Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FvmdQTmOJOzaXOUMjBPr_ygQCno.roa
File: FvmdQTmOJOzaXOUMjBPr_ygQCno.roa (raw, json)
Hash identifier: iH3QqqIQnQbEoa8Ylyq/BlAsFdAfGu7HRhAS9qcbg2I=
Subject key identifier: 16:F9:9D:41:39:8E:24:EC:DA:5C:E5:0C:8C:13:EB:FF:28:10:0A:7A
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01856CAF26A247F23746BAB1C267EA1207F9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FvmdQTmOJOzaXOUMjBPr_ygQCno.roa
Signing time: Sun 01 Jan 2023 09:34:55 +0000
ROA not before: Sun 01 Jan 2023 09:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 45.88.15.0/24 maxlen: 24
45.88.12.0/24 maxlen: 24
45.88.13.0/24 maxlen: 24
93.90.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jan 2023 10:56:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:26:a2:47:f2:37:46:ba:b1:c2:67:ea:12:07:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 1 09:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16f99d41398e24ecda5ce50c8c13ebff28100a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:db:3a:41:c9:27:00:a7:a1:50:38:79:29:8e:
ce:ce:51:33:ac:1d:d4:95:1d:4c:cc:78:6e:2a:8f:
97:06:68:9d:d9:a2:89:b4:0e:8d:7d:ac:93:f8:ea:
c2:46:c6:db:5b:91:5a:16:42:80:69:bb:b4:11:ca:
18:23:ed:b6:17:03:fa:ab:04:1b:4a:ed:20:ee:c4:
84:48:2e:4e:87:31:b1:89:02:23:5c:af:66:36:ea:
1b:75:f1:ce:df:28:f4:a9:4d:c7:b7:68:c3:f0:85:
02:6d:2f:4b:5e:a8:dd:38:9c:47:73:6a:7a:66:ac:
e3:be:04:3b:86:55:b0:c3:6c:29:cd:d9:7c:96:39:
d3:49:d1:99:7f:8d:66:39:0e:15:bf:5a:6a:59:cb:
d0:33:84:c7:bf:0f:a7:3a:06:38:15:43:d5:7a:34:
e9:11:30:86:77:1d:f8:28:73:2c:98:63:f6:57:a5:
52:b9:dd:9a:d6:a0:c3:55:00:95:eb:ec:ec:ca:f7:
eb:d8:fe:37:37:8a:90:a3:fc:a2:b6:18:60:2b:40:
92:63:fa:c9:a5:30:f6:0e:11:96:ef:09:ae:35:94:
b3:2c:2a:86:ba:f6:fe:46:c5:cd:12:04:bc:a7:20:
b7:75:3a:6a:63:23:dd:ec:bb:ec:b9:ff:13:76:66:
83:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F9:9D:41:39:8E:24:EC:DA:5C:E5:0C:8C:13:EB:FF:28:10:0A:7A
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/FvmdQTmOJOzaXOUMjBPr_ygQCno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.12.0/23
45.88.15.0/24
93.90.74.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:2b:aa:44:f0:0f:37:e2:2b:20:fb:a4:29:70:d0:c5:4f:e7:
79:c4:4d:c7:f7:d8:b4:c3:63:11:0c:a3:79:61:e5:04:72:36:
6c:5f:68:51:d8:d2:09:b8:1c:97:0d:d1:90:8a:53:1b:eb:45:
9c:fe:23:e7:f1:55:be:dc:9f:ed:74:91:d4:52:95:72:7a:e2:
c5:00:9f:e7:60:ea:75:b7:a8:43:0a:2d:9f:f9:4c:52:d4:48:
0e:b9:fb:27:fb:fc:1b:b2:6b:f5:0f:55:da:24:43:b1:75:5e:
91:6e:55:78:f2:25:6e:47:cf:86:cc:6d:d4:14:b6:4f:69:d8:
08:1d:ee:6b:bb:d0:9a:86:4f:3c:61:ff:f1:d9:e1:fe:d7:d2:
e6:83:15:1c:01:c6:3f:90:20:4f:e3:42:01:62:d6:f7:ad:df:
f3:5a:f4:2c:04:fe:c7:5a:b1:d2:b7:dc:a0:b4:56:b3:20:25:
ca:11:48:e0:51:82:d6:86:c7:17:56:23:fe:0a:34:80:40:bf:
2a:e5:c0:07:0d:3c:15:24:ee:fa:b8:d1:aa:8b:62:5c:8e:ef:
2b:c8:8e:7a:97:2f:7a:98:c3:43:9a:f3:a4:c7:40:db:bf:d1:
76:89:70:48:a9:aa:38:ca:61:d5:41:14:64:1a:96:4f:56:78:
91:23:5a:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsryaiR/I3RrqxwmfqEgf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwMTAxMDkzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmY5OWQ0MTM5OGUyNGVjZGE1Y2U1MGM4YzEzZWJmZjI4MTAwYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNs6QcknAKehUDh5KY7OzlEzrB3U
lR1MzHhuKo+XBmid2aKJtA6NfayT+OrCRsbbW5FaFkKAabu0EcoYI+22FwP6qwQb
Su0g7sSESC5OhzGxiQIjXK9mNuobdfHO3yj0qU3Ht2jD8IUCbS9LXqjdOJxHc2p6
ZqzjvgQ7hlWww2wpzdl8ljnTSdGZf41mOQ4Vv1pqWcvQM4THvw+nOgY4FUPVejTp
ETCGdx34KHMsmGP2V6VSud2a1qDDVQCV6+zsyvfr2P43N4qQo/yithhgK0CSY/rJ
pTD2DhGW7wmuNZSzLCqGuvb+RsXNEgS8pyC3dTpqYyPd7Lvsuf8TdmaDjQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBb5nUE5jiTs2lzlDIwT6/8oEAp6MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRnZtZFFUbU9KT3phWE9VTWpCUHJfeWdRQ25vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLVgMAwQA
LVgPAwQAXVpKMA0GCSqGSIb3DQEBCwUAA4IBAQBuK6pE8A834isg+6QpcNDFT+d5
xE3H99i0w2MRDKN5YeUEcjZsX2hR2NIJuByXDdGQilMb60Wc/iPn8VW+3J/tdJHU
UpVyeuLFAJ/nYOp1t6hDCi2f+UxS1EgOufsn+/wbsmv1D1XaJEOxdV6RblV48iVu
R8+GzG3UFLZPadgIHe5ru9Cahk88Yf/x2eH+19LmgxUcAcY/kCBP40IBYtb3rd/z
WvQsBP7HWrHSt9ygtFazICXKEUjgUYLWhscXViP+CjSAQL8q5cAHDTwVJO76uNGq
i2Jcju8ryI56ly96mMNDmvOkx0Dbv9F2iXBIqao4ymHVQRRkGpZPVniRI1qJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:12 2024 by rpki-client on console-ams.rpki-client.org