Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fVNruyTsjN8XUapt4CA6vvn6HHU.roa
File: fVNruyTsjN8XUapt4CA6vvn6HHU.roa (raw, json)
Hash identifier: 88RkaqCMc/4mXggR7iiljVtmzbVHz37wMlCShn5nN5c=
Subject key identifier: 7D:53:6B:BB:24:EC:8C:DF:17:51:AA:6D:E0:20:3A:BE:F9:FA:1C:75
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0185714C431B29F1A6E9518129D71BAD0F0F
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fVNruyTsjN8XUapt4CA6vvn6HHU.roa
Signing time: Mon 02 Jan 2023 07:05:01 +0000
ROA not before: Mon 02 Jan 2023 07:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47147
IP address blocks: 213.227.190.0/24 maxlen: 32
144.208.208.0/22 maxlen: 32
2a00:11c0:48::/48 maxlen: 128
2a00:11c0:47::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:43:1b:29:f1:a6:e9:51:81:29:d7:1b:ad:0f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Jan 2 07:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d536bbb24ec8cdf1751aa6de0203abef9fa1c75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a4:a8:bf:d8:52:f9:ea:dc:c4:ac:0c:e7:ae:
ce:8e:43:7d:cb:e9:3e:fa:4a:e1:1e:3b:ba:86:c7:
cb:db:b5:bc:a2:57:0f:71:28:2b:42:92:37:20:a4:
71:23:fe:9f:eb:4a:e6:cf:4a:99:d6:44:b5:66:2f:
8c:e0:89:64:6b:db:d4:7c:9f:49:02:16:79:13:13:
0b:2b:85:61:43:41:ca:f9:1c:64:cc:8b:10:13:23:
08:9b:c2:54:33:15:cb:69:2e:06:8f:b2:5b:9e:3f:
ff:53:cf:62:0c:22:cd:92:a1:8f:20:3c:cc:93:22:
d0:79:04:2d:91:09:1b:ab:82:fe:10:ab:22:49:47:
de:a2:28:6f:2e:78:85:b3:46:92:79:ac:db:38:25:
d2:21:b6:d0:6c:e8:1d:39:c8:37:ee:4e:29:28:9f:
2b:45:63:0a:09:c2:10:a5:7c:53:5a:a6:c9:d0:23:
e0:6b:dc:0b:69:35:78:26:5a:67:1a:7c:7f:33:55:
df:33:58:ec:2d:39:f6:40:5e:89:8f:4e:cf:ac:c3:
5a:d2:82:86:38:ed:1a:15:06:78:55:db:ba:c5:79:
72:46:4f:ae:ae:b8:0d:68:40:35:fb:1b:7a:60:10:
22:63:28:21:5b:b1:55:7b:6a:d8:14:1f:0b:eb:b0:
c2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:53:6B:BB:24:EC:8C:DF:17:51:AA:6D:E0:20:3A:BE:F9:FA:1C:75
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/fVNruyTsjN8XUapt4CA6vvn6HHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.208.208.0/22
213.227.190.0/24
IPv6:
2a00:11c0:47::-2a00:11c0:48:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:0c:78:71:13:0b:49:a7:6c:ca:39:21:09:ad:67:c2:13:48:
ea:65:de:45:6d:46:0e:59:6c:bf:cd:f9:02:2c:2c:06:13:3d:
24:82:dd:79:03:d0:06:2e:6c:9f:4c:50:c5:2e:9f:ba:82:12:
50:7c:1b:00:ba:06:37:39:30:9d:87:21:1a:ff:b3:ba:e3:23:
1d:2e:75:66:e4:a5:ee:1a:38:7a:c5:53:7d:38:c1:90:61:7d:
1a:8a:07:88:93:eb:80:b0:34:8b:08:7e:49:61:57:dc:61:b3:
46:b4:43:f7:f5:6a:ed:a0:66:7c:29:4d:76:c5:ba:d8:35:31:
9b:d1:c0:6b:28:72:52:bc:97:b2:22:05:a9:1f:84:3a:ff:1b:
6d:3c:24:56:c9:8c:99:24:5f:8e:0f:24:3a:88:fe:94:c0:72:
b5:46:00:50:8a:c0:fa:d0:7b:26:08:5c:b6:ad:1e:cc:76:00:
59:72:2f:98:de:4c:9b:0d:d5:f7:50:a8:18:6d:89:47:74:33:
ab:3c:30:f8:1d:2b:21:4b:ea:56:48:52:89:08:61:06:59:5c:
74:9f:e8:20:43:69:66:10:78:eb:a3:7a:63:f4:bf:67:3c:33:
28:8b:ce:29:4e:74:78:98:a9:c7:b3:b0:ab:82:b2:4e:a2:16:
00:e2:83:1b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVxTEMbKfGm6VGBKdcbrQ8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjMwMTAyMDcwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDUzNmJiYjI0ZWM4Y2RmMTc1MWFhNmRlMDIwM2FiZWY5ZmExYzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaSov9hS+ercxKwM567OjkN9y+k+
+krhHju6hsfL27W8olcPcSgrQpI3IKRxI/6f60rmz0qZ1kS1Zi+M4Ilka9vUfJ9J
AhZ5ExMLK4VhQ0HK+RxkzIsQEyMIm8JUMxXLaS4Gj7Jbnj//U89iDCLNkqGPIDzM
kyLQeQQtkQkbq4L+EKsiSUfeoihvLniFs0aSeazbOCXSIbbQbOgdOcg37k4pKJ8r
RWMKCcIQpXxTWqbJ0CPga9wLaTV4JlpnGnx/M1XfM1jsLTn2QF6Jj07PrMNa0oKG
OO0aFQZ4Vdu6xXlyRk+urrgNaEA1+xt6YBAiYyghW7FVe2rYFB8L67DCuQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFH1Ta7sk7IzfF1GqbeAgOr75+hx1MB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvZlZOcnV5VHNqTjhYVWFwdDRDQTZ2dm42SEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQCkNDQAwQA
1eO+MBoEAgACMBQwEgMHACoAEcAARwMHACoAEcAASDANBgkqhkiG9w0BAQsFAAOC
AQEApQx4cRMLSadsyjkhCa1nwhNI6mXeRW1GDllsv835AiwsBhM9JILdeQPQBi5s
n0xQxS6fuoISUHwbALoGNzkwnYchGv+zuuMjHS51ZuSl7ho4esVTfTjBkGF9GooH
iJPrgLA0iwh+SWFX3GGzRrRD9/Vq7aBmfClNdsW62DUxm9HAayhyUryXsiIFqR+E
Ov8bbTwkVsmMmSRfjg8kOoj+lMBytUYAUIrA+tB7Jghctq0ezHYAWXIvmN5Mmw3V
91CoGG2JR3Qzqzww+B0rIUvqVkhSiQhhBllcdJ/oIENpZhB466N6Y/S/ZzwzKIvO
KU50eJipx7Owq4KyTqIWAOKDGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:14 2024 by rpki-client on console-fra.rpki-client.org