Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/fn4cOXMts8YF4fYCKB7Y58hf3Ig.roa
File: fn4cOXMts8YF4fYCKB7Y58hf3Ig.roa (raw, json)
Hash identifier: gIAjhUit06Jt1a+u1OeDRg48QmdCc1L/JbJ8/HWdHOI=
Subject key identifier: 7E:7E:1C:39:73:2D:B3:C6:05:E1:F6:02:28:1E:D8:E7:C8:5F:DC:88
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01856C4A47ABE08F937F015C515C2A68ACB4
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/fn4cOXMts8YF4fYCKB7Y58hf3Ig.roa
Signing time: Sun 01 Jan 2023 07:44:45 +0000
ROA not before: Sun 01 Jan 2023 07:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204137
IP address blocks: 134.19.128.0/21 maxlen: 21
2a05:7400:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:47:ab:e0:8f:93:7f:01:5c:51:5c:2a:68:ac:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 07:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e7e1c39732db3c605e1f602281ed8e7c85fdc88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c4:e2:c9:ee:cc:ec:e4:e6:ad:66:4c:9e:6d:
1e:b0:5a:98:ff:90:b2:0c:d1:9e:ee:b3:42:dc:df:
89:27:4b:c5:18:67:45:83:8c:5d:1f:e5:49:f4:53:
61:83:ee:0d:23:16:1a:b7:27:ae:1f:09:9d:fd:6d:
d9:a7:f5:ac:f8:09:3e:11:bf:4e:00:0c:d7:93:1c:
a6:83:02:42:c5:1a:6f:6c:4a:05:26:3b:80:77:df:
f8:c9:b6:5b:a4:24:0c:f9:cb:5d:a4:ab:6a:a4:3d:
bf:88:a5:09:f9:cb:1b:e1:14:28:5a:fe:48:6d:64:
45:71:0c:f6:bb:cf:a9:e1:bb:93:8c:1d:e5:fe:ad:
7b:2c:8f:ae:c9:b5:63:f6:ce:84:16:28:27:1a:1e:
33:5e:71:a9:20:28:b3:0a:9e:be:b4:3f:54:89:97:
b2:15:b7:7f:9e:0f:39:d5:f2:64:e4:e7:f8:f1:fb:
61:b1:9a:13:34:37:c1:0b:d3:12:7a:69:13:9b:8f:
c5:53:24:37:6a:0b:a8:4e:79:2e:f7:25:7d:d6:6d:
97:3a:e4:e0:a6:ab:9b:b8:f9:23:62:84:9f:07:7d:
6c:a5:fe:50:b0:cd:b0:cf:98:cf:d0:21:42:fd:43:
e7:8a:be:35:c3:c0:57:94:4f:8e:85:2e:9f:24:b6:
54:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:7E:1C:39:73:2D:B3:C6:05:E1:F6:02:28:1E:D8:E7:C8:5F:DC:88
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/fn4cOXMts8YF4fYCKB7Y58hf3Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.128.0/21
IPv6:
2a05:7400:4000::/34
Signature Algorithm: sha256WithRSAEncryption
20:e2:80:58:ae:f4:ab:dc:7f:e4:24:74:c0:92:f1:94:59:54:
d2:fa:43:63:f6:dc:40:0a:5f:95:c9:eb:d8:d0:29:30:fb:e9:
31:b0:0d:c8:76:77:ba:35:24:3a:1c:2f:fc:03:57:a6:00:4d:
8d:6a:6a:a8:43:e1:bd:65:09:bf:dd:3f:c0:60:9d:2d:c3:e9:
05:dd:86:71:ef:66:93:58:d5:f5:1d:56:1d:dd:e0:c6:d0:5a:
c3:6d:a3:eb:1a:08:b8:63:d5:cd:14:da:65:e4:aa:c5:1a:e1:
58:c8:7a:b2:02:8d:8a:0a:dc:05:d5:9b:a1:9b:c2:5e:91:9f:
57:36:38:e2:36:e6:12:de:2e:45:ce:cf:26:fa:6b:c0:7f:a3:
80:07:95:08:92:0f:2e:af:28:80:be:75:63:54:45:92:0d:d2:
b0:5d:f7:49:97:80:a0:e1:cc:c6:64:a4:9d:45:c1:24:7b:0b:
7d:44:de:a1:f6:fd:f6:dd:2c:cd:f0:92:88:07:2a:c4:1c:0b:
b7:9a:ff:b5:27:81:3f:a1:5a:94:f5:60:9d:a7:f7:9b:a4:d2:
38:fc:3f:98:35:8b:20:fc:a2:f8:d6:e6:d5:94:64:2f:26:3a:
67:bd:eb:df:2e:7f:c1:fb:d4:d7:f2:51:3e:01:43:c7:05:fe:
e4:ef:3d:3a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVsSker4I+TfwFcUVwqaKy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjMwMTAxMDc0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTdlMWMzOTczMmRiM2M2MDVlMWY2MDIyODFlZDhlN2M4NWZkYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcTiye7M7OTmrWZMnm0esFqY/5Cy
DNGe7rNC3N+JJ0vFGGdFg4xdH+VJ9FNhg+4NIxYatyeuHwmd/W3Zp/Ws+Ak+Eb9O
AAzXkxymgwJCxRpvbEoFJjuAd9/4ybZbpCQM+ctdpKtqpD2/iKUJ+csb4RQoWv5I
bWRFcQz2u8+p4buTjB3l/q17LI+uybVj9s6EFignGh4zXnGpICizCp6+tD9UiZey
Fbd/ng851fJk5Of48fthsZoTNDfBC9MSemkTm4/FUyQ3aguoTnku9yV91m2XOuTg
pqubuPkjYoSfB31spf5QsM2wz5jP0CFC/UPnir41w8BXlE+OhS6fJLZUwQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFH5+HDlzLbPGBeH2Aige2OfIX9yIMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvZm40Y09YTXRzOFlGNGZZQ0tCN1k1OGhmM0lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDhhOAMA4E
AgACMAgDBgYqBXQAQDANBgkqhkiG9w0BAQsFAAOCAQEAIOKAWK70q9x/5CR0wJLx
lFlU0vpDY/bcQApflcnr2NApMPvpMbANyHZ3ujUkOhwv/ANXpgBNjWpqqEPhvWUJ
v90/wGCdLcPpBd2Gce9mk1jV9R1WHd3gxtBaw22j6xoIuGPVzRTaZeSqxRrhWMh6
sgKNigrcBdWboZvCXpGfVzY44jbmEt4uRc7PJvprwH+jgAeVCJIPLq8ogL51Y1RF
kg3SsF33SZeAoOHMxmSknUXBJHsLfUTeofb99t0szfCSiAcqxBwLt5r/tSeBP6Fa
lPVgnaf3m6TSOPw/mDWLIPyi+Nbm1ZRkLyY6Z73r3y5/wfvU1/JRPgFDxwX+5O89
Og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:23 2024 by rpki-client on console-fra.rpki-client.org