezVuaQup8SHXxNMagVyK+CklCZLro=
Subject key identifier: B7:76:55:97:E1:49:7A:7B:34:F8:E8:27:81:C7:20:D4:DC:B7:31:13
Certificate issuer: /CN=fb486a0ba9b9b09f4de47962e2c2ae41fc557686
Certificate serial: 0188B8CB2E1D6342F4A8323E7A47550CCBE4
Authority key identifier: FB:48:6A:0B:A9:B9:B0:9F:4D:E4:79:62:E2:C2:AE:41:FC:55:76:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-0hqC6m5sJ9N5Hli4sKuQfxVdoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6ac4da-f56a-4c1b-b5bd-faac90802908/1/t3ZVl-FJens0-Ogngccg1Ny3MRM.roa
Signing time: Wed 14 Jun 2023 07:25:03 +0000
ROA not before: Wed 14 Jun 2023 07:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12727
IP address blocks: 185.39.140.0/22 maxlen: 24
213.166.192.0/19 maxlen: 21
130.185.184.0/21 maxlen: 24
188.64.240.0/21 maxlen: 21
31.24.240.0/21 maxlen: 21
2a03:d604::/31 maxlen: 31
2a03:d600::/31 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b8:cb:2e:1d:63:42:f4:a8:32:3e:7a:47:55:0c:cb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb486a0ba9b9b09f4de47962e2c2ae41fc557686
Validity
Not Before: Jun 14 07:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b7765597e1497a7b34f8e82781c720d4dcb73113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:77:38:e3:64:1b:8a:a3:38:9a:20:cf:6d:b3:
1d:12:41:f6:c4:ea:84:64:17:a5:56:13:e6:7f:db:
56:52:5f:55:1a:ba:85:01:44:98:f7:93:e2:24:a0:
96:c2:63:e2:24:8c:fa:c5:96:f2:23:57:a0:f1:d4:
2a:c5:34:db:27:bb:12:ef:fb:0d:d2:75:a5:e4:23:
86:2d:18:2f:5b:8a:dd:c7:ca:9a:fe:18:4c:2e:71:
1f:6e:06:76:09:e2:4f:0b:e4:a3:5f:85:cd:bb:8d:
24:3b:8a:22:26:2d:c0:0b:db:df:4c:5f:b5:db:08:
9d:18:d6:78:d3:ac:fa:53:60:39:8b:62:d6:48:6a:
ea:6a:2e:81:d9:4c:7b:4e:c2:a3:60:2a:46:61:21:
39:fe:26:55:35:3d:b3:f2:70:0f:72:5a:af:cc:13:
bc:41:80:20:e8:f6:14:81:ee:08:d9:b2:12:4f:d5:
d9:f3:37:39:39:62:31:5b:fa:71:73:ef:5f:d1:0e:
f8:2b:64:b2:ff:07:52:fd:7f:fd:78:2b:94:47:7a:
60:df:18:f9:a0:74:c0:fa:0a:88:0c:9a:f7:40:fd:
7c:6d:76:9c:1c:93:de:5f:01:bd:69:06:5f:be:bf:
73:d8:4e:e2:df:1b:0e:5b:17:6d:e0:cc:c5:a7:fb:
47:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:76:55:97:E1:49:7A:7B:34:F8:E8:27:81:C7:20:D4:DC:B7:31:13
X509v3 Authority Key Identifier:
keyid:FB:48:6A:0B:A9:B9:B0:9F:4D:E4:79:62:E2:C2:AE:41:FC:55:76:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-0hqC6m5sJ9N5Hli4sKuQfxVdoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6ac4da-f56a-4c1b-b5bd-faac90802908/1/t3ZVl-FJens0-Ogngccg1Ny3MRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6ac4da-f56a-4c1b-b5bd-faac90802908/1/1-0hqC6m5sJ9N5Hli4sKuQfxVdoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.240.0/21
130.185.184.0/21
185.39.140.0/22
188.64.240.0/21
213.166.192.0/19
IPv6:
2a03:d600::/31
