Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/zT3M34r8utgE2wnHZtn6YU3VQIQ.roa
File: zT3M34r8utgE2wnHZtn6YU3VQIQ.roa (raw, json)
Hash identifier: 0P6fnFBlY9Rl3YE0nvGSlBD6fdHPQzSibJoe12y3xNE=
Subject key identifier: CD:3D:CC:DF:8A:FC:BA:D8:04:DB:09:C7:66:D9:FA:61:4D:D5:40:84
Certificate issuer: /CN=fbf43fe9fd3af2bcf4ba7a83f111e6559125f3fd
Certificate serial: 018CC9BC19063DBE67BFD40D6C25829392DD
Authority key identifier: FB:F4:3F:E9:FD:3A:F2:BC:F4:BA:7A:83:F1:11:E6:55:91:25:F3:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_Q_6f068rz0unqD8RHmVZEl8_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/zT3M34r8utgE2wnHZtn6YU3VQIQ.roa
Signing time: Tue 02 Jan 2024 10:33:16 +0000
ROA not before: Tue 02 Jan 2024 10:33:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44439
IP address blocks: 213.109.150.0/24 maxlen: 24
2a12:fdc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Jul 2024 10:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:19:06:3d:be:67:bf:d4:0d:6c:25:82:93:92:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf43fe9fd3af2bcf4ba7a83f111e6559125f3fd
Validity
Not Before: Jan 2 10:33:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd3dccdf8afcbad804db09c766d9fa614dd54084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:90:97:aa:36:db:33:ba:37:61:5d:6d:a7:
bc:d0:66:dc:76:0d:d8:b4:d4:32:27:14:f4:71:7f:
e5:5d:67:e3:b2:8f:37:60:eb:01:41:73:d0:7f:ea:
dc:34:38:48:11:83:91:fe:9d:97:ee:60:85:96:c2:
12:02:96:03:de:d7:1c:ff:8d:5b:68:77:49:16:09:
bc:e6:14:df:00:34:41:06:ca:a0:e7:1d:9c:ba:2a:
bd:f7:6c:d7:44:0e:b0:92:df:ce:ad:c5:47:b0:b5:
46:3d:7e:4a:6a:3e:9b:01:a4:e2:4c:fd:dd:d2:8a:
bf:ba:41:c2:94:6f:32:e0:db:fe:e9:df:e9:dc:08:
df:7e:5b:e9:63:18:bb:6c:ec:19:ce:7a:c6:d1:e8:
57:81:db:05:ad:71:54:c7:e8:ce:48:32:76:d8:e2:
74:7a:01:6c:fe:d2:83:d1:68:29:c1:12:41:b5:f4:
04:6c:dc:de:64:0a:5d:40:27:4e:33:f0:e4:91:a2:
71:9f:8a:2c:2a:c1:98:15:ae:a0:15:d3:f8:75:92:
07:78:c8:86:e7:17:01:25:59:e9:45:b8:3b:f2:ce:
de:d5:ff:ed:cb:69:b9:0c:da:a0:cd:11:c7:a8:eb:
fe:ac:aa:2a:0a:07:bb:c5:43:54:74:5b:e1:b1:80:
7f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3D:CC:DF:8A:FC:BA:D8:04:DB:09:C7:66:D9:FA:61:4D:D5:40:84
X509v3 Authority Key Identifier:
keyid:FB:F4:3F:E9:FD:3A:F2:BC:F4:BA:7A:83:F1:11:E6:55:91:25:F3:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_Q_6f068rz0unqD8RHmVZEl8_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/zT3M34r8utgE2wnHZtn6YU3VQIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8c97fe-3f8c-4db4-ab93-752d81cdda40/1/1-_Q_6f068rz0unqD8RHmVZEl8_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.150.0/24
IPv6:
