Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/fDIE_XhHgdeTzJtBosrwkRRo-9Q.roa
File: fDIE_XhHgdeTzJtBosrwkRRo-9Q.roa (raw, json)
Hash identifier: KNMZP2Hxm1GX6j7nQR0wKOb0zqzBxEe1aF1Y5UHYD/c=
Subject key identifier: 7C:32:04:FD:78:47:81:D7:93:CC:9B:41:A2:CA:F0:91:14:68:FB:D4
Certificate issuer: /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial: 0185720C69D639DC1DF896DF8E19B1804A6E
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/fDIE_XhHgdeTzJtBosrwkRRo-9Q.roa
Signing time: Mon 02 Jan 2023 10:34:54 +0000
ROA not before: Mon 02 Jan 2023 10:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44547
IP address blocks: 185.161.122.0/24 maxlen: 24
185.171.88.0/24 maxlen: 24
185.171.91.0/24 maxlen: 24
2a0c:f500::/29 maxlen: 29
2a07:5dc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:69:d6:39:dc:1d:f8:96:df:8e:19:b1:80:4a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
Validity
Not Before: Jan 2 10:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c3204fd784781d793cc9b41a2caf0911468fbd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:93:99:10:dc:70:2f:a5:38:e9:92:f0:fa:e9:
31:92:dd:f5:5a:2c:02:32:89:6e:64:3b:b0:7b:90:
a7:53:19:d0:25:c2:25:33:90:3b:5f:2d:d3:05:54:
59:5c:c8:80:6c:60:fc:1b:48:91:0c:0b:ff:f2:d0:
58:bb:8e:48:41:32:bc:9e:2f:4f:a4:cd:95:74:4d:
b5:ec:18:3c:57:99:50:9a:91:e5:82:d3:de:f9:2a:
72:5b:7d:f9:2b:8a:1f:40:14:ae:45:c5:c8:56:1f:
70:a1:ec:0c:b7:9c:b6:72:1f:64:11:57:d4:c8:a6:
57:52:03:4e:19:8b:f6:7b:be:86:56:e3:52:26:be:
8d:b9:2a:43:1b:31:b1:c7:14:be:d2:a0:2b:5f:53:
07:65:a7:8e:27:0b:64:0f:18:61:30:9e:33:e2:f1:
8d:79:48:aa:ed:ba:95:2f:3f:20:5d:68:ad:e6:3c:
43:0c:ac:52:37:83:0f:65:9a:0d:39:33:e6:67:8e:
fe:2c:ee:7b:3b:fa:97:d7:68:72:a1:0e:e2:ad:e4:
5b:2d:18:32:76:b9:96:3d:59:25:d7:fc:62:3e:ac:
e8:2e:c5:b0:4b:62:27:a5:bd:65:72:a5:5e:21:fa:
cf:23:90:c1:d5:54:0e:e5:7e:c7:c8:bf:a9:5f:24:
64:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:32:04:FD:78:47:81:D7:93:CC:9B:41:A2:CA:F0:91:14:68:FB:D4
X509v3 Authority Key Identifier:
keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/fDIE_XhHgdeTzJtBosrwkRRo-9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.122.0/24
185.171.88.0/24
185.171.91.0/24
IPv6:
2a07:5dc0::/29
2a0c:f500::/29
Signature Algorithm: sha256WithRSAEncryption
94:6f:c1:d0:99:e0:03:bf:d7:51:2e:d0:2c:b5:a2:33:af:e8:
78:8f:dd:b2:18:af:3b:24:f5:29:2e:68:37:b9:21:fc:dc:80:
ff:49:20:94:86:17:86:22:99:e3:e1:b2:0f:8d:26:c3:34:c5:
a2:2d:fa:39:b3:6d:33:f8:83:b5:df:f2:eb:87:91:1b:df:48:
db:32:7c:b7:a9:41:ef:ff:79:06:94:a2:71:af:4d:3e:9f:37:
78:60:82:08:8c:23:1f:b5:1e:1c:06:f0:06:d9:e4:75:1e:55:
2b:dc:ac:69:7a:2e:c1:c8:36:56:c2:25:ee:61:8f:66:bd:22:
33:2f:90:6c:45:6b:e0:32:55:b3:a2:40:c1:9a:bf:df:90:e8:
df:3c:23:2a:5a:a0:41:01:b4:06:69:fe:f0:89:b2:cb:5f:9d:
31:bf:17:49:96:f0:ff:d0:58:5a:15:b3:45:dd:fb:9f:ca:51:
ba:bc:00:48:40:da:b9:ff:e4:87:e2:dc:e6:74:16:c6:42:f3:
d1:9e:c9:5e:06:22:b7:da:a1:9a:86:69:d6:ce:8f:ee:09:68:
b1:86:93:f0:e1:1b:6b:37:db:46:b0:a7:31:46:05:38:26:a6:
12:70:63:71:da:85:f9:9f:3f:0f:4e:0a:67:68:6f:b1:6d:6d:
bf:6b:e4:68
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVyDGnWOdwd+JbfjhmxgEpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjMwMTAyMTAzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzMyMDRmZDc4NDc4MWQ3OTNjYzliNDFhMmNhZjA5MTE0NjhmYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5OZENxwL6U46ZLw+ukxkt31WiwC
MoluZDuwe5CnUxnQJcIlM5A7Xy3TBVRZXMiAbGD8G0iRDAv/8tBYu45IQTK8ni9P
pM2VdE217Bg8V5lQmpHlgtPe+SpyW335K4ofQBSuRcXIVh9woewMt5y2ch9kEVfU
yKZXUgNOGYv2e76GVuNSJr6NuSpDGzGxxxS+0qArX1MHZaeOJwtkDxhhMJ4z4vGN
eUiq7bqVLz8gXWit5jxDDKxSN4MPZZoNOTPmZ47+LO57O/qX12hyoQ7ireRbLRgy
drmWPVkl1/xiPqzoLsWwS2Inpb1lcqVeIfrPI5DB1VQO5X7HyL+pXyRkVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHwyBP14R4HXk8ybQaLK8JEUaPvUMB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvZkRJRV9YaEhnZGVUekp0Qm9zcndrUlJvLTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuaF6AwQA
uatYAwQAuatbMBQEAgACMA4DBQMqB13AAwUDKgz1ADANBgkqhkiG9w0BAQsFAAOC
AQEAlG/B0JngA7/XUS7QLLWiM6/oeI/dshivOyT1KS5oN7kh/NyA/0kglIYXhiKZ
4+GyD40mwzTFoi36ObNtM/iDtd/y64eRG99I2zJ8t6lB7/95BpSica9NPp83eGCC
CIwjH7UeHAbwBtnkdR5VK9ysaXouwcg2VsIl7mGPZr0iMy+QbEVr4DJVs6JAwZq/
35Do3zwjKlqgQQG0Bmn+8Imyy1+dMb8XSZbw/9BYWhWzRd37n8pRurwASEDauf/k
h+Lc5nQWxkLz0Z7JXgYit9qhmoZp1s6P7glosYaT8OEbazfbRrCnMUYFOCamEnBj
cdqF+Z8/D04KZ2hvsW1tv2vkaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org