Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fXPQvVGVCQ76eAUZj56RhVcNPz8.roa
File: fXPQvVGVCQ76eAUZj56RhVcNPz8.roa (raw, json)
Hash identifier: fX4ku8DPpDMaeOEramsWCG1Scq93pSHL+CvBprPAy10=
Subject key identifier: 7D:73:D0:BD:51:95:09:0E:FA:78:05:19:8F:9E:91:85:57:0D:3F:3F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01856ED4D9E0BA7AA6FE6AD0D9DDE0E0C6BD
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fXPQvVGVCQ76eAUZj56RhVcNPz8.roa
Signing time: Sun 01 Jan 2023 19:35:21 +0000
ROA not before: Sun 01 Jan 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208888
IP address blocks: 141.136.63.0/24 maxlen: 24
181.41.144.0/22 maxlen: 24
181.41.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 30 Jan 2023 10:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:d9:e0:ba:7a:a6:fe:6a:d0:d9:dd:e0:e0:c6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d73d0bd5195090efa7805198f9e9185570d3f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:09:31:03:71:26:4a:cc:b1:21:6f:e9:90:42:
4a:22:01:20:4b:a0:99:3c:56:00:e2:ff:d2:2d:4f:
5a:2c:28:bd:2d:63:c8:4c:e1:19:c4:41:71:e7:fe:
8a:c3:44:a5:09:b2:f0:4f:bd:8a:ec:22:aa:22:e0:
d6:00:3a:8b:40:7c:d9:4a:a1:f4:93:4f:d0:8f:8a:
52:08:31:a5:a5:1a:45:a1:b1:26:c1:f6:9c:38:9b:
5a:d8:3c:0b:6e:fc:af:ee:36:20:a4:7d:1c:83:f8:
be:fe:05:0c:74:6d:1e:34:a1:52:dc:78:54:7c:d6:
d2:18:69:5e:a8:01:42:3b:8b:9a:38:07:15:c9:3f:
27:f8:b7:0c:96:7b:99:b8:af:3d:d6:a0:bc:19:28:
1f:08:77:96:8c:8a:4d:8c:db:12:a0:a9:80:ec:f2:
0c:ec:d3:97:f0:7a:64:b0:a8:0b:bb:d6:c0:fc:ec:
6a:8c:02:88:7f:be:c6:82:e9:5b:b9:82:db:02:e9:
c1:0f:3d:77:a1:e9:91:54:93:7d:88:16:ea:1c:9a:
1d:0c:0c:d3:7a:31:f7:47:6b:78:51:26:38:7e:24:
16:d9:24:00:c0:a4:31:95:e8:d0:c9:7d:49:73:5c:
17:f8:7c:79:98:f1:0d:b7:76:69:00:36:48:f9:01:
67:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:73:D0:BD:51:95:09:0E:FA:78:05:19:8F:9E:91:85:57:0D:3F:3F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/fXPQvVGVCQ76eAUZj56RhVcNPz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.136.63.0/24
181.41.144.0/22
181.41.156.0/22
Signature Algorithm: sha256WithRSAEncryption
01:3e:b3:04:24:d8:08:ef:08:ed:56:02:11:41:21:90:07:66:
48:41:36:87:c0:73:32:9a:ce:e2:43:1f:10:af:6d:e5:01:87:
f6:69:06:8c:9e:08:ec:90:48:3a:1c:3a:67:0c:9a:5a:62:f2:
fe:8f:e1:4c:71:d3:2d:0c:25:34:b1:f5:27:64:27:a6:9c:b1:
72:e5:c5:93:16:c0:3d:d3:3f:c4:d4:6f:3b:c1:3b:12:8a:fc:
37:fb:49:60:c2:33:4a:7c:3b:35:fa:f2:63:33:00:0e:c2:be:
8d:32:dc:2a:fa:ec:cf:df:89:28:60:fd:43:22:a4:9c:7f:99:
d7:68:23:74:38:25:83:6d:fa:b3:c7:d3:3d:9a:bc:27:f7:38:
c1:8e:9e:43:9a:2d:3a:6b:ad:e7:0e:2b:68:7f:6c:a4:95:7c:
4c:b2:dd:41:56:35:d7:67:a6:3b:f3:6d:38:7e:1b:12:64:3a:
53:68:b2:53:87:0c:c5:ec:59:07:60:28:b1:f1:0b:a1:a5:87:
39:8f:28:ad:bb:83:bb:d0:0b:3e:21:b9:d3:cd:af:81:d4:0e:
4f:7d:df:f2:41:ba:f9:b5:07:5a:80:7f:d5:9d:1d:b3:31:d0:
43:e8:9c:dd:69:9b:ef:95:bf:2d:35:ed:18:7e:f0:9f:94:a7:
93:78:b7:40
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVu1Nngunqm/mrQ2d3g4Ma9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDczZDBiZDUxOTUwOTBlZmE3ODA1MTk4ZjllOTE4NTU3MGQzZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgkxA3EmSsyxIW/pkEJKIgEgS6CZ
PFYA4v/SLU9aLCi9LWPITOEZxEFx5/6Kw0SlCbLwT72K7CKqIuDWADqLQHzZSqH0
k0/Qj4pSCDGlpRpFobEmwfacOJta2DwLbvyv7jYgpH0cg/i+/gUMdG0eNKFS3HhU
fNbSGGleqAFCO4uaOAcVyT8n+LcMlnuZuK891qC8GSgfCHeWjIpNjNsSoKmA7PIM
7NOX8HpksKgLu9bA/OxqjAKIf77GgulbuYLbAunBDz13oemRVJN9iBbqHJodDAzT
ejH3R2t4USY4fiQW2SQAwKQxlejQyX1Jc1wX+Hx5mPENt3ZpADZI+QFn5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH1z0L1RlQkO+ngFGY+ekYVXDT8/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvZlhQUXZWR1ZDUTc2ZUFVWmo1NlJoVmNOUHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjYg/AwQC
tSmQAwQCtSmcMA0GCSqGSIb3DQEBCwUAA4IBAQABPrMEJNgI7wjtVgIRQSGQB2ZI
QTaHwHMyms7iQx8Qr23lAYf2aQaMngjskEg6HDpnDJpaYvL+j+FMcdMtDCU0sfUn
ZCemnLFy5cWTFsA90z/E1G87wTsSivw3+0lgwjNKfDs1+vJjMwAOwr6NMtwq+uzP
34koYP1DIqScf5nXaCN0OCWDbfqzx9M9mrwn9zjBjp5Dmi06a63nDitof2yklXxM
st1BVjXXZ6Y78204fhsSZDpTaLJThwzF7FkHYCix8QuhpYc5jyitu4O70As+IbnT
za+B1A5Pfd/yQbr5tQdagH/VnR2zMdBD6JzdaZvvlb8tNe0YfvCflKeTeLdA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:35 2024 by rpki-client on console-ams.rpki-client.org