Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/FaFYYNAahfvgiLDKagEF_lFvuw8.roa
File: FaFYYNAahfvgiLDKagEF_lFvuw8.roa (raw, json)
Hash identifier: G9xH/fIP+sWG/C/+zlcKD6sqtNRKjyPGt+y4JCjoyXo=
Subject key identifier: 15:A1:58:60:D0:1A:85:FB:E0:88:B0:CA:6A:01:05:FE:51:6F:BB:0F
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 018CAD777D36BCDD81149A0EBFFEBAE48534
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/FaFYYNAahfvgiLDKagEF_lFvuw8.roa
Signing time: Wed 27 Dec 2023 22:48:58 +0000
ROA not before: Wed 27 Dec 2023 22:48:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.7.82.0/24 maxlen: 24
185.7.83.0/24 maxlen: 24
2a03:403::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ad:77:7d:36:bc:dd:81:14:9a:0e:bf:fe:ba:e4:85:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Dec 27 22:48:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15a15860d01a85fbe088b0ca6a0105fe516fbb0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bb:a2:60:30:1c:ad:79:c6:e8:b8:8e:ad:c8:
f5:f7:d9:d1:62:83:4e:57:95:ed:b3:b7:23:7b:8c:
53:99:56:50:41:c6:98:3f:1e:d1:11:b9:72:a5:d3:
0f:67:52:4e:bc:c4:50:4d:bb:af:ae:ca:5c:4b:fc:
f8:25:1e:ab:f6:12:30:a5:ce:23:2d:8a:76:b0:7a:
ed:03:a2:92:97:97:55:fc:3b:9c:1c:17:db:f5:71:
08:06:f3:f1:81:eb:e0:09:43:e7:ee:23:58:f1:f2:
b8:d1:31:61:ff:a4:0e:d3:45:8a:83:e5:3a:ec:67:
4a:37:04:87:e8:5f:f0:d9:b9:38:c7:87:ae:08:77:
d3:47:8f:d5:84:8f:01:4c:e3:c7:11:90:87:e0:50:
53:b6:4c:65:64:63:b1:d5:d3:a9:63:ad:a1:f4:56:
85:25:09:6d:8d:b2:f0:81:6b:d9:28:2e:af:63:89:
b0:40:70:19:67:10:c9:6e:0a:d4:7a:c2:36:85:f9:
00:b1:bb:a4:61:25:ad:c0:2c:d9:29:01:39:3a:c8:
e6:13:06:23:fb:2a:74:0c:3c:ec:bf:5e:67:99:a6:
3a:42:24:cc:a3:00:81:a0:71:8b:a9:4f:c3:91:41:
6b:f4:6d:d4:22:58:b1:d6:06:f0:c0:c4:32:33:17:
c3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A1:58:60:D0:1A:85:FB:E0:88:B0:CA:6A:01:05:FE:51:6F:BB:0F
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/FaFYYNAahfvgiLDKagEF_lFvuw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.82.0/23
IPv6:
2a03:403::/32
Signature Algorithm: sha256WithRSAEncryption
cd:ec:ac:e8:5b:48:03:4d:65:0b:9a:df:de:cb:dd:c3:1b:01:
2e:7a:f1:60:5d:51:ea:42:f9:63:ee:7f:91:3c:cc:f2:95:1c:
28:a2:97:72:55:ed:d2:39:83:24:a3:52:7b:54:91:8c:e8:e7:
46:bd:e1:ca:4d:de:3d:07:f4:2f:c5:e5:22:40:a9:af:c1:5e:
24:76:e3:6d:f6:da:bd:fe:83:09:32:da:51:ba:58:62:79:5b:
db:fe:67:1a:15:8c:a9:7f:97:18:ab:06:2a:5b:7c:98:d7:51:
a6:30:09:3f:71:89:f3:61:67:17:dc:76:25:50:16:ca:fc:04:
a7:37:e1:21:d1:d1:35:18:88:9a:eb:59:da:49:eb:5b:ae:44:
37:a5:4c:be:3f:de:21:fa:86:0a:0c:b3:65:b2:a8:2e:dd:1d:
df:c4:04:18:e2:bd:1d:b5:fe:9d:d0:42:35:1f:e8:0d:64:89:
8c:09:8b:a3:06:38:83:b3:81:37:22:4f:24:7e:11:76:5a:ef:
c5:06:6b:90:13:2a:ef:09:37:3b:19:81:3b:5b:9c:71:66:e2:
b9:43:1e:76:82:51:e4:b2:20:5e:fa:d1:35:db:a6:75:7a:12:
05:a7:5f:71:34:a6:e3:22:35:bd:02:29:3f:8c:68:1e:9d:10:
fd:e9:a0:29
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYytd302vN2BFJoOv/665IU0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjMxMjI3MjI0ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWExNTg2MGQwMWE4NWZiZTA4OGIwY2E2YTAxMDVmZTUxNmZiYjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7uiYDAcrXnG6LiOrcj199nRYoNO
V5Xts7cje4xTmVZQQcaYPx7REblypdMPZ1JOvMRQTbuvrspcS/z4JR6r9hIwpc4j
LYp2sHrtA6KSl5dV/DucHBfb9XEIBvPxgevgCUPn7iNY8fK40TFh/6QO00WKg+U6
7GdKNwSH6F/w2bk4x4euCHfTR4/VhI8BTOPHEZCH4FBTtkxlZGOx1dOpY62h9FaF
JQltjbLwgWvZKC6vY4mwQHAZZxDJbgrUesI2hfkAsbukYSWtwCzZKQE5OsjmEwYj
+yp0DDzsv15nmaY6QiTMowCBoHGLqU/DkUFr9G3UIlix1gbwwMQyMxfD/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBWhWGDQGoX74IiwymoBBf5Rb7sPMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvRmFGWVlOQWFoZnZnaUxES2FnRUZfbEZ2dXc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuQdSMA0E
AgACMAcDBQAqAwQDMA0GCSqGSIb3DQEBCwUAA4IBAQDN7KzoW0gDTWULmt/ey93D
GwEuevFgXVHqQvlj7n+RPMzylRwoopdyVe3SOYMko1J7VJGM6OdGveHKTd49B/Qv
xeUiQKmvwV4kduNt9tq9/oMJMtpRulhieVvb/mcaFYypf5cYqwYqW3yY11GmMAk/
cYnzYWcX3HYlUBbK/ASnN+Eh0dE1GIia61naSetbrkQ3pUy+P94h+oYKDLNlsqgu
3R3fxAQY4r0dtf6d0EI1H+gNZImMCYujBjiDs4E3Ik8kfhF2Wu/FBmuQEyrvCTc7
GYE7W5xxZuK5Qx52glHksiBe+tE126Z1ehIFp19xNKbjIjW9Aik/jGgenRD96aAp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:39 2024 by rpki-client on console-fra.rpki-client.org