Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/fdKqyn5aUh_EhIXyxv2w-W4-wo0.roa
File: fdKqyn5aUh_EhIXyxv2w-W4-wo0.roa (raw, json)
Hash identifier: j+ZLIQSt9WFO3gd+AO0PFNHTQih7d69ALAL7XbwXAWM=
Subject key identifier: 7D:D2:AA:CA:7E:5A:52:1F:C4:84:85:F2:C6:FD:B0:F9:6E:3E:C2:8D
Certificate issuer: /CN=1003cd25315330350d73f2a3579aa95e052b718d
Certificate serial: 01928EDBA42DE28A5CD1DF23115A0DBDFB33
Authority key identifier: 10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/fdKqyn5aUh_EhIXyxv2w-W4-wo0.roa
Signing time: Tue 15 Oct 2024 06:26:51 +0000
ROA not before: Tue 15 Oct 2024 06:26:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16116
IP address blocks: 130.185.96.0/21 maxlen: 24
141.226.88.0/21 maxlen: 24
141.226.90.0/24 maxlen: 24
147.189.144.0/22 maxlen: 24
147.189.148.0/23 maxlen: 24
185.196.126.0/23 maxlen: 24
185.246.252.0/23 maxlen: 24
185.246.254.0/24 maxlen: 24
185.246.255.0/24 maxlen: 24
212.90.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Nov 2024 08:28:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:db:a4:2d:e2:8a:5c:d1:df:23:11:5a:0d:bd:fb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1003cd25315330350d73f2a3579aa95e052b718d
Validity
Not Before: Oct 15 06:26:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7dd2aaca7e5a521fc48485f2c6fdb0f96e3ec28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:02:21:f9:a9:49:f9:7a:04:fd:1d:b5:ab:8a:
0e:53:f4:7a:97:ee:98:4d:30:db:e9:38:1c:ac:67:
55:11:6b:6f:94:ac:e8:44:7b:01:3e:fb:e0:91:55:
e5:3f:19:ee:92:9e:89:0b:6c:ba:3a:32:8a:66:15:
7b:68:2a:87:05:0b:a0:fd:c9:fb:f8:10:c3:27:93:
79:be:6f:57:4f:05:a1:25:77:39:94:f8:f0:a8:1c:
c6:51:6b:07:c6:46:8c:83:50:3e:67:a1:f3:9f:19:
08:89:58:bf:f1:a4:8c:2e:68:8f:0d:ed:8d:4b:5c:
4c:ac:12:64:43:05:7c:b8:fd:8a:01:59:18:68:cc:
00:f4:84:ab:2f:90:9e:2b:6c:be:6c:38:fe:28:aa:
df:24:56:07:27:f4:89:f2:17:ad:9d:16:93:f5:9c:
a9:92:3b:d3:df:18:b9:d6:d6:a4:7b:3d:bd:d2:da:
7e:26:c9:ca:ea:9e:8b:3d:9b:87:21:9c:20:94:39:
9a:ca:2d:82:49:e4:fd:33:af:24:3e:d6:4f:8a:0f:
b4:7e:77:6e:3d:25:20:61:32:7b:63:f8:c9:97:77:
9c:b1:1b:04:77:6a:ec:70:a2:2e:ca:5f:4e:c4:19:
1e:31:e3:81:b7:ed:f1:20:e3:c2:59:7c:3c:49:6d:
a8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D2:AA:CA:7E:5A:52:1F:C4:84:85:F2:C6:FD:B0:F9:6E:3E:C2:8D
X509v3 Authority Key Identifier:
keyid:10:03:CD:25:31:53:30:35:0D:73:F2:A3:57:9A:A9:5E:05:2B:71:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAPNJTFTMDUNc_KjV5qpXgUrcY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/fdKqyn5aUh_EhIXyxv2w-W4-wo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/597232-f846-4fd7-bcc2-6afef5d0daa6/1/EAPNJTFTMDUNc_KjV5qpXgUrcY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.96.0/21
