Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/fj3RfGmSp8pBhQYEZ9E8z4Goc5E.roa
File: fj3RfGmSp8pBhQYEZ9E8z4Goc5E.roa (raw, json)
Hash identifier: bFGpEuLvPq/W9Fsn8T20M09bQUGsK4iDqx2JQu6SOQM=
Subject key identifier: 7E:3D:D1:7C:69:92:A7:CA:41:85:06:04:67:D1:3C:CF:81:A8:73:91
Certificate issuer: /CN=20f638107abb84ae6fb03cc1db2cfd1bc4487f8d
Certificate serial: 018571FA296AFA2EEE9FE252CAAA6C5E44C9
Authority key identifier: 20:F6:38:10:7A:BB:84:AE:6F:B0:3C:C1:DB:2C:FD:1B:C4:48:7F:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IPY4EHq7hK5vsDzB2yz9G8RIf40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/fj3RfGmSp8pBhQYEZ9E8z4Goc5E.roa
Signing time: Mon 02 Jan 2023 10:14:58 +0000
ROA not before: Mon 02 Jan 2023 10:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35199
IP address blocks: 193.19.164.0/22 maxlen: 22
185.214.67.0/24 maxlen: 24
178.219.16.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:29:6a:fa:2e:ee:9f:e2:52:ca:aa:6c:5e:44:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20f638107abb84ae6fb03cc1db2cfd1bc4487f8d
Validity
Not Before: Jan 2 10:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e3dd17c6992a7ca4185060467d13ccf81a87391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a3:37:89:b4:7f:5b:e8:6e:87:ed:e9:d5:5c:
58:8d:77:67:1f:e9:02:46:9e:27:f8:aa:6f:c6:94:
ac:0c:cb:eb:2a:34:13:5b:10:e7:28:d8:31:02:b0:
e2:4f:5a:3b:92:70:c3:69:6e:39:46:6d:63:fc:59:
f0:e5:41:70:54:f1:4d:28:0e:8b:22:12:5e:8e:5c:
52:8b:33:95:1b:f0:ba:87:a0:45:83:ed:5c:97:93:
f8:f1:d1:a9:aa:d9:96:8d:26:20:65:9e:f6:9f:bd:
9d:74:bc:e8:d4:7f:92:f3:a4:ab:ef:8e:25:29:64:
64:68:07:55:60:08:a3:1e:b6:1f:50:c7:20:49:59:
48:a1:67:f4:cf:fe:35:70:88:b2:8a:ba:6e:ba:8a:
41:c3:e6:ea:52:cf:d0:f9:f1:f2:59:fa:e8:be:35:
ca:a5:97:e7:7d:0e:d8:80:2f:55:ab:2f:35:75:e3:
c5:cf:81:df:86:9a:e1:f6:c1:65:3f:e8:d5:30:c0:
2a:c5:89:0a:07:e9:f2:be:3a:df:21:be:38:dc:f1:
67:f1:a0:89:a7:f0:3a:40:25:ed:4e:91:7d:77:79:
7c:c6:6f:25:f5:17:9d:c3:85:74:cf:2e:70:3a:79:
c8:a5:f7:7a:e6:87:6a:53:91:0a:c3:7c:92:2f:c0:
93:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3D:D1:7C:69:92:A7:CA:41:85:06:04:67:D1:3C:CF:81:A8:73:91
X509v3 Authority Key Identifier:
keyid:20:F6:38:10:7A:BB:84:AE:6F:B0:3C:C1:DB:2C:FD:1B:C4:48:7F:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IPY4EHq7hK5vsDzB2yz9G8RIf40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/fj3RfGmSp8pBhQYEZ9E8z4Goc5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/4f5808-1c04-4255-9b84-a82836de05fc/1/IPY4EHq7hK5vsDzB2yz9G8RIf40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.16.0/22
185.214.67.0/24
