Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Fuz9q9qwXsiVVZLfoLso40yZ-go.roa
File: Fuz9q9qwXsiVVZLfoLso40yZ-go.roa (raw, json)
Hash identifier: lAKXcnM6DC4vR3Ao6wGRXCQXX2CtlUzKVoEklTT/EGw=
Subject key identifier: 16:EC:FD:AB:DA:B0:5E:C8:95:55:92:DF:A0:BB:28:E3:4C:99:FA:0A
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0190EE7F863884C95E627B15DB07818544BD
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Fuz9q9qwXsiVVZLfoLso40yZ-go.roa
Signing time: Fri 26 Jul 2024 10:04:13 +0000
ROA not before: Fri 26 Jul 2024 10:04:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 213.182.200.0/24 maxlen: 24
213.182.203.0/24 maxlen: 24
213.182.204.0/24 maxlen: 24
213.182.208.0/24 maxlen: 24
213.182.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 09:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:7f:86:38:84:c9:5e:62:7b:15:db:07:81:85:44:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jul 26 10:04:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16ecfdabdab05ec8955592dfa0bb28e34c99fa0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:ee:89:eb:85:86:c2:3d:6a:b7:bb:9b:1a:
ea:0c:46:ba:4a:51:b8:74:c9:64:2f:77:d5:56:dc:
04:76:5d:0b:e2:b2:2c:70:a2:41:34:83:d7:47:5d:
55:a7:28:a3:dd:57:6e:e4:b2:6e:3a:19:b6:d1:47:
6f:1a:ec:e9:d7:f5:30:2c:76:eb:e9:2f:44:b5:ca:
0a:ac:db:d6:1d:d5:57:8b:ad:0f:72:f5:29:8c:ee:
2a:3b:97:ec:ef:bb:82:21:88:12:59:5c:b7:b4:c3:
1e:74:f6:d5:38:7e:b9:3a:7e:15:5a:3d:e9:55:7d:
64:38:e4:05:e2:ab:76:5e:ae:80:a1:ab:04:bb:df:
1d:a3:dd:cf:3e:25:2c:67:5d:5d:77:2e:7a:7c:2d:
17:ee:ab:4a:e3:c4:27:fa:e5:6e:b7:5c:91:29:83:
57:05:46:fb:f9:0d:70:91:ca:6f:ad:16:51:66:fd:
b7:68:6a:61:a2:30:2b:b2:41:98:e3:d2:c1:01:c3:
0c:bd:b9:da:77:1d:be:ec:0c:c8:e8:9a:c6:87:4a:
94:60:2a:17:a2:ab:d1:b1:4d:29:c2:b3:5d:4f:bd:
7d:7b:8b:de:12:75:86:26:f8:cc:85:14:82:6c:c8:
94:71:c7:f2:72:d5:62:3e:9a:bc:7c:43:7f:95:5b:
b4:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:EC:FD:AB:DA:B0:5E:C8:95:55:92:DF:A0:BB:28:E3:4C:99:FA:0A
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/Fuz9q9qwXsiVVZLfoLso40yZ-go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.182.200.0/24
213.182.203.0-213.182.204.255
213.182.208.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:ca:a5:bf:f3:d8:bf:dd:df:2f:9c:4a:72:7c:e6:f4:e4:6f:
f3:97:ac:36:0a:95:76:88:2b:dd:0c:df:a7:cc:a1:d4:17:f3:
86:f8:23:1f:e0:e2:e1:1e:2a:e9:5a:53:04:b3:ff:f9:4f:bc:
49:57:6f:5c:82:c4:50:bd:03:e5:4c:55:57:3d:4a:67:63:fd:
7a:74:c6:81:7a:db:35:ed:54:71:0d:fc:8b:61:04:c3:58:b0:
b4:92:cf:f3:6a:b3:65:96:5c:78:70:e8:6d:81:55:f2:9d:95:
2f:b4:b9:41:8a:db:67:84:cb:70:3d:f1:08:ab:0b:3b:c6:83:
ba:ea:c8:b3:93:8c:39:62:71:e8:94:56:fa:37:9c:a7:2f:f4:
a7:fd:44:f9:76:52:1d:04:72:db:48:49:01:05:c4:6c:9d:95:
0d:a5:bc:05:f7:c9:72:0e:b2:c6:26:bb:40:54:d7:40:87:e1:
6f:23:73:47:5e:2f:a0:e6:e1:ad:5a:77:25:00:5a:b9:76:33:
bb:8a:b8:9e:77:fa:3c:ba:32:be:9e:4d:f7:96:85:68:29:14:
94:d3:1d:32:03:db:7e:1b:c6:d9:0b:b7:e2:97:f7:05:f9:80:
3f:d3:03:0d:ea:80:14:9f:f3:09:b2:22:95:92:45:1c:6d:7d:
8f:c3:c5:01
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZDuf4Y4hMleYnsV2weBhUS9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwNzI2MTAwNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmVjZmRhYmRhYjA1ZWM4OTU1NTkyZGZhMGJiMjhlMzRjOTlmYTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpjuieuFhsI9are7mxrqDEa6SlG4
dMlkL3fVVtwEdl0L4rIscKJBNIPXR11Vpyij3Vdu5LJuOhm20UdvGuzp1/UwLHbr
6S9EtcoKrNvWHdVXi60PcvUpjO4qO5fs77uCIYgSWVy3tMMedPbVOH65On4VWj3p
VX1kOOQF4qt2Xq6AoasEu98do93PPiUsZ11ddy56fC0X7qtK48Qn+uVut1yRKYNX
BUb7+Q1wkcpvrRZRZv23aGphojArskGY49LBAcMMvbnadx2+7AzI6JrGh0qUYCoX
oqvRsU0pwrNdT719e4veEnWGJvjMhRSCbMiUccfyctViPpq8fEN/lVu0FwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBbs/avasF7IlVWS36C7KONMmfoKMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvRnV6OXE5cXdYc2lWVlpMZm9Mc280MHlaLWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQA1bbIMAwD
BADVtssDBADVtswDBAHVttAwDQYJKoZIhvcNAQELBQADggEBAGvKpb/z2L/d3y+c
SnJ85vTkb/OXrDYKlXaIK90M36fModQX84b4Ix/g4uEeKulaUwSz//lPvElXb1yC
xFC9A+VMVVc9Smdj/Xp0xoF62zXtVHEN/IthBMNYsLSSz/Nqs2WWXHhw6G2BVfKd
lS+0uUGK22eEy3A98QirCzvGg7rqyLOTjDliceiUVvo3nKcv9Kf9RPl2Uh0EcttI
SQEFxGydlQ2lvAX3yXIOssYmu0BU10CH4W8jc0deL6Dm4a1adyUAWrl2M7uKuJ53
+jy6Mr6eTfeWhWgpFJTTHTID234bxtkLt+KX9wX5gD/TAw3qgBSf8wmyIpWSRRxt
fY/DxQE=
Generated at Sun Jul 28 10:28:11 2024 by rpki-client on console-fra.rpki-client.org