Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/fNZbeZZvoRSSlt4tlqS31RbOcE0.roa
File: fNZbeZZvoRSSlt4tlqS31RbOcE0.roa (raw, json)
Hash identifier: fLHy0QildxvheE2M1Nyh5iBPP060OMmYVBp65qVlyt8=
Subject key identifier: 7C:D6:5B:79:96:6F:A1:14:92:96:DE:2D:96:A4:B7:D5:16:CE:70:4D
Certificate issuer: /CN=00642b607b94a143ff41c554c913bd5a651f8c05
Certificate serial: 0185729EF6C8A876C5FD8223D1F06F3A01FA
Authority key identifier: 00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/fNZbeZZvoRSSlt4tlqS31RbOcE0.roa
Signing time: Mon 02 Jan 2023 13:14:58 +0000
ROA not before: Mon 02 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29119
IP address blocks: 93.119.18.0/24 maxlen: 24
188.240.194.0/23 maxlen: 23
195.189.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Mar 2023 10:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:f6:c8:a8:76:c5:fd:82:23:d1:f0:6f:3a:01:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00642b607b94a143ff41c554c913bd5a651f8c05
Validity
Not Before: Jan 2 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cd65b79966fa1149296de2d96a4b7d516ce704d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:5a:18:a2:8b:5a:f9:9f:94:76:f5:f2:e5:
84:32:d6:31:aa:cd:f7:43:fa:45:9b:8b:64:b5:67:
e9:cb:98:ac:8b:23:f4:22:24:5a:00:5f:f9:86:12:
b0:64:2e:d1:ac:4f:eb:af:52:3c:fa:7c:fe:e6:c5:
bf:a3:cb:2f:33:47:c7:85:22:1d:3c:d6:87:be:22:
63:39:db:bb:b1:ce:ee:93:5b:98:cd:3d:bd:4c:60:
bf:a3:73:a1:05:f6:e2:ac:f4:f1:f5:55:45:22:af:
4f:29:78:0e:ac:f4:dc:9a:12:f6:5e:08:70:d8:ea:
e1:c7:8f:5d:eb:b5:bd:b5:30:1f:1f:40:d8:78:04:
d2:34:a0:6e:21:0c:66:da:16:58:83:f2:d0:32:bb:
a8:bb:10:62:b3:8c:23:c1:db:1f:f8:c5:e4:79:f6:
c4:3a:ce:9f:d5:36:2c:9d:89:b9:12:45:6c:ff:50:
c5:a1:66:35:58:2d:f7:6d:0e:1e:3b:4d:85:ce:cb:
39:e4:ec:b9:6b:e5:94:ee:a8:84:e2:ea:cc:77:1b:
1e:6b:d6:29:aa:d4:86:0d:4d:9d:71:9b:14:fe:d0:
8f:92:96:9c:c3:a2:1e:99:fe:9d:2e:89:fc:2f:9c:
b1:20:95:9f:ec:5a:ba:3e:4a:9b:86:ba:38:c1:a6:
dc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D6:5B:79:96:6F:A1:14:92:96:DE:2D:96:A4:B7:D5:16:CE:70:4D
X509v3 Authority Key Identifier:
keyid:00:64:2B:60:7B:94:A1:43:FF:41:C5:54:C9:13:BD:5A:65:1F:8C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AGQrYHuUoUP_QcVUyRO9WmUfjAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/fNZbeZZvoRSSlt4tlqS31RbOcE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/ac9aba-9735-4b9d-8eae-19bc7bdccbc1/1/AGQrYHuUoUP_QcVUyRO9WmUfjAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.119.18.0/24
