Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/FMW3LXrkjH4IH6KDRsEpFZxjg7c.roa
File: FMW3LXrkjH4IH6KDRsEpFZxjg7c.roa (raw, json)
Hash identifier: OatP6ibrUH+BBfkDEK8J7YmEKr2Jz9HQ78eTfabo6SM=
Subject key identifier: 14:C5:B7:2D:7A:E4:8C:7E:08:1F:A2:83:46:C1:29:15:9C:63:83:B7
Certificate issuer: /CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Certificate serial: 0185708C99D13B38DB5830F17691C26D14C1
Authority key identifier: C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/FMW3LXrkjH4IH6KDRsEpFZxjg7c.roa
Signing time: Mon 02 Jan 2023 03:35:40 +0000
ROA not before: Mon 02 Jan 2023 03:35:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 55002
IP address blocks: 194.33.70.0/23 maxlen: 23
194.33.68.0/24 maxlen: 24
2001:67c:2994::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:99:d1:3b:38:db:58:30:f1:76:91:c2:6d:14:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a2e4eb9fd3ccd1ba44a362f76f989b7b44d5f2
Validity
Not Before: Jan 2 03:35:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14c5b72d7ae48c7e081fa28346c129159c6383b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0b:8c:ad:1a:8f:f2:44:d7:1f:89:b5:37:1d:
b4:80:5e:76:da:30:b2:e3:92:ae:fe:26:0c:87:a5:
d0:61:18:8c:41:0d:5b:a3:82:7a:3a:97:e3:e6:39:
db:2a:91:45:c5:59:32:9a:63:84:dc:b7:31:fb:91:
53:94:cd:bd:9d:d1:20:50:8a:c7:10:85:b4:a7:8c:
92:72:10:c3:89:aa:af:22:5b:31:82:4c:fa:23:67:
f7:3c:14:78:43:3a:1b:7e:c4:79:2a:2f:b4:09:46:
a6:d2:a5:91:21:77:33:95:77:be:53:0a:b2:b6:92:
98:72:7f:c1:fc:2d:9e:ff:6b:f6:01:b2:0b:e4:18:
d5:3c:c1:a4:35:51:87:a1:7a:e0:70:31:22:7a:99:
52:ff:23:88:4f:2a:03:37:ba:4f:92:bd:17:52:e7:
29:a8:db:f5:32:df:99:25:2f:3b:72:52:7d:13:4f:
a2:88:2c:f8:2d:c9:56:60:a0:ea:d9:62:6f:df:21:
77:54:2b:cd:e0:f0:e6:9c:fc:51:22:46:e5:c5:a5:
98:e6:5f:f1:39:64:77:73:e9:70:cd:47:67:96:28:
ec:4a:b3:1a:90:e4:bf:84:e3:ea:65:a4:73:2c:ae:
c4:14:80:7a:71:b5:4b:99:2d:b1:43:80:bf:12:ee:
a6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C5:B7:2D:7A:E4:8C:7E:08:1F:A2:83:46:C1:29:15:9C:63:83:B7
X509v3 Authority Key Identifier:
keyid:C7:A2:E4:EB:9F:D3:CC:D1:BA:44:A3:62:F7:6F:98:9B:7B:44:D5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6Lk65_TzNG6RKNi92-Ym3tE1fI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/FMW3LXrkjH4IH6KDRsEpFZxjg7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0e4976-e750-4568-8583-de6ef7c95526/1/x6Lk65_TzNG6RKNi92-Ym3tE1fI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.68.0/24
194.33.70.0/23
IPv6:
2001:67c:2994::/48
