Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/7UFDr7MNfv_FTMH8OIN3kA8UWkc.roa
File: 7UFDr7MNfv_FTMH8OIN3kA8UWkc.roa (raw, json)
Hash identifier: 16B4f/KJ8KIpMa71KSZlzexrAFcLhsgZGvL0Hn1UJ6E=
Subject key identifier: ED:41:43:AF:B3:0D:7E:FF:C5:4C:C1:FC:38:83:77:90:0F:14:5A:47
Certificate issuer: /CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Certificate serial: 018810BAFA373B24611FE69BE37BEE2CA8CD
Authority key identifier: 64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/7UFDr7MNfv_FTMH8OIN3kA8UWkc.roa
Signing time: Fri 12 May 2023 16:11:09 +0000
ROA not before: Fri 12 May 2023 16:11:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 195.190.135.0/24 maxlen: 24
194.37.255.0/24 maxlen: 24
91.198.224.0/24 maxlen: 24
194.145.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:ba:fa:37:3b:24:61:1f:e6:9b:e3:7b:ee:2c:a8:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f873adb6a1f3e81b3343c74998947526c43dcf
Validity
Not Before: May 12 16:11:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed4143afb30d7effc54cc1fc388377900f145a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:20:18:eb:8d:d3:0e:73:ae:c1:3e:2a:25:bd:
35:43:84:0f:e2:1d:97:23:53:a3:bc:20:fe:28:16:
2b:91:e4:ae:f1:f4:5b:d4:a2:b2:d9:b8:69:cc:34:
8b:ee:60:52:50:d0:81:ab:8a:f0:c2:2d:49:7d:5b:
ee:e9:5a:ab:b9:91:48:01:fb:e6:dd:4c:fe:c6:ab:
66:39:ab:67:84:c2:df:89:9b:dc:31:2d:10:21:8d:
9b:fc:88:1e:96:d1:13:cc:8b:bc:d7:e3:ba:e1:95:
a2:50:22:49:03:75:09:fa:ae:5f:c1:56:70:6e:0c:
30:f9:a6:1e:e0:da:5b:da:a1:a8:0f:31:fa:2d:bd:
c9:ce:3d:24:6a:0e:e3:d2:dd:0f:ed:1b:31:33:5a:
5c:69:e6:6e:14:bb:ef:92:03:5b:23:db:12:63:37:
94:e2:a0:bb:07:b6:a0:51:8c:5b:0a:62:f9:82:cf:
e8:a2:73:ed:d1:5c:ce:ee:29:a9:bf:90:f6:64:43:
c3:96:c4:e4:6a:28:60:3b:6f:cd:67:ce:d6:c6:0e:
83:ea:15:af:33:de:e5:4f:22:a9:a4:07:e4:f6:ae:
86:bb:cf:33:37:3b:7b:24:78:f8:8a:7f:ed:b9:79:
91:45:50:6a:82:9e:09:52:2d:67:c4:38:da:7c:fa:
8a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:41:43:AF:B3:0D:7E:FF:C5:4C:C1:FC:38:83:77:90:0F:14:5A:47
X509v3 Authority Key Identifier:
keyid:64:F8:73:AD:B6:A1:F3:E8:1B:33:43:C7:49:98:94:75:26:C4:3D:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPhzrbah8-gbM0PHSZiUdSbEPc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/7UFDr7MNfv_FTMH8OIN3kA8UWkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/b9e4c4-a3dc-46e8-aa3e-397f36c91982/1/ZPhzrbah8-gbM0PHSZiUdSbEPc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.224.0/24
194.37.255.0/24
194.145.224.0/24
