Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/fSx4-9y39kAowR91dI1-naHjtvc.roa
File: fSx4-9y39kAowR91dI1-naHjtvc.roa (raw, json)
Hash identifier: geg0FqE4LvmD9MUq+45IEzL13T/XSZT2pKawI3k05Nc=
Subject key identifier: 7D:2C:78:FB:DC:B7:F6:40:28:C1:1F:75:74:8D:7E:9D:A1:E3:B6:F7
Certificate issuer: /CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Certificate serial: 0185715E96269669C19F2DD29081456E496F
Authority key identifier: 3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/fSx4-9y39kAowR91dI1-naHjtvc.roa
Signing time: Mon 02 Jan 2023 07:25:02 +0000
ROA not before: Mon 02 Jan 2023 07:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15836
IP address blocks: 149.3.190.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:96:26:96:69:c1:9f:2d:d2:90:81:45:6e:49:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bfa6636fe6440acf293b75705a7a1dcada8420b
Validity
Not Before: Jan 2 07:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d2c78fbdcb7f64028c11f75748d7e9da1e3b6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:c0:af:b1:1c:af:f5:d8:46:04:c4:b1:75:28:
b1:94:3a:ea:a5:5d:ee:17:9a:eb:c3:5c:c8:77:3b:
0d:1e:f3:20:9b:8c:6a:de:60:cd:8a:13:4c:15:3d:
23:c5:4e:ee:92:bc:57:dc:05:2a:d9:5d:6d:e3:3f:
89:2f:5f:99:44:f7:80:fb:82:4c:18:5f:42:74:1c:
1a:ab:a5:a0:0a:90:77:d0:bb:54:97:c8:8b:49:d1:
50:69:0a:a9:d0:57:d6:de:96:da:e0:a2:81:78:c0:
23:2e:c1:e9:26:4e:71:89:97:3d:d0:eb:6e:bf:44:
86:4b:99:d3:26:4c:f0:b1:8c:a4:74:3b:ed:27:21:
3c:36:7c:fc:0d:57:44:7c:bc:00:bc:e5:10:2d:12:
41:02:66:0d:a9:58:1f:88:ce:d3:49:31:31:6d:47:
95:e0:6b:33:7d:b8:d1:3c:e4:65:af:29:d1:4c:f2:
df:6c:57:2b:42:d7:84:4b:be:5d:ab:72:83:10:38:
27:37:4c:92:0b:32:d8:87:78:67:30:0d:d1:2d:58:
4b:e2:bb:04:51:13:5f:23:c5:da:e8:f1:84:65:39:
43:82:f8:b2:54:31:37:a7:71:81:76:5f:44:90:91:
f5:2b:5e:9b:33:cc:7d:2e:66:cf:0b:19:40:2c:96:
11:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:2C:78:FB:DC:B7:F6:40:28:C1:1F:75:74:8D:7E:9D:A1:E3:B6:F7
X509v3 Authority Key Identifier:
keyid:3B:FA:66:36:FE:64:40:AC:F2:93:B7:57:05:A7:A1:DC:AD:A8:42:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O_pmNv5kQKzyk7dXBaeh3K2oQgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/fSx4-9y39kAowR91dI1-naHjtvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/a47cdf-d21b-4f1d-8901-92ec515c595a/1/O_pmNv5kQKzyk7dXBaeh3K2oQgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.3.190.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a5:8c:80:ba:51:b3:6f:21:cb:61:39:ad:9c:74:65:55:0a:
