Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/6FNJyXIy0JWUtb8Hmss8o9JnLcU.roa
File: 6FNJyXIy0JWUtb8Hmss8o9JnLcU.roa (raw, json)
Hash identifier: 2fw/sMGTW3T+AZ3M5ETG/bonkWhJvZlu0UNrmjDBMoM=
Subject key identifier: E8:53:49:C9:72:32:D0:95:94:B5:BF:07:9A:CB:3C:A3:D2:67:2D:C5
Certificate issuer: /CN=1003cd25315330350d73f2a3579aa95e052b718d
Certificate serial: 01928A705AC8ECF333BE2974C04724A58815
Authority key identifier: 10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/6FNJyXIy0JWUtb8Hmss8o9JnLcU.roa
Signing time: Mon 14 Oct 2024 09:51:11 +0000
ROA not before: Mon 14 Oct 2024 09:51:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16116
IP address blocks: 130.185.96.0/21 maxlen: 24
141.226.88.0/21 maxlen: 24
141.226.90.0/24 maxlen: 24
147.189.144.0/22 maxlen: 24
212.90.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 06:26:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:70:5a:c8:ec:f3:33:be:29:74:c0:47:24:a5:88:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1003cd25315330350d73f2a3579aa95e052b718d
Validity
Not Before: Oct 14 09:51:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e85349c97232d09594b5bf079acb3ca3d2672dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:46:d9:b4:aa:e9:3b:71:47:7b:df:ee:ce:e6:
6b:bb:6b:c2:f4:10:ea:10:9d:bb:da:0a:ff:bd:8f:
df:f8:62:92:6a:6a:09:cc:f6:1a:d2:3a:b7:61:3c:
ad:e8:9e:95:48:54:03:3d:1c:61:29:bb:1a:30:d1:
21:95:2e:bc:94:df:c6:85:39:74:c7:13:f1:ed:9a:
75:b3:fa:f0:ca:2c:09:3d:2c:ca:53:fb:d9:9c:f5:
da:72:26:8c:7c:1d:20:ca:46:1f:3b:e4:9a:b1:a5:
1f:fe:49:88:4c:a8:26:0e:60:db:fb:d7:bf:d0:ec:
49:12:4f:02:d4:cc:5c:33:13:e5:99:6f:f0:e2:e2:
fc:ef:d5:d4:dd:e8:40:ac:ee:65:88:6d:e2:8d:fe:
6f:97:4e:9d:07:0d:09:b6:b2:f7:54:88:2b:fc:52:
7c:dc:82:3c:22:83:46:f8:d0:d6:b8:1f:30:aa:8c:
38:72:39:fd:2b:18:4c:aa:26:e0:c2:55:be:99:5f:
47:e7:79:6d:9f:67:14:a9:b0:eb:58:65:0d:bf:c5:
d8:f0:12:50:23:43:8f:a1:12:71:62:a9:29:cf:76:
9e:4e:18:89:9f:93:6b:7a:b3:18:1c:14:f9:a6:f8:
c7:68:92:49:b6:ef:f7:94:d4:16:88:22:eb:c3:2c:
3b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:53:49:C9:72:32:D0:95:94:B5:BF:07:9A:CB:3C:A3:D2:67:2D:C5
X509v3 Authority Key Identifier:
keyid:10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/6FNJyXIy0JWUtb8Hmss8o9JnLcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.96.0/21
141.226.88.0/21
147.189.144.0/22
212.90.108.0/22
Signature Algorithm: sha256WithRSAEncryption