141.226.88.0/21
147.189.144.0-147.189.149.255
185.196.126.0/23
185.246.252.0/22
212.90.108.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:82:eb:16:6f:70:64:82:d4:cb:8c:38:c2:b9:8d:c5:5f:25:
c5:66:ac:60:dc:1b:7a:74:20:43:50:b6:95:a2:e6:38:8d:13:
52:30:37:6b:2e:20:5c:d2:46:57:61:75:eb:4c:cb:56:69:26:
ab:5a:38:36:87:0b:3e:5b:c1:87:06:81:fa:cf:3f:86:5e:d9:
79:31:e1:ad:31:b5:e1:85:85:d8:5e:e0:9d:07:87:ab:c5:c3:
33:56:8e:fc:be:e6:79:cd:59:7d:ba:64:a5:f6:5f:8f:e1:67:
21:55:ad:e6:53:d2:96:24:06:c2:85:2e:ae:f7:fe:dd:87:07:
91:16:df:47:45:77:72:ef:66:89:cb:12:4b:3c:d7:da:92:a9:
3c:aa:0a:e9:86:eb:06:2c:71:aa:66:ac:cf:c1:13:8c:79:f9:
55:22:4a:d0:e9:0f:ab:1a:aa:80:e6:41:95:fd:4c:86:94:1c:
86:e2:59:f3:19:e3:16:c1:ef:c5:f9:3b:3d:09:aa:ad:fd:6a:
db:9b:a8:58:54:0f:a7:e4:51:f1:cb:15:f9:a7:44:74:69:be:
1c:f7:6d:03:e4:e7:4b:96:fe:c2:15:2c:f5:fb:1f:ad:7e:cb:
dc:5e:41:1e:35:b0:04:ce:72:64:77:ae:bb:ba:32:58:6a:6e:
0c:3b:2c:2e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKO26Qt4opc0d8jEVoNvfszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDNjZDI1MzE1MzMwMzUwZDczZjJhMzU3OWFhOTVlMDUy
YjcxOGQwHhcNMjQxMDE1MDYyNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQyYWFjYTdlNWE1MjFmYzQ4NDg1ZjJjNmZkYjBmOTZlM2VjMjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAIh+alJ+XoE/R21q4oOU/R6l+6Y
TTDb6TgcrGdVEWtvlKzoRHsBPvvgkVXlPxnukp6JC2y6OjKKZhV7aCqHBQug/cn7
+BDDJ5N5vm9XTwWhJXc5lPjwqBzGUWsHxkaMg1A+Z6HznxkIiVi/8aSMLmiPDe2N
S1xMrBJkQwV8uP2KAVkYaMwA9ISrL5CeK2y+bDj+KKrfJFYHJ/SJ8hetnRaT9Zyp
kjvT3xi51takez290tp+JsnK6p6LPZuHIZwglDmayi2CSeT9M68kPtZPig+0fndu
PSUgYTJ7Y/jJl3ecsRsEd2rscKIuyl9OxBkeMeOBt+3xIOPCWXw8SW2ocQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFH3Sqsp+WlIfxISF8sb9sPluPsKNMB8GA1UdIwQY
MBaAFBADzSUxUzA1DXPyo1eaqV4FK3GNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzIt
NmFmZWY1ZDBkYWE2LzEvZmRLcXluNWFVaF9FaElYeXh2MnctVzQtd28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81OTcyMzItZjg0Ni00ZmQ3LWJjYzItNmFmZWY1ZDBkYWE2
LzEvRUFQTkpURlRNRFVOY19LalY1cXBYZ1VyY1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDgrlgAwQD
jeJYMAwDBASTvZADBAGTvZQDBAG5xH4DBAK59vwDBALUWmwwDQYJKoZIhvcNAQEL
BQADggEBANeC6xZvcGSC1MuMOMK5jcVfJcVmrGDcG3p0IENQtpWi5jiNE1IwN2su
IFzSRldhdetMy1ZpJqtaODaHCz5bwYcGgfrPP4Ze2Xkx4a0xteGFhdhe4J0Hh6vF
wzNWjvy+5nnNWX26ZKX2X4/hZyFVreZT0pYkBsKFLq73/t2HB5EW30dFd3LvZonL
Eks819qSqTyqCumG6wYscapmrM/BE4x5+VUiStDpD6saqoDmQZX9TIaUHIbiWfMZ
4xbB78X5Oz0Jqq39atubqFhUD6fkUfHLFfmnRHRpvhz3bQPk50uW/sIVLPX7H61+
y9xeQR41sATOcmR3rru6Mlhqbgw7LC4=
-----END CERTIFICATE-----
Generated at Tue Nov 5 10:21:31 2024 by rpki-client on console-fra.rpki-client.org