Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/F_fD_bqatHe4qPugvtTZLShrsmY.roa
File: F_fD_bqatHe4qPugvtTZLShrsmY.roa (raw, json)
Hash identifier: gxIc66867ZsIukYGdfpxH/k5sZnRKqBGETam9/B2F28=
Subject key identifier: 17:F7:C3:FD:BA:9A:B4:77:B8:A8:FB:A0:BE:D4:D9:2D:28:6B:B2:66
Certificate issuer: /CN=d7401e0249418b357547268824f6244925d8db39
Certificate serial: 0189DF6A14074D85B81A1C39745970DA0AD0
Authority key identifier: D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/F_fD_bqatHe4qPugvtTZLShrsmY.roa
Signing time: Thu 10 Aug 2023 12:26:58 +0000
ROA not before: Thu 10 Aug 2023 12:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24904
IP address blocks: 185.97.101.0/24 maxlen: 24
185.97.103.0/24 maxlen: 24
185.97.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:6a:14:07:4d:85:b8:1a:1c:39:74:59:70:da:0a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7401e0249418b357547268824f6244925d8db39
Validity
Not Before: Aug 10 12:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17f7c3fdba9ab477b8a8fba0bed4d92d286bb266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:62:db:e9:16:dd:ad:de:e9:4b:27:6c:4b:e1:
8c:33:8a:ae:4b:e0:ac:7f:52:7c:5c:13:97:25:ff:
07:9f:b8:54:1b:d8:68:c2:14:af:2e:09:b0:1b:b0:
f1:08:a6:96:23:c9:02:d2:90:38:12:a9:eb:17:5b:
82:69:97:97:5f:b2:1f:9d:36:20:03:21:c5:cf:2a:
9f:cd:64:7d:41:83:6d:ee:56:3c:2b:52:98:a3:0a:
0a:d3:49:99:aa:fa:c8:d2:bf:bf:3e:5b:88:2b:51:
39:1a:ca:00:16:79:ed:97:a5:0a:ab:63:a0:1e:cb:
29:ce:c9:bb:5d:de:d4:e2:e1:2a:9c:1a:72:ba:0c:
82:26:3d:f8:94:4d:fa:2a:60:15:ea:8b:1f:8e:ba:
40:ac:e1:1c:b6:b1:ea:a3:f2:29:64:19:44:32:6a:
33:f0:8b:ab:ae:36:53:04:c4:b7:b9:14:db:f4:8a:
e6:b2:34:00:a9:73:da:7a:0f:32:66:a0:9b:6b:94:
49:a1:52:7d:f8:c4:03:69:1e:15:2d:35:28:e3:38:
14:1c:c8:63:2b:16:bf:8f:e7:fa:03:f7:15:d4:81:
3c:a2:57:65:9e:81:a3:94:a9:09:d1:aa:b6:9a:a8:
6f:40:59:26:13:45:7a:f9:2f:87:48:6e:ca:ed:2a:
bb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F7:C3:FD:BA:9A:B4:77:B8:A8:FB:A0:BE:D4:D9:2D:28:6B:B2:66
X509v3 Authority Key Identifier:
keyid:D7:40:1E:02:49:41:8B:35:75:47:26:88:24:F6:24:49:25:D8:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10AeAklBizV1RyaIJPYkSSXY2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/F_fD_bqatHe4qPugvtTZLShrsmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/d73137-b089-4db4-b6b2-507891395417/1/10AeAklBizV1RyaIJPYkSSXY2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.101.0-185.97.103.255