Signature Algorithm: sha256WithRSAEncryption
67:a4:2e:62:49:78:2e:74:e2:06:05:32:4a:4c:7e:d4:d5:5d:
57:c7:4f:52:40:e2:5f:e0:cd:4b:82:ce:ce:48:a6:12:9e:ca:
5b:df:95:a1:46:a7:03:df:3c:6e:d1:2d:79:8a:69:2a:92:d8:
55:46:ed:bd:20:7f:3c:5f:15:c9:96:2c:a5:06:3c:4d:a1:5d:
1d:43:bd:0b:f5:1c:38:e8:77:c7:73:13:b9:fa:43:21:1c:82:
f1:eb:86:bc:c2:17:5f:8c:c9:cb:2c:85:da:53:f4:a9:6d:b2:
72:9d:4a:13:67:81:ef:6a:3e:49:9f:58:46:3b:43:ec:04:db:
b0:fb:73:f3:69:ea:0f:21:fe:99:95:a8:5b:af:f5:0a:5f:01:
a7:66:23:57:3d:71:96:83:39:aa:e6:8a:b1:47:0e:b5:92:a5:
32:5c:8a:6d:e6:eb:04:7f:c6:28:e8:79:c1:e5:de:3a:dc:a7:
81:8d:26:3c:50:13:28:3c:51:cf:56:96:85:ab:38:0d:c8:e3:
fe:f1:d7:f4:c6:cf:10:01:9d:fb:cc:d7:d5:76:18:91:9d:76:
a5:b9:56:ad:e6:80:6a:a3:9c:d0:17:c3:7a:4a:1b:3b:9d:98:
fd:69:d4:0a:74:06:70:3a:9f:b7:e6:23:d6:f3:78:90:2e:90:
7f:ce:68:2d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVwjJnROzjbWDDxdpHCbRTBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YTJlNGViOWZkM2NjZDFiYTQ0YTM2MmY3NmY5ODliN2I0
NGQ1ZjIwHhcNMjMwMTAyMDMzNTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGM1YjcyZDdhZTQ4YzdlMDgxZmEyODM0NmMxMjkxNTljNjM4M2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAuMrRqP8kTXH4m1Nx20gF522jCy
45Ku/iYMh6XQYRiMQQ1bo4J6Opfj5jnbKpFFxVkymmOE3Lcx+5FTlM29ndEgUIrH
EIW0p4ySchDDiaqvIlsxgkz6I2f3PBR4QzobfsR5Ki+0CUam0qWRIXczlXe+Uwqy
tpKYcn/B/C2e/2v2AbIL5BjVPMGkNVGHoXrgcDEieplS/yOITyoDN7pPkr0XUucp
qNv1Mt+ZJS87clJ9E0+iiCz4LclWYKDq2WJv3yF3VCvN4PDmnPxRIkblxaWY5l/x
OWR3c+lwzUdnlijsSrMakOS/hOPqZaRzLK7EFIB6cbVLmS2xQ4C/Eu6mCQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBTFty165Ix+CB+ig0bBKRWcY4O3MB8GA1UdIwQY
MBaAFMei5Ouf08zRukSjYvdvmJt7RNXyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMt
ZGU2ZWY3Yzk1NTI2LzEvRk1XM0xYcmtqSDRJSDZLRFJzRXBGWnhqZzdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8wZTQ5NzYtZTc1MC00NTY4LTg1ODMtZGU2ZWY3Yzk1NTI2
LzEveDZMazY1X1R6Tkc2UktOaTkyLVltM3RFMWZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwiFEAwQB
wiFGMA8EAgACMAkDBwAgAQZ8KZQwDQYJKoZIhvcNAQELBQADggEBAGekLmJJeC50
4gYFMkpMftTVXVfHT1JA4l/gzUuCzs5IphKeylvflaFGpwPfPG7RLXmKaSqS2FVG
7b0gfzxfFcmWLKUGPE2hXR1DvQv1HDjod8dzE7n6QyEcgvHrhrzCF1+MycsshdpT
9KltsnKdShNnge9qPkmfWEY7Q+wE27D7c/Np6g8h/pmVqFuv9QpfAadmI1c9cZaD
OarmirFHDrWSpTJcim3m6wR/xijoecHl3jrcp4GNJjxQEyg8Uc9WloWrOA3I4/7x
1/TGzxABnfvM19V2GJGddqW5Vq3mgGqjnNAXw3pKGzudmP1p1Ap0BnA6n7fmI9bz
eJAukH/OaC0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:58 2024 by rpki-client on console-ams.rpki-client.org