Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/FH7lOlF_cDIwZF46FiKREfPck2A.roa
File: FH7lOlF_cDIwZF46FiKREfPck2A.roa (raw, json)
Hash identifier: 7vrZf6CA1eXm3LSB7L8yxsUyOkXtAMwB2HsIyOIqZhs=
Subject key identifier: 14:7E:E5:3A:51:7F:70:32:30:64:5E:3A:16:22:91:11:F3:DC:93:60
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018FE1D7813F0CA1AAFA039F450FA59067CC
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/FH7lOlF_cDIwZF46FiKREfPck2A.roa
Signing time: Tue 04 Jun 2024 06:02:27 +0000
ROA not before: Tue 04 Jun 2024 06:02:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33823
IP address blocks: 89.39.203.0/24 maxlen: 24
95.214.38.0/23 maxlen: 24
193.168.186.0/24 maxlen: 24
2a0e:4840::/32 maxlen: 48
2a0e:4844::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 23 Aug 2024 08:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e1:d7:81:3f:0c:a1:aa:fa:03:9f:45:0f:a5:90:67:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jun 4 06:02:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=147ee53a517f703230645e3a16229111f3dc9360
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3f:df:52:63:13:7c:17:f3:0a:be:67:47:bb:
00:0a:51:72:8e:f8:1d:4b:35:ec:38:12:6a:b3:28:
fd:e5:a6:f7:8c:cf:fb:86:44:70:c0:98:6b:4f:0e:
48:e4:42:18:49:19:1b:79:7d:6f:3e:ce:72:29:a4:
5d:53:87:fe:9e:24:b3:ef:56:f1:3c:aa:bb:82:ba:
40:20:c2:05:d1:23:75:1a:e3:b3:0f:c7:c9:68:7c:
ce:d9:0d:35:63:33:2d:54:46:95:48:ef:f7:05:05:
50:b6:de:98:ac:0d:9e:82:0c:b9:68:ef:99:4b:78:
41:4a:b6:78:5e:3d:29:fc:2b:37:80:0b:b8:ab:4a:
d1:fe:28:0e:8d:c1:ea:65:f8:71:7d:17:0f:36:df:
7c:7a:2e:9d:22:65:de:a4:9d:ca:1d:79:71:45:59:
b3:91:7e:fa:55:12:3e:94:74:a1:b5:34:cf:ac:d4:
c3:bd:18:10:e9:a7:42:72:5f:83:d4:72:c4:06:d4:
ac:0c:80:09:d4:de:21:78:16:b8:80:c3:17:e4:49:
7d:ed:c6:66:61:ce:a8:d9:7a:66:f3:b4:ea:6d:8f:
cd:20:4a:68:c0:99:f2:f9:a6:77:34:db:14:1f:fd:
d5:5a:30:72:9b:a1:b5:6d:b3:05:3e:6f:f9:70:63:
61:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7E:E5:3A:51:7F:70:32:30:64:5E:3A:16:22:91:11:F3:DC:93:60
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/FH7lOlF_cDIwZF46FiKREfPck2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.203.0/24
95.214.38.0/23
193.168.186.0/24
IPv6:
2a0e:4840::/32
2a0e:4844::/32
Signature Algorithm: sha256WithRSAEncryption
c6:99:39:84:cc:9b:3d:38:6b:0f:fc:a1:4a:b1:9d:5a:cf:0d:
9a:72:25:5d:1a:1f:71:39:ca:bb:30:72:28:fa:ad:57:96:48:
dc:4c:46:cb:3c:92:bc:74:fd:cb:34:c3:6c:2e:d2:45:98:79:
56:83:0e:ba:39:c4:10:9d:c7:47:31:dd:63:78:60:4c:de:55:
34:55:fa:c8:4c:a9:39:2c:7e:3b:6c:e7:2d:fd:9e:5b:13:8e:
34:94:31:b8:0e:72:a2:09:a5:c9:30:49:5c:8d:25:ff:3a:06:
af:2c:2d:fc:2e:40:c0:91:6f:81:68:06:cf:23:d1:ae:eb:d8:
6a:7a:42:a7:2e:ba:8b:cd:31:bd:bd:9a:cb:1d:1b:2d:9e:8d:
99:95:98:cc:0b:56:62:de:1a:69:53:6b:06:9f:e9:9d:21:0e:
23:9a:29:cc:ca:ae:59:22:96:ef:b1:41:e1:73:14:ee:59:5c:
5f:8f:23:cf:21:59:91:a2:3a:1c:10:07:18:d7:3e:d8:f7:ac:
8d:02:bf:c9:8c:9d:85:d7:c7:85:64:f3:26:ab:da:ca:1e:78:
e1:04:02:57:5a:65:9e:48:e1:7a:ed:03:30:05:02:27:d7:90:
14:e5:99:24:7d:d7:74:36:f8:b4:f2:3b:cd:90:92:fe:9d:c5:
68:5b:b5:a8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY/h14E/DKGq+gOfRQ+lkGfMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwNjA0MDYwMjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdlZTUzYTUxN2Y3MDMyMzA2NDVlM2ExNjIyOTExMWYzZGM5MzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqT/fUmMTfBfzCr5nR7sAClFyjvgd
SzXsOBJqsyj95ab3jM/7hkRwwJhrTw5I5EIYSRkbeX1vPs5yKaRdU4f+niSz71bx
PKq7grpAIMIF0SN1GuOzD8fJaHzO2Q01YzMtVEaVSO/3BQVQtt6YrA2eggy5aO+Z
S3hBSrZ4Xj0p/Cs3gAu4q0rR/igOjcHqZfhxfRcPNt98ei6dImXepJ3KHXlxRVmz
kX76VRI+lHShtTTPrNTDvRgQ6adCcl+D1HLEBtSsDIAJ1N4heBa4gMMX5El97cZm
Yc6o2Xpm87TqbY/NIEpowJny+aZ3NNsUH/3VWjBym6G1bbMFPm/5cGNh8wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBR+5TpRf3AyMGReOhYikRHz3JNgMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvRkg3bE9sRl9jREl3WkY0NkZpS1JFZlBjazJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAWSfLAwQB
X9YmAwQAwai6MBQEAgACMA4DBQAqDkhAAwUAKg5IRDANBgkqhkiG9w0BAQsFAAOC
AQEAxpk5hMybPThrD/yhSrGdWs8NmnIlXRofcTnKuzByKPqtV5ZI3ExGyzySvHT9
yzTDbC7SRZh5VoMOujnEEJ3HRzHdY3hgTN5VNFX6yEypOSx+O2znLf2eWxOONJQx
uA5yogmlyTBJXI0l/zoGrywt/C5AwJFvgWgGzyPRruvYanpCpy66i80xvb2ayx0b
LZ6NmZWYzAtWYt4aaVNrBp/pnSEOI5opzMquWSKW77FB4XMU7llcX48jzyFZkaI6
HBAHGNc+2PesjQK/yYydhdfHhWTzJqvayh544QQCV1plnkjheu0DMAUCJ9eQFOWZ
JH3XdDb4tPI7zZCS/p3FaFu1qA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:14 2025 by rpki-client