Signature Algorithm: sha256WithRSAEncryption
20:32:35:2e:fc:4b:8f:97:49:74:42:21:df:aa:05:71:f4:43:
f2:75:21:c4:68:56:18:fc:ea:34:6a:36:8b:d2:36:1b:7c:1b:
16:aa:92:1d:81:7e:50:31:95:bd:0f:91:12:64:8a:15:de:18:
34:4a:7f:3f:f8:b8:40:6f:ed:b0:ba:7a:d5:27:a8:4b:58:c8:
68:a6:f2:d3:0a:e7:4f:73:c6:38:95:cf:94:13:6c:b5:4c:d3:
61:39:b4:81:99:c1:df:b9:69:4b:d8:56:ba:fa:3f:f5:05:95:
89:32:22:c5:c3:3e:e1:6a:d3:19:e8:05:ee:d1:9c:51:3b:1f:
56:a6:ac:29:0d:b3:4b:fd:5c:e9:ec:e3:34:e2:d7:f0:d8:2c:
e3:75:8b:41:d3:55:6f:91:fd:63:cb:04:b6:fb:bb:ed:7a:72:
16:28:b0:99:6f:e4:52:e5:82:e8:bd:af:dd:9e:89:9e:09:8c:
23:97:da:30:0f:a5:97:a5:d3:7f:54:78:13:55:1b:2e:c5:a7:
2b:ee:d8:d9:d3:8b:a8:df:67:4b:3d:c0:d0:24:0e:21:e4:18:
f0:c2:59:13:e9:7d:69:0e:85:62:c2:8c:c6:8a:54:7e:2c:e3:
98:7a:47:95:1e:7e:81:42:45:63:25:b0:92:9f:24:1c:14:5b:
b0:37:de:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYnfahQHTYW4Ghw5dFlw2grQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDAxZTAyNDk0MThiMzU3NTQ3MjY4ODI0ZjYyNDQ5MjVk
OGRiMzkwHhcNMjMwODEwMTIyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Y3YzNmZGJhOWFiNDc3YjhhOGZiYTBiZWQ0ZDkyZDI4NmJiMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvGLb6Rbdrd7pSydsS+GMM4quS+Cs
f1J8XBOXJf8Hn7hUG9howhSvLgmwG7DxCKaWI8kC0pA4EqnrF1uCaZeXX7IfnTYg
AyHFzyqfzWR9QYNt7lY8K1KYowoK00mZqvrI0r+/PluIK1E5GsoAFnntl6UKq2Og
Hsspzsm7Xd7U4uEqnBpyugyCJj34lE36KmAV6osfjrpArOEctrHqo/IpZBlEMmoz
8IurrjZTBMS3uRTb9IrmsjQAqXPaeg8yZqCba5RJoVJ9+MQDaR4VLTUo4zgUHMhj
Kxa/j+f6A/cV1IE8oldlnoGjlKkJ0aq2mqhvQFkmE0V6+S+HSG7K7Sq75wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBf3w/26mrR3uKj7oL7U2S0oa7JmMB8GA1UdIwQY
MBaAFNdAHgJJQYs1dUcmiCT2JEkl2Ns5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjIt
NTA3ODkxMzk1NDE3LzEvRl9mRF9icWF0SGU0cVB1Z3Z0VFpMU2hyc21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC9kNzMxMzctYjA4OS00ZGI0LWI2YjItNTA3ODkxMzk1NDE3
LzEvMTBBZUFrbEJpelYxUnlhSUpQWWtTU1hZMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5YWUD
BAO5YWAwDQYJKoZIhvcNAQELBQADggEBACAyNS78S4+XSXRCId+qBXH0Q/J1IcRo
Vhj86jRqNovSNht8Gxaqkh2BflAxlb0PkRJkihXeGDRKfz/4uEBv7bC6etUnqEtY
yGim8tMK509zxjiVz5QTbLVM02E5tIGZwd+5aUvYVrr6P/UFlYkyIsXDPuFq0xno
Be7RnFE7H1amrCkNs0v9XOns4zTi1/DYLON1i0HTVW+R/WPLBLb7u+16chYosJlv
5FLlgui9r92eiZ4JjCOX2jAPpZel039UeBNVGy7Fpyvu2NnTi6jfZ0s9wNAkDiHk
GPDCWRPpfWkOhWLCjMaKVH4s45h6R5UefoFCRWMlsJKfJBwUW7A33l0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:01 2024 by rpki-client on console-ams.rpki-client.org