195.190.135.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:53:27:f8:e1:de:70:b5:7f:6c:a8:04:42:76:db:92:eb:d8:
ab:e6:7b:eb:26:ce:d0:5f:71:ed:d9:38:a7:58:3a:85:78:47:
86:5d:43:10:e5:f2:b0:ff:0f:11:37:41:61:28:ba:a6:0e:bd:
69:25:0e:50:c3:51:85:e0:e4:6b:2b:16:ee:ca:61:b5:5a:f5:
85:f8:bd:7d:6d:c7:d1:17:2e:48:55:cd:49:b1:de:90:f5:8a:
c0:e4:5f:5c:d5:59:e9:7e:ec:d8:5c:d1:4c:03:ee:85:ec:98:
90:16:8a:58:c6:39:ce:9e:4f:88:7f:76:5f:d3:04:e4:be:61:
dd:e7:53:1e:75:ec:2d:7c:5a:34:97:d8:b9:cf:3c:57:b8:0c:
8d:5e:43:bc:e5:51:41:39:41:15:15:41:e8:19:dd:11:9d:87:
34:7f:f9:7b:bb:48:fe:cf:cc:c1:97:af:1b:5b:89:f6:9a:88:
a8:0b:05:f8:59:68:1d:a2:1d:b8:c3:4a:28:c3:dc:7d:63:07:
3b:51:88:f8:e6:30:63:1f:aa:a1:68:16:65:73:95:20:f4:13:
8c:8c:0f:5c:d7:15:44:f5:f2:b6:19:ad:11:47:c4:e9:1c:7b:
ed:90:b2:56:83:7f:0a:2a:f7:5c:2f:e0:dd:1c:93:80:9f:65:
c4:f9:eb:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgQuvo3OyRhH+ab43vuLKjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Zjg3M2FkYjZhMWYzZTgxYjMzNDNjNzQ5OTg5NDc1MjZj
NDNkY2YwHhcNMjMwNTEyMTYxMTA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQxNDNhZmIzMGQ3ZWZmYzU0Y2MxZmMzODgzNzc5MDBmMTQ1YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCAY643TDnOuwT4qJb01Q4QP4h2X
I1OjvCD+KBYrkeSu8fRb1KKy2bhpzDSL7mBSUNCBq4rwwi1JfVvu6VqruZFIAfvm
3Uz+xqtmOatnhMLfiZvcMS0QIY2b/IgeltETzIu81+O64ZWiUCJJA3UJ+q5fwVZw
bgww+aYe4Npb2qGoDzH6Lb3Jzj0kag7j0t0P7RsxM1pcaeZuFLvvkgNbI9sSYzeU
4qC7B7agUYxbCmL5gs/oonPt0VzO7impv5D2ZEPDlsTkaihgO2/NZ87Wxg6D6hWv
M97lTyKppAfk9q6Gu88zNzt7JHj4in/tuXmRRVBqgp4JUi1nxDjafPqK/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO1BQ6+zDX7/xUzB/DiDd5APFFpHMB8GA1UdIwQY
MBaAFGT4c622ofPoGzNDx0mYlHUmxD3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2Ut
Mzk3ZjM2YzkxOTgyLzEvN1VGRHI3TU5mdl9GVE1IOE9JTjNrQThVV2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9iOWU0YzQtYTNkYy00NmU4LWFhM2UtMzk3ZjM2YzkxOTgy
LzEvWlBoenJiYWg4LWdiTTBQSFNaaVVkU2JFUGM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8bgAwQA
wiX/AwQAwpHgAwQAw76HMA0GCSqGSIb3DQEBCwUAA4IBAQANUyf44d5wtX9sqARC
dtuS69ir5nvrJs7QX3Ht2TinWDqFeEeGXUMQ5fKw/w8RN0FhKLqmDr1pJQ5Qw1GF
4ORrKxbuymG1WvWF+L19bcfRFy5IVc1Jsd6Q9YrA5F9c1VnpfuzYXNFMA+6F7JiQ
FopYxjnOnk+If3Zf0wTkvmHd51MedewtfFo0l9i5zzxXuAyNXkO85VFBOUEVFUHo
Gd0RnYc0f/l7u0j+z8zBl68bW4n2moioCwX4WWgdoh24w0oow9x9Ywc7UYj45jBj
H6qhaBZlc5Ug9BOMjA9c1xVE9fK2Ga0RR8TpHHvtkLJWg38KKvdcL+DdHJOAn2XE
+etQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:32 2024 by rpki-client on console-ams.rpki-client.org