193.19.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:62:fc:0b:ee:79:ab:6d:c0:52:2b:14:70:90:0c:e2:2f:ce:
7f:40:d2:6a:12:c2:2d:50:6a:a1:27:da:8b:61:9e:a8:1c:94:
e6:6b:89:66:2d:9f:99:a4:9e:26:d9:a3:5e:5d:f2:b6:aa:c7:
35:a4:1e:72:7c:8c:76:ef:92:b6:83:46:4f:c6:37:b8:11:8d:
0f:0f:9c:a8:0f:48:48:a4:97:ec:35:a5:04:70:62:31:2d:eb:
72:21:ab:c1:ed:54:9a:d1:97:ac:a6:4c:5d:c6:c7:70:01:55:
9f:0e:8d:34:8e:8e:31:df:0e:40:03:26:be:34:56:f2:a4:82:
a0:c9:1a:b8:bb:82:72:c1:c0:44:2f:50:85:79:48:8c:a6:8c:
69:d7:5e:05:0a:72:3f:db:c4:53:cf:cc:df:25:aa:de:69:22:
fc:78:87:16:32:9c:0d:8b:93:a5:7a:7c:d7:59:e1:5f:66:22:
dc:95:92:c0:64:9b:f4:76:27:62:1d:53:52:c5:1d:c4:bf:3e:
e1:18:d5:f9:d4:43:0f:26:b5:31:16:09:27:99:de:a5:bf:49:
6b:64:3e:4b:27:f5:65:73:20:6e:09:66:2c:64:35:b9:d0:07:
85:ca:63:89:81:44:b3:ff:1a:56:46:c7:32:58:dc:97:d3:c1:
ae:b9:69:4d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVx+ilq+i7un+JSyqpsXkTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZjYzODEwN2FiYjg0YWU2ZmIwM2NjMWRiMmNmZDFiYzQ0
ODdmOGQwHhcNMjMwMTAyMTAxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNkZDE3YzY5OTJhN2NhNDE4NTA2MDQ2N2QxM2NjZjgxYTg3MzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKM3ibR/W+huh+3p1VxYjXdnH+kC
Rp4n+KpvxpSsDMvrKjQTWxDnKNgxArDiT1o7knDDaW45Rm1j/Fnw5UFwVPFNKA6L
IhJejlxSizOVG/C6h6BFg+1cl5P48dGpqtmWjSYgZZ72n72ddLzo1H+S86Sr744l
KWRkaAdVYAijHrYfUMcgSVlIoWf0z/41cIiyirpuuopBw+bqUs/Q+fHyWfrovjXK
pZfnfQ7YgC9Vqy81dePFz4Hfhprh9sFlP+jVMMAqxYkKB+nyvjrfIb443PFn8aCJ
p/A6QCXtTpF9d3l8xm8l9Redw4V0zy5wOnnIpfd65odqU5EKw3ySL8CTvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH490XxpkqfKQYUGBGfRPM+BqHORMB8GA1UdIwQY
MBaAFCD2OBB6u4Sub7A8wdss/RvESH+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVBZNEVIcTdoSzV2c0R6QjJ5ejlHOFJJZjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC80ZjU4MDgtMWMwNC00MjU1LTliODQt
YTgyODM2ZGUwNWZjLzEvZmozUmZHbVNwOHBCaFFZRVo5RTh6NEdvYzVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC80ZjU4MDgtMWMwNC00MjU1LTliODQtYTgyODM2ZGUwNWZj
LzEvSVBZNEVIcTdoSzV2c0R6QjJ5ejlHOFJJZjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCstsQAwQA
udZDAwQCwROkMA0GCSqGSIb3DQEBCwUAA4IBAQB8YvwL7nmrbcBSKxRwkAziL85/
QNJqEsItUGqhJ9qLYZ6oHJTma4lmLZ+ZpJ4m2aNeXfK2qsc1pB5yfIx275K2g0ZP
xje4EY0PD5yoD0hIpJfsNaUEcGIxLetyIavB7VSa0ZespkxdxsdwAVWfDo00jo4x
3w5AAya+NFbypIKgyRq4u4JywcBEL1CFeUiMpoxp114FCnI/28RTz8zfJareaSL8
eIcWMpwNi5OlenzXWeFfZiLclZLAZJv0didiHVNSxR3Evz7hGNX51EMPJrUxFgkn
md6lv0lrZD5LJ/VlcyBuCWYsZDW50AeFymOJgUSz/xpWRscyWNyX08GuuWlN
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:25 2024 by rpki-client on console-ams.rpki-client.org