Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FQqNDKLwhXuUar81KOVPS290h8E.roa
File: FQqNDKLwhXuUar81KOVPS290h8E.roa (raw, json)
Hash identifier: u0qE1WKKfTk0IXdSgNmVfHYuAQap/45u0v59HxPiwqo=
Subject key identifier: 15:0A:8D:0C:A2:F0:85:7B:94:6A:BF:35:28:E5:4F:4B:6F:74:87:C1
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 0185714C47D61928F65F275F324177C80CC7
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FQqNDKLwhXuUar81KOVPS290h8E.roa
Signing time: Mon 02 Jan 2023 07:05:02 +0000
ROA not before: Mon 02 Jan 2023 07:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210876
IP address blocks: 193.57.164.0/23 maxlen: 23
193.57.164.0/24 maxlen: 24
185.204.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:47:d6:19:28:f6:5f:27:5f:32:41:77:c8:0c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Jan 2 07:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=150a8d0ca2f0857b946abf3528e54f4b6f7487c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:70:af:44:f8:5f:67:6e:6d:9a:99:ff:ff:68:
db:b3:a3:33:0d:55:b5:0c:cf:44:44:a0:76:d8:4d:
00:df:d5:25:c4:8e:a7:43:79:8d:35:e7:c9:4e:dc:
6c:14:2c:88:4b:31:3e:b9:7e:a2:4f:05:c0:c1:71:
09:bb:1b:26:2c:14:e2:bd:44:53:40:a1:5f:d3:72:
5a:07:b7:c1:ff:12:ab:d6:fb:47:85:9e:b8:52:9b:
1c:08:5b:b0:78:08:d0:1c:bf:bb:7e:c6:0a:b0:62:
2b:14:f0:d7:bd:7f:6a:10:8a:29:8e:45:81:33:2e:
16:24:51:60:fc:87:25:6e:c9:81:8c:f1:c0:05:b4:
c6:a2:c3:5d:2a:cf:04:01:db:28:5e:ee:ca:4f:11:
c2:ae:23:6a:ae:3a:c9:64:dc:41:b4:ed:57:61:50:
75:4b:7f:6e:40:69:34:c5:6d:ff:8f:e1:c1:19:f0:
21:07:27:5b:6b:82:d6:ea:91:fb:ed:c9:a9:59:d5:
62:61:97:62:98:7f:bc:f3:a1:65:87:f4:9d:87:79:
0f:59:82:2c:f7:40:20:7d:31:f4:18:9a:84:fe:f8:
a3:32:20:fd:c1:cf:a9:e3:b1:45:d7:0d:35:56:5e:
b9:fb:50:1e:94:e0:83:37:4f:bb:44:e8:ea:df:66:
bd:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:0A:8D:0C:A2:F0:85:7B:94:6A:BF:35:28:E5:4F:4B:6F:74:87:C1
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/FQqNDKLwhXuUar81KOVPS290h8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.102.0/24
193.57.164.0/23
Signature Algorithm: sha256WithRSAEncryption
20:ca:f5:32:07:fe:91:35:5c:6b:7d:e6:8c:4a:fd:08:a5:90:
01:d8:57:c9:19:78:e2:a5:a6:6d:d7:a2:7f:f9:ef:03:a5:6b:
8f:89:b1:42:7f:98:95:99:6f:b4:fb:e5:97:97:d9:ba:6a:0f:
d7:ae:8c:41:f3:82:ec:ec:ec:1e:46:4f:c6:3c:24:59:be:18:
ae:49:37:24:93:62:d4:54:fe:8a:aa:72:3b:64:6c:0a:69:59:
5f:78:0f:c3:eb:a7:54:f6:d6:bc:9c:50:01:fc:97:64:bc:50:
59:2c:59:96:22:a3:0f:39:f9:6c:3b:19:c2:14:ac:13:a2:fb:
55:83:a6:4f:5c:51:f7:c8:63:cf:6e:6e:8c:b3:c2:cb:1a:75:
1d:31:c6:fd:75:2a:51:82:65:40:3e:48:c1:5f:2f:bd:bb:8e:
dc:c8:67:9a:4c:38:3c:ad:ad:95:ec:a7:2a:4d:3e:3b:b0:45:
67:03:07:70:45:e9:a6:10:73:1e:fa:d9:de:f3:4a:a8:9c:b3:
5c:3d:2c:28:cd:9a:4a:6c:39:64:20:47:66:3d:9d:52:c9:b0:
41:9b:c9:16:76:e3:80:60:43:9b:4b:95:89:96:51:73:0e:ab:
bf:1f:5a:ad:cc:9c:6f:db:18:a0:96:88:58:10:1a:51:15:70:
ba:81:dd:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxTEfWGSj2XydfMkF3yAzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjMwMTAyMDcwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTBhOGQwY2EyZjA4NTdiOTQ2YWJmMzUyOGU1NGY0YjZmNzQ4N2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHCvRPhfZ25tmpn//2jbs6MzDVW1
DM9ERKB22E0A39UlxI6nQ3mNNefJTtxsFCyISzE+uX6iTwXAwXEJuxsmLBTivURT
QKFf03JaB7fB/xKr1vtHhZ64UpscCFuweAjQHL+7fsYKsGIrFPDXvX9qEIopjkWB
My4WJFFg/IclbsmBjPHABbTGosNdKs8EAdsoXu7KTxHCriNqrjrJZNxBtO1XYVB1
S39uQGk0xW3/j+HBGfAhBydba4LW6pH77cmpWdViYZdimH+886Flh/Sdh3kPWYIs
90AgfTH0GJqE/vijMiD9wc+p47FF1w01Vl65+1AelOCDN0+7ROjq32a9pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBUKjQyi8IV7lGq/NSjlT0tvdIfBMB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvRlFxTkRLTHdoWHVVYXI4MUtPVlBTMjkwaDhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucxmAwQB
wTmkMA0GCSqGSIb3DQEBCwUAA4IBAQAgyvUyB/6RNVxrfeaMSv0IpZAB2FfJGXji
paZt16J/+e8DpWuPibFCf5iVmW+0++WXl9m6ag/XroxB84Ls7OweRk/GPCRZvhiu
STckk2LUVP6KqnI7ZGwKaVlfeA/D66dU9ta8nFAB/JdkvFBZLFmWIqMPOflsOxnC
FKwTovtVg6ZPXFH3yGPPbm6Ms8LLGnUdMcb9dSpRgmVAPkjBXy+9u47cyGeaTDg8
ra2V7KcqTT47sEVnAwdwRemmEHMe+tne80qonLNcPSwozZpKbDlkIEdmPZ1SybBB
m8kWduOAYEObS5WJllFzDqu/H1qtzJxv2xiglohYEBpRFXC6gd1b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:04 2024 by rpki-client on console-ams.rpki-client.org