Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/FhQ8JVhwF9Pqvx1rOT3subpBkho.roa
File: FhQ8JVhwF9Pqvx1rOT3subpBkho.roa (raw, json)
Hash identifier: wP5w0mpoeiyZTk3dN58La3UUwqwoVy09mrAnsHfYdOw=
Subject key identifier: 16:14:3C:25:58:70:17:D3:EA:BF:1D:6B:39:3D:EC:B9:BA:41:92:1A
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 01856C01200F0CCB239080B75D4C53D812AB
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/FhQ8JVhwF9Pqvx1rOT3subpBkho.roa
Signing time: Sun 01 Jan 2023 06:24:51 +0000
ROA not before: Sun 01 Jan 2023 06:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209372
IP address blocks: 194.113.239.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Feb 2023 17:32:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:20:0f:0c:cb:23:90:80:b7:5d:4c:53:d8:12:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 1 06:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16143c25587017d3eabf1d6b393decb9ba41921a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:f1:4c:bd:19:69:bb:7d:c4:65:82:6f:ae:
77:0d:f9:35:fb:02:87:4d:d7:19:89:7d:69:e4:e8:
df:6e:45:68:07:03:43:c3:48:05:b7:f1:2c:00:1c:
64:50:4e:a9:8a:b3:1f:f5:51:7c:57:02:a8:3d:4c:
96:3e:e4:f9:98:0a:dc:51:73:9f:4a:63:69:c1:fc:
40:6d:90:12:69:b5:79:ff:34:d7:8f:86:49:d8:6e:
c6:5b:56:68:de:3d:01:ac:bb:8f:83:22:b4:3c:fa:
61:84:a3:88:bd:f8:33:c1:1f:6c:fd:a7:65:59:55:
02:61:3a:7c:d2:88:cf:91:9a:e3:f3:8d:dd:b1:de:
ed:7a:4c:56:ca:c0:9a:9c:38:c4:8c:66:21:89:1e:
2d:f3:9e:0b:0b:90:2a:52:e6:cb:b6:63:36:8b:53:
9d:4c:dc:84:a3:b6:e4:ea:c9:f2:3d:8f:ad:f3:56:
fa:23:01:de:f0:cf:fc:51:6c:59:f6:da:34:b6:e4:
de:c5:e1:e2:bd:17:d7:1c:2a:e9:f4:05:c8:71:e3:
80:1d:f0:25:a1:a2:20:2f:68:df:07:23:71:9d:c2:
13:88:1a:89:4b:b7:1d:7e:47:b7:8c:b8:7a:bd:44:
7f:f8:d1:31:67:ba:00:87:67:51:b3:3c:00:da:bc:
95:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:14:3C:25:58:70:17:D3:EA:BF:1D:6B:39:3D:EC:B9:BA:41:92:1A
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/FhQ8JVhwF9Pqvx1rOT3subpBkho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/23
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9d:60:3f:79:ae:51:6e:fa:e0:2b:1b:93:9f:f8:b2:18:36:
c6:80:a0:a6:9b:b1:87:8d:36:12:bc:d6:75:ec:e1:e0:27:2f:
e3:b8:97:34:86:78:45:5d:f0:cd:e4:9d:6e:0e:94:92:c4:62:
a3:79:47:82:2b:d6:df:3f:0f:89:39:ee:d6:7f:ef:1d:47:19:
e7:f0:fa:c2:3f:03:77:0c:64:32:ca:c6:1e:8d:22:02:bd:81:
a5:ce:df:01:d1:8c:ff:8c:49:05:31:f7:ba:e7:94:e8:66:0d:
8a:0e:45:5c:17:54:61:7f:e4:6f:ae:c5:8c:70:f1:e6:1c:cd:
3f:b8:b1:60:f7:15:a1:17:e4:e6:d4:c0:90:62:07:57:40:3f:
9c:d3:4a:14:fd:cb:e6:66:bd:60:cb:e9:b1:cd:6f:6a:f0:3c:
f5:45:f4:cc:9f:38:5b:c4:6f:26:d0:66:cf:b1:ec:dc:35:26:
2e:49:17:46:da:24:dd:6a:27:ae:95:48:30:d0:23:c1:ea:5d:
64:fc:c0:39:17:92:e0:ba:b1:f5:fe:51:cb:51:cf:c0:68:87:
a1:55:26:8c:33:7e:04:88:3b:83:b8:bf:b3:56:d8:7b:c1:c6:
09:15:9d:a2:d9:98:63:2e:59:96:ab:b8:8b:81:2c:4e:32:9e:
9f:26:a4:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsASAPDMsjkIC3XUxT2BKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjMwMTAxMDYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjE0M2MyNTU4NzAxN2QzZWFiZjFkNmIzOTNkZWNiOWJhNDE5MjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMjxTL0Zabt9xGWCb653Dfk1+wKH
TdcZiX1p5OjfbkVoBwNDw0gFt/EsABxkUE6pirMf9VF8VwKoPUyWPuT5mArcUXOf
SmNpwfxAbZASabV5/zTXj4ZJ2G7GW1Zo3j0BrLuPgyK0PPphhKOIvfgzwR9s/adl
WVUCYTp80ojPkZrj843dsd7tekxWysCanDjEjGYhiR4t854LC5AqUubLtmM2i1Od
TNyEo7bk6snyPY+t81b6IwHe8M/8UWxZ9to0tuTexeHivRfXHCrp9AXIceOAHfAl
oaIgL2jfByNxncITiBqJS7cdfke3jLh6vUR/+NExZ7oAh2dRszwA2ryVyQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBYUPCVYcBfT6r8dazk97Lm6QZIaMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvRmhROEpWaHdGOVBxdngxck9UM3N1YnBCa2hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBud3EAwQC
ue5YAwQAwnHvMA0GCSqGSIb3DQEBCwUAA4IBAQAvnWA/ea5RbvrgKxuTn/iyGDbG
gKCmm7GHjTYSvNZ17OHgJy/juJc0hnhFXfDN5J1uDpSSxGKjeUeCK9bfPw+JOe7W
f+8dRxnn8PrCPwN3DGQyysYejSICvYGlzt8B0Yz/jEkFMfe655ToZg2KDkVcF1Rh
f+RvrsWMcPHmHM0/uLFg9xWhF+Tm1MCQYgdXQD+c00oU/cvmZr1gy+mxzW9q8Dz1
RfTMnzhbxG8m0GbPsezcNSYuSRdG2iTdaieulUgw0CPB6l1k/MA5F5LgurH1/lHL
Uc/AaIehVSaMM34EiDuDuL+zVth7wcYJFZ2i2ZhjLlmWq7iLgSxOMp6fJqSG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:18 2024 by rpki-client on console-ams.rpki-client.org