Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fPeAMdHFpo-1x7u1-EjO9c295wY.roa
File: fPeAMdHFpo-1x7u1-EjO9c295wY.roa (raw, json)
Hash identifier: aYgviAva7hIhRWAllnOz6WvQGFbi/c0yaizaaIFXziM=
Subject key identifier: 7C:F7:80:31:D1:C5:A6:8F:B5:C7:BB:B5:F8:48:CE:F5:CD:BD:E7:06
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018B947AED1EF763694F00B58EB653FB8DE5
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fPeAMdHFpo-1x7u1-EjO9c295wY.roa
Signing time: Fri 03 Nov 2023 09:19:25 +0000
ROA not before: Fri 03 Nov 2023 09:19:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 193.176.210.0/24 maxlen: 24
45.85.124.0/22 maxlen: 24
45.130.136.0/24 maxlen: 24
45.91.20.0/24 maxlen: 24
45.91.22.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e340::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:7a:ed:1e:f7:63:69:4f:00:b5:8e:b6:53:fb:8d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Nov 3 09:19:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cf78031d1c5a68fb5c7bbb5f848cef5cdbde706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:74:46:c6:65:43:a5:33:64:99:f1:03:01:37:
18:74:6f:e0:50:16:7f:eb:b2:56:b7:da:2e:5a:91:
ac:7a:b5:57:9a:23:bb:25:f3:9a:97:e3:3d:c8:04:
0e:4f:fc:b3:ff:f9:04:25:e2:01:be:12:19:44:71:
a9:2b:d3:66:5b:81:52:26:ae:92:c9:b1:42:4e:fb:
b0:f4:1f:f8:77:3e:20:7a:2f:b1:ed:0f:74:8f:0f:
41:1e:17:c3:f1:3d:a6:e9:6b:db:9c:18:d2:f8:12:
f7:cb:f9:4a:a2:eb:b5:0b:3e:1d:64:12:06:97:f0:
be:00:ea:8d:ba:db:7e:78:4d:67:ab:c2:fd:29:51:
d1:51:33:53:74:6c:65:a2:98:e7:85:49:ce:c1:17:
cd:d1:0b:d6:ac:d2:86:f5:e4:db:85:ab:5e:bc:e0:
96:6b:74:67:8d:5c:10:d9:44:95:0f:e8:81:3e:49:
f4:c9:dc:ad:34:d8:c4:c4:49:9d:f9:a2:ab:92:63:
74:e7:56:33:80:17:b5:34:6d:02:5b:1e:65:59:e3:
55:3b:4c:08:26:6a:03:d6:2e:58:b1:53:dc:bd:52:
05:92:93:60:d5:f5:39:22:d1:3b:e5:d5:43:d6:49:
8c:5f:a3:12:d7:93:9a:ec:05:3c:d5:33:e1:05:a0:
b7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F7:80:31:D1:C5:A6:8F:B5:C7:BB:B5:F8:48:CE:F5:CD:BD:E7:06
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/fPeAMdHFpo-1x7u1-EjO9c295wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.124.0/22
45.91.20.0/24
45.91.22.0/24
45.130.136.0/24
45.132.193.0/24
193.176.210.0/24
IPv6:
2a07:e340::/31
Signature Algorithm: sha256WithRSAEncryption
6a:72:d3:7b:1e:b2:1f:94:c4:fc:15:b1:8f:17:5a:91:b4:3f:
24:0f:5b:99:e2:37:58:aa:6c:6c:88:18:6c:fa:f6:86:38:06:
b5:c7:89:d7:f8:3c:27:6b:49:d6:ea:d8:9d:16:6b:4a:6d:e4:
ed:4c:a0:ed:ec:07:a3:7c:c7:ce:d3:58:8f:3f:eb:2d:ea:cf:
02:84:9f:62:7c:a1:3f:cc:07:e5:ad:2b:17:b1:a3:be:c7:24:
41:db:62:22:ad:cf:83:a8:ad:26:bf:5e:20:26:f9:ca:a1:99:
2d:71:58:56:b6:6c:2d:5d:06:64:51:0b:95:78:e7:f7:4f:7d:
1e:86:5c:d6:b2:c1:80:09:87:96:16:78:bc:5e:f1:4b:f7:04:
7c:5d:27:8a:22:fe:9e:6a:9a:79:9e:92:91:8d:73:2d:bc:08:
2f:b7:05:f3:21:91:1b:4e:b1:59:b5:ce:60:4e:51:a8:d0:dc:
05:2e:fe:f0:7d:04:73:60:36:76:55:c8:dd:b9:65:c9:d1:4d:
6c:36:7c:2a:53:0a:6e:f8:f7:8a:53:3a:37:5b:b9:fe:15:0a:
f5:e3:70:3f:c6:b5:9a:d2:05:77:68:4f:a0:54:9b:8a:3a:00:
19:0d:12:38:2a:69:69:e3:0e:0f:89:41:06:f9:66:ca:6f:78:
76:9a:c3:0c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYuUeu0e92NpTwC1jrZT+43lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjMxMTAzMDkxOTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y3ODAzMWQxYzVhNjhmYjVjN2JiYjVmODQ4Y2VmNWNkYmRlNzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnRGxmVDpTNkmfEDATcYdG/gUBZ/
67JWt9ouWpGserVXmiO7JfOal+M9yAQOT/yz//kEJeIBvhIZRHGpK9NmW4FSJq6S
ybFCTvuw9B/4dz4gei+x7Q90jw9BHhfD8T2m6WvbnBjS+BL3y/lKouu1Cz4dZBIG
l/C+AOqNutt+eE1nq8L9KVHRUTNTdGxlopjnhUnOwRfN0QvWrNKG9eTbhatevOCW
a3RnjVwQ2USVD+iBPkn0ydytNNjExEmd+aKrkmN051YzgBe1NG0CWx5lWeNVO0wI
JmoD1i5YsVPcvVIFkpNg1fU5ItE75dVD1kmMX6MS15Oa7AU81TPhBaC3WQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHz3gDHRxaaPtce7tfhIzvXNvecGMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvZlBlQU1kSEZwby0xeDd1MS1Fak85YzI5NXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVV8AwQA
LVsUAwQALVsWAwQALYKIAwQALYTBAwQAwbDSMA0EAgACMAcDBQEqB+NAMA0GCSqG
SIb3DQEBCwUAA4IBAQBqctN7HrIflMT8FbGPF1qRtD8kD1uZ4jdYqmxsiBhs+vaG
OAa1x4nX+Dwna0nW6tidFmtKbeTtTKDt7AejfMfO01iPP+st6s8ChJ9ifKE/zAfl
rSsXsaO+xyRB22Iirc+DqK0mv14gJvnKoZktcVhWtmwtXQZkUQuVeOf3T30ehlzW
ssGACYeWFni8XvFL9wR8XSeKIv6eapp5npKRjXMtvAgvtwXzIZEbTrFZtc5gTlGo
0NwFLv7wfQRzYDZ2VcjduWXJ0U1sNnwqUwpu+PeKUzo3W7n+FQr143A/xrWa0gV3
aE+gVJuKOgAZDRI4Kmlp4w4PiUEG+WbKb3h2msMM
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:43 2024 by rpki-client on console-ams.rpki-client.org