2a03:d604::/31
Signature Algorithm: sha256WithRSAEncryption
59:0a:2d:16:86:ce:8a:bf:1f:69:c6:1c:dc:2a:2d:68:5e:5c:
27:fe:e9:61:b0:18:73:4b:12:0b:7f:60:09:72:ab:5b:dd:08:
30:66:7b:c4:19:db:eb:a6:89:eb:8f:04:38:86:9e:ce:ca:6b:
c1:5f:b2:ca:10:e6:7a:de:b4:23:f9:69:d9:7c:bf:4f:0d:31:
ec:84:2d:b9:4f:46:d4:cd:e6:0b:18:bf:5c:42:01:20:a4:63:
94:58:39:44:90:9b:23:1d:76:f2:6a:47:68:7e:55:23:a2:77:
bf:d0:f0:c3:9b:32:4f:82:be:2f:9d:80:b7:1f:31:fe:2a:af:
41:ac:26:28:3d:4f:87:25:c5:07:ce:d6:5d:c0:1a:09:58:52:
e9:e0:02:c8:ea:bc:0a:a5:96:05:c4:d3:58:af:a1:b1:ca:eb:
01:b9:55:e1:8b:d1:fd:ea:0b:d6:ed:da:be:d1:93:11:c7:31:
16:36:e2:ce:4c:be:6c:1f:61:0b:e9:33:bf:5f:e1:ca:f4:aa:
c9:e6:a9:0c:de:2e:f6:e1:ff:32:02:98:f7:17:6e:e2:2a:76:
ba:93:7d:e9:86:2f:83:6b:80:13:18:f5:08:cb:ad:2c:c7:c6:
40:dd:39:c3:5e:67:5f:d8:2b:d4:f3:5c:9a:06:08:2f:60:d0:
58:3b:c9:c0
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYi4yy4dY0L0qDI+ekdVDMvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNDg2YTBiYTliOWIwOWY0ZGU0Nzk2MmUyYzJhZTQxZmM1
NTc2ODYwHhcNMjMwNjE0MDcyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzc2NTU5N2UxNDk3YTdiMzRmOGU4Mjc4MWM3MjBkNGRjYjczMTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnc442QbiqM4miDPbbMdEkH2xOqE
ZBelVhPmf9tWUl9VGrqFAUSY95PiJKCWwmPiJIz6xZbyI1eg8dQqxTTbJ7sS7/sN
0nWl5COGLRgvW4rdx8qa/hhMLnEfbgZ2CeJPC+SjX4XNu40kO4oiJi3AC9vfTF+1
2widGNZ406z6U2A5i2LWSGrqai6B2Ux7TsKjYCpGYSE5/iZVNT2z8nAPclqvzBO8
QYAg6PYUge4I2bIST9XZ8zc5OWIxW/pxc+9f0Q74K2Sy/wdS/X/9eCuUR3pg3xj5
oHTA+gqIDJr3QP18bXacHJPeXwG9aQZfvr9z2E7i3xsOWxdt4MzFp/tHtwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLd2VZfhSXp7NPjoJ4HHINTctzETMB8GA1UdIwQY
MBaAFPtIagupubCfTeR5YuLCrkH8VXaGMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0waHFDNm01c0o5TjVIbGk0c0t1UWZ4VmRvWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcvNmFjNGRhLWY1NmEtNGMxYi1iNWJk
LWZhYWM5MDgwMjkwOC8xL3QzWlZsLUZKZW5zMC1PZ25nY2NnMU55M01STS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvNmFjNGRhLWY1NmEtNGMxYi1iNWJkLWZhYWM5MDgwMjkw
OC8xLzEtMGhxQzZtNXNKOU41SGxpNHNLdVFmeFZkb1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTQYIKwYBBQUHAQcBAf8EPjA8MCQEAgABMB4DBAMfGPAD
BAOCubgDBAK5J4wDBAO8QPADBAXVpsAwFAQCAAIwDgMFASoD1gADBQEqA9YEMA0G
CSqGSIb3DQEBCwUAA4IBAQBZCi0Whs6Kvx9pxhzcKi1oXlwn/ulhsBhzSxILf2AJ
cqtb3QgwZnvEGdvrponrjwQ4hp7OymvBX7LKEOZ63rQj+WnZfL9PDTHshC25T0bU
zeYLGL9cQgEgpGOUWDlEkJsjHXbyakdoflUjone/0PDDmzJPgr4vnYC3HzH+Kq9B
rCYoPU+HJcUHztZdwBoJWFLp4ALI6rwKpZYFxNNYr6GxyusBuVXhi9H96gvW7dq+
0ZMRxzEWNuLOTL5sH2EL6TO/X+HK9KrJ5qkM3i724f8yApj3F27iKna6k33phi+D
a4ATGPUIy60sx8ZA3TnDXmdf2CvU81yaBggvYNBYO8nA
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:18 2024 by rpki-client on console-fra.rpki-client.org