22:df:42:f2:b4:f3:d0:2e:f2:e0:95:ac:dc:25:9b:73:10:df:
19:02:f9:c9:52:54:48:46:7d:2c:8e:14:39:bb:3c:38:ef:25:
08:c1:a2:89:a2:88:b9:e5:59:14:df:97:54:a4:a3:22:25:2a:
fe:ba:3d:26:03:c3:c2:ab:fc:69:4d:1a:79:d7:6b:f8:4f:eb:
10:b3:d3:ae:e7:6e:39:3b:da:57:0e:70:d9:b8:54:14:f0:ed:
c5:98:c3:fc:b3:33:e1:be:f9:2e:c0:8b:0f:46:fb:5b:88:b4:
22:1b:c8:14:5f:20:a7:2e:67:0c:66:18:5b:a8:21:e8:46:69:
74:05:14:c6:8a:5a:6f:74:e6:93:44:97:a6:52:c4:95:b4:cc:
29:97:aa:b2:fe:ff:c4:94:12:14:d7:c4:17:c6:87:f9:17:c3:
64:9b:a8:dc:89:c4:1e:11:3c:a9:25:64:35:75:a9:3e:69:20:
41:3d:74:dd:6e:64:00:fb:1c:fa:52:e7:a8:0c:4b:e3:56:e9:
36:96:ee:62:65:44:43:45:ed:f7:62:b4:9c:e3:53:b2:a0:18:
c4:a4:94:8d:9c:fd:10:18:c8:05:39:fa:91:a2:de:43:34:fb:
23:35:da:29:2c:32:34:79:c2:58:a9:1a:73:0c:84:0b:a4:07:
7d:09:49:c3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKKcFrI7PMzvil0wEckpYgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDNjZDI1MzE1MzMwMzUwZDczZjJhMzU3OWFhOTVlMDUy
YjcxOGQwHhcNMjQxMDE0MDk1MTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODUzNDljOTcyMzJkMDk1OTRiNWJmMDc5YWNiM2NhM2QyNjcyZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskbZtKrpO3FHe9/uzuZru2vC9BDq
EJ272gr/vY/f+GKSamoJzPYa0jq3YTyt6J6VSFQDPRxhKbsaMNEhlS68lN/GhTl0
xxPx7Zp1s/rwyiwJPSzKU/vZnPXaciaMfB0gykYfO+SasaUf/kmITKgmDmDb+9e/
0OxJEk8C1MxcMxPlmW/w4uL879XU3ehArO5liG3ijf5vl06dBw0JtrL3VIgr/FJ8
3II8IoNG+NDWuB8wqow4cjn9KxhMqibgwlW+mV9H53ltn2cUqbDrWGUNv8XY8BJQ
I0OPoRJxYqkpz3aeThiJn5NrerMYHBT5pvjHaJJJtu/3lNQWiCLrwyw7XQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOhTSclyMtCVlLW/B5rLPKPSZy3FMB8GA1UdIwQY
MBaAFBADzSUxUzA1DXPyo1eaqV4FK3GNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzIt
NmFmZWY1ZDBkYWE2LzEvNkZOSnlYSXkwSldVdGI4SG1zczhvOUpuTGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzItNmFmZWY1ZDBkYWE2
LzEvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDgrlgAwQD
jeJYAwQCk72QAwQC1FpsMA0GCSqGSIb3DQEBCwUAA4IBAQAi30LytPPQLvLglazc
JZtzEN8ZAvnJUlRIRn0sjhQ5uzw47yUIwaKJooi55VkU35dUpKMiJSr+uj0mA8PC
q/xpTRp512v4T+sQs9Ou5245O9pXDnDZuFQU8O3FmMP8szPhvvkuwIsPRvtbiLQi
G8gUXyCnLmcMZhhbqCHoRml0BRTGilpvdOaTRJemUsSVtMwpl6qy/v/ElBIU18QX
xof5F8Nkm6jcicQeETypJWQ1dak+aSBBPXTdbmQA+xz6UueoDEvjVuk2lu5iZURD
Re33YrSc41OyoBjEpJSNnP0QGMgFOfqRot5DNPsjNdopLDI0ecJYqRpzDIQLpAd9
CUnD
-----END CERTIFICATE-----
Generated at Tue Oct 15 07:24:12 2024 by rpki-client on console-fra.rpki-client.org