2a12:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:45:90:2b:a7:15:d1:48:94:1d:c0:c0:70:d4:53:88:1b:f1:
1a:b4:51:83:84:3d:00:ae:e1:0e:7d:98:8e:68:09:b1:28:eb:
63:46:7b:77:25:32:a9:dc:ea:03:8a:25:1a:b0:fc:f1:ac:55:
6d:5f:93:46:39:78:0f:da:f4:4c:cd:de:60:f4:4e:30:e0:70:
1f:8e:e3:b0:a5:fd:a7:e0:c0:35:cd:7c:3a:90:16:67:12:9f:
c9:0a:87:0d:f3:fb:d3:c0:4c:60:6e:79:8f:f4:f7:8d:f2:de:
72:85:1c:dc:ff:c4:c1:d5:70:48:22:d9:b6:f8:29:db:b0:15:
56:b3:a5:dc:83:02:ca:ec:e8:0a:18:e9:23:7b:82:5f:48:3a:
cb:28:fa:25:3c:4c:21:5c:b6:2b:07:6d:54:7d:53:0f:eb:dc:
6f:5b:16:b0:4e:7d:9b:f7:93:0a:96:e1:10:b0:bf:5b:ad:dc:
c0:f2:d8:e5:0c:c0:38:d6:c8:ab:c8:b7:4b:9b:0b:f4:32:90:
c3:fb:1f:e3:0f:56:2e:07:b0:ec:9c:b4:72:2e:89:2a:c8:b2:
73:90:06:ec:16:34:c3:ec:d5:30:e8:6c:9b:d7:47:e6:6a:1f:
d9:32:31:7f:9c:d0:45:ac:12:a9:87:ea:35:4e:c7:db:18:1c:
33:31:0e:54
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJvBkGPb5nv9QNbCWCk5LdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjQzZmU5ZmQzYWYyYmNmNGJhN2E4M2YxMTFlNjU1OTEy
NWYzZmQwHhcNMjQwMTAyMTAzMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNkY2NkZjhhZmNiYWQ4MDRkYjA5Yzc2NmQ5ZmE2MTRkZDU0MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllCQl6o22zO6N2Fdbae80Gbcdg3Y
tNQyJxT0cX/lXWfjso83YOsBQXPQf+rcNDhIEYOR/p2X7mCFlsISApYD3tcc/41b
aHdJFgm85hTfADRBBsqg5x2cuiq992zXRA6wkt/OrcVHsLVGPX5Kaj6bAaTiTP3d
0oq/ukHClG8y4Nv+6d/p3AjfflvpYxi7bOwZznrG0ehXgdsFrXFUx+jOSDJ22OJ0
egFs/tKD0WgpwRJBtfQEbNzeZApdQCdOM/DkkaJxn4osKsGYFa6gFdP4dZIHeMiG
5xcBJVnpRbg78s7e1f/ty2m5DNqgzRHHqOv+rKoqCge7xUNUdFvhsYB/DQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM09zN+K/LrYBNsJx2bZ+mFN1UCEMB8GA1UdIwQY
MBaAFPv0P+n9OvK89Lp6g/ER5lWRJfP9MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fUV82ZjA2OHJ6MHVucUQ4UkhtVlpFbDhfMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYvOGM5N2ZlLTNmOGMtNGRiNC1hYjkz
LTc1MmQ4MWNkZGE0MC8xL3pUM00zNHI4dXRnRTJ3bkhadG42WVUzVlFJUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzYvOGM5N2ZlLTNmOGMtNGRiNC1hYjkzLTc1MmQ4MWNkZGE0
MC8xLzEtX1FfNmYwNjhyejB1bnFEOFJIbVZaRWw4XzAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBADVbZYw
DQQCAAIwBwMFAyoS/cAwDQYJKoZIhvcNAQELBQADggEBAH9FkCunFdFIlB3AwHDU
U4gb8Rq0UYOEPQCu4Q59mI5oCbEo62NGe3clMqnc6gOKJRqw/PGsVW1fk0Y5eA/a
9EzN3mD0TjDgcB+O47Cl/afgwDXNfDqQFmcSn8kKhw3z+9PATGBueY/0943y3nKF
HNz/xMHVcEgi2bb4KduwFVazpdyDAsrs6AoY6SN7gl9IOsso+iU8TCFctisHbVR9
Uw/r3G9bFrBOfZv3kwqW4RCwv1ut3MDy2OUMwDjWyKvIt0ubC/QykMP7H+MPVi4H
sOyctHIuiSrIsnOQBuwWNMPs1TDobJvXR+ZqH9kyMX+c0EWsEqmH6jVOx9sYHDMx
DlQ=
-----END CERTIFICATE-----
Generated at Fri Jul 12 13:01:34 2024 by rpki-client on console-fra.rpki-client.org