188.240.194.0/23
195.189.209.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:90:31:d9:81:7d:03:3a:d2:34:d9:78:c2:25:27:f4:6e:55:
27:c7:94:83:c5:25:9b:c2:11:8b:01:21:93:2c:79:af:51:08:
da:17:3d:e6:c5:7e:9b:30:6b:f7:37:71:96:f6:31:45:71:e2:
44:7f:d8:2c:4f:9b:bf:71:1c:f8:e7:e9:2b:cf:12:eb:31:ee:
bd:81:3f:08:f6:f9:2b:1d:a9:c5:a1:f5:34:c7:a5:1c:bf:7f:
92:88:9e:b8:70:b8:ed:30:da:08:a1:aa:4c:f7:cf:8c:6b:35:
d7:98:3e:8a:1b:d1:6e:90:56:94:25:69:d5:42:05:c1:94:e5:
39:7b:bb:e5:78:f8:0b:59:6d:5c:da:99:e1:9f:29:85:43:b2:
52:d4:88:09:87:ae:73:cd:a1:2c:fb:0d:a3:4f:87:40:6f:74:
16:96:37:d1:12:1f:18:53:3f:d7:35:64:a6:a3:6c:06:6d:22:
12:5e:ce:18:7c:20:54:41:2a:d2:d8:12:62:1c:97:88:13:d6:
49:2d:c7:b7:98:88:0d:3c:d2:da:56:1e:66:e6:59:35:be:5b:
a3:b7:73:ce:49:01:9a:b1:c9:d9:6b:f0:15:a3:fd:34:42:73:
73:fc:d3:25:4b:59:77:72:5f:ad:70:f5:e1:d7:ec:fa:b5:49:
e2:e9:89:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVynvbIqHbF/YIj0fBvOgH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNjQyYjYwN2I5NGExNDNmZjQxYzU1NGM5MTNiZDVhNjUx
ZjhjMDUwHhcNMjMwMTAyMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Q2NWI3OTk2NmZhMTE0OTI5NmRlMmQ5NmE0YjdkNTE2Y2U3MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncpaGKKLWvmflHb18uWEMtYxqs33
Q/pFm4tktWfpy5isiyP0IiRaAF/5hhKwZC7RrE/rr1I8+nz+5sW/o8svM0fHhSId
PNaHviJjOdu7sc7uk1uYzT29TGC/o3OhBfbirPTx9VVFIq9PKXgOrPTcmhL2Xghw
2Orhx49d67W9tTAfH0DYeATSNKBuIQxm2hZYg/LQMruouxBis4wjwdsf+MXkefbE
Os6f1TYsnYm5EkVs/1DFoWY1WC33bQ4eO02Fzss55Oy5a+WU7qiE4urMdxsea9Yp
qtSGDU2dcZsU/tCPkpacw6Iemf6dLon8L5yxIJWf7Fq6Pkqbhro4wabcEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHzWW3mWb6EUkpbeLZakt9UWznBNMB8GA1UdIwQY
MBaAFABkK2B7lKFD/0HFVMkTvVplH4wFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUt
MTliYzdiZGNjYmMxLzEvZk5aYmVaWnZvUlNTbHQ0dGxxUzMxUmJPY0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9hYzlhYmEtOTczNS00YjlkLThlYWUtMTliYzdiZGNjYmMx
LzEvQUdRcllIdVVvVVBfUWNWVXlSTzlXbVVmakFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXXcSAwQB
vPDCAwQAw73RMA0GCSqGSIb3DQEBCwUAA4IBAQB9kDHZgX0DOtI02XjCJSf0blUn
x5SDxSWbwhGLASGTLHmvUQjaFz3mxX6bMGv3N3GW9jFFceJEf9gsT5u/cRz45+kr
zxLrMe69gT8I9vkrHanFofU0x6Ucv3+SiJ64cLjtMNoIoapM98+MazXXmD6KG9Fu
kFaUJWnVQgXBlOU5e7vlePgLWW1c2pnhnymFQ7JS1IgJh65zzaEs+w2jT4dAb3QW
ljfREh8YUz/XNWSmo2wGbSISXs4YfCBUQSrS2BJiHJeIE9ZJLce3mIgNPNLaVh5m
5lk1vlujt3POSQGascnZa/AVo/00QnNz/NMlS1l3cl+tcPXh1+z6tUni6YmH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:50 2024 by rpki-client on console-fra.rpki-client.org