e5:90:1d:11:21:ce:47:df:7d:c4:4d:d4:ed:a3:40:51:fa:ef:
ba:ee:84:aa:37:86:15:b3:7d:c1:f8:73:41:4e:70:17:2a:1f:
c5:cc:64:e6:16:a8:a4:7b:41:d2:2f:0e:33:e2:45:c7:48:67:
a8:eb:b2:d8:6e:68:be:cd:e6:93:63:4c:3f:bd:66:39:ba:e3:
33:b4:37:a9:8b:e0:21:9a:cf:a3:cd:ef:ef:85:8d:80:56:0f:
23:4a:e1:c1:64:d5:5c:61:e4:c3:48:16:87:5d:9b:95:4b:84:
c9:95:9e:e8:9d:1e:19:9e:50:34:cd:6b:d0:4a:07:f3:05:57:
83:9a:a2:bb:0e:c8:92:0e:42:b8:67:57:3b:0e:50:46:41:02:
4b:dd:99:86:9c:7c:29:de:03:2e:fd:75:0f:0c:73:6e:56:00:
11:40:fe:53:6b:d9:6b:bf:a8:14:23:c7:a8:15:2c:fe:48:15:
ce:b7:e9:9b:d4:bf:5a:e2:e6:ee:f1:ad:74:1f:17:75:02:86:
c5:b3:2c:8a:54:a2:44:6c:04:90:e9:c5:37:5e:70:10:1b:a1:
69:98:a9:e5:da:71:b2:bb:12:ef:aa:89:f6:4c:ef:0a:dc:2f:
d1:32:8d:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxXpYmlmnBny3SkIFFbklvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZmE2NjM2ZmU2NDQwYWNmMjkzYjc1NzA1YTdhMWRjYWRh
ODQyMGIwHhcNMjMwMTAyMDcyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDJjNzhmYmRjYjdmNjQwMjhjMTFmNzU3NDhkN2U5ZGExZTNiNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68CvsRyv9dhGBMSxdSixlDrqpV3u
F5rrw1zIdzsNHvMgm4xq3mDNihNMFT0jxU7ukrxX3AUq2V1t4z+JL1+ZRPeA+4JM
GF9CdBwaq6WgCpB30LtUl8iLSdFQaQqp0FfW3pba4KKBeMAjLsHpJk5xiZc90Otu
v0SGS5nTJkzwsYykdDvtJyE8Nnz8DVdEfLwAvOUQLRJBAmYNqVgfiM7TSTExbUeV
4GszfbjRPORlrynRTPLfbFcrQteES75dq3KDEDgnN0ySCzLYh3hnMA3RLVhL4rsE
URNfI8Xa6PGEZTlDgviyVDE3p3GBdl9EkJH1K16bM8x9LmbPCxlALJYRswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH0sePvct/ZAKMEfdXSNfp2h47b3MB8GA1UdIwQY
MBaAFDv6Zjb+ZECs8pO3VwWnodytqEILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEt
OTJlYzUxNWM1OTVhLzEvZlN4NC05eTM5a0Fvd1I5MWRJMS1uYUhqdHZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9hNDdjZGYtZDIxYi00ZjFkLTg5MDEtOTJlYzUxNWM1OTVh
LzEvT19wbU52NWtRS3p5azdkWEJhZWgzSzJvUWdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlQO+MA0G
CSqGSIb3DQEBCwUAA4IBAQBCpYyAulGzbyHLYTmtnHRlVQrlkB0RIc5H333ETdTt
o0BR+u+67oSqN4YVs33B+HNBTnAXKh/FzGTmFqike0HSLw4z4kXHSGeo67LYbmi+
zeaTY0w/vWY5uuMztDepi+Ahms+jze/vhY2AVg8jSuHBZNVcYeTDSBaHXZuVS4TJ
lZ7onR4ZnlA0zWvQSgfzBVeDmqK7DsiSDkK4Z1c7DlBGQQJL3ZmGnHwp3gMu/XUP
DHNuVgARQP5Ta9lrv6gUI8eoFSz+SBXOt+mb1L9a4ubu8a10Hxd1AobFsyyKVKJE
bASQ6cU3XnAQG6FpmKnl2nGyuxLvqon2TO8K3C/RMo2V
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:34 2023 by rpki-client on console-ams.rpki-client.org