Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/fPiI0F0UdaCgN1jFrB3F4QLTAqg.roa
File: fPiI0F0UdaCgN1jFrB3F4QLTAqg.roa (raw, json)
Hash identifier: ID5CgBNOn85LvVfU0gcHrmSAbpNqS2pAWiaMhiWI8yM=
Subject key identifier: 7C:F8:88:D0:5D:14:75:A0:A0:37:58:C5:AC:1D:C5:E1:02:D3:02:A8
Certificate issuer: /CN=e23cb7d9e521e6469fd7e2ad13603fb7eebfe0e0
Certificate serial: 0186DBED1AB0212A023EF5F5738799551948
Authority key identifier: E2:3C:B7:D9:E5:21:E6:46:9F:D7:E2:AD:13:60:3F:B7:EE:BF:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4jy32eUh5kaf1-KtE2A_t-6_4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/fPiI0F0UdaCgN1jFrB3F4QLTAqg.roa
Signing time: Mon 13 Mar 2023 17:03:14 +0000
ROA not before: Mon 13 Mar 2023 17:03:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31117
IP address blocks: 91.148.0.0/18 maxlen: 18
185.242.56.0/22 maxlen: 22
2a03:1d80::/29 maxlen: 29
2a03:1d87:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:ed:1a:b0:21:2a:02:3e:f5:f5:73:87:99:55:19:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e23cb7d9e521e6469fd7e2ad13603fb7eebfe0e0
Validity
Not Before: Mar 13 17:03:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cf888d05d1475a0a03758c5ac1dc5e102d302a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:3c:90:d0:ab:ca:33:ea:f0:83:f7:18:59:
d7:95:9f:b5:15:da:37:4b:79:99:8d:5d:73:5c:35:
80:67:7d:08:c9:e1:27:11:a9:27:b0:f3:74:8b:07:
6c:36:35:67:71:57:75:a0:f6:6b:52:6f:db:e4:d1:
2e:c1:b7:90:09:5a:46:d5:dd:2d:8f:84:dc:6b:2d:
8c:e4:32:a0:a7:68:2b:48:f3:f6:3b:3d:b7:a3:4b:
ef:92:5f:af:43:e7:02:11:16:b5:5d:00:14:ab:46:
7c:94:61:05:07:37:9a:3f:7e:bd:7e:fe:20:7c:21:
79:82:cf:83:63:88:93:94:df:99:e3:5b:0e:42:0e:
61:ac:25:e9:b0:64:ba:db:3e:8d:d1:34:bf:fe:b9:
8e:03:d6:13:11:86:8b:7a:8b:0c:18:48:29:74:72:
0e:6e:ef:cb:af:84:57:09:6b:74:f8:54:69:de:62:
bc:4b:0d:a5:b5:e6:32:3f:96:64:9d:21:97:06:d7:
0f:ad:fd:ff:b5:cd:a5:5a:ed:b7:fc:19:0a:4f:19:
63:7f:08:ba:72:44:92:5d:41:38:65:43:ef:00:57:
f9:a5:33:2d:0e:bd:8b:54:19:08:db:65:8e:13:b2:
fa:74:7d:2d:d6:ea:63:8f:fe:22:ab:ae:3a:21:49:
24:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F8:88:D0:5D:14:75:A0:A0:37:58:C5:AC:1D:C5:E1:02:D3:02:A8
X509v3 Authority Key Identifier:
keyid:E2:3C:B7:D9:E5:21:E6:46:9F:D7:E2:AD:13:60:3F:B7:EE:BF:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4jy32eUh5kaf1-KtE2A_t-6_4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/fPiI0F0UdaCgN1jFrB3F4QLTAqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/b2698c-6409-459c-b046-ea6f705d2c0d/1/4jy32eUh5kaf1-KtE2A_t-6_4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.148.0.0/18
185.242.56.0/22
IPv6:
2a03:1d80::/29
Signature Algorithm: sha256WithRSAEncryption
07:22:93:27:27:68:62:ea:bc:64:9e:81:25:57:0b:d6:3b:ea:
b2:44:f7:0f:43:53:87:be:e5:17:53:1e:1f:2d:28:56:49:34:
18:c9:7c:b1:45:de:af:f2:2e:52:aa:4e:4a:ec:7d:80:62:bf:
ad:27:00:30:1c:22:42:1c:f4:da:1e:9f:9e:cf:6f:a5:0c:71:
fb:14:6e:6a:7a:96:eb:c7:e0:cc:0f:75:5b:85:cf:2b:6f:c7:
2c:9a:3d:5b:08:43:5c:e0:6a:75:94:b7:89:ce:25:1b:52:de:
be:c2:a8:ec:2f:d3:a9:98:3b:1f:44:5f:ea:4f:96:a1:1d:81:
e2:9a:3d:c8:e5:2d:23:c0:70:22:06:88:d2:f1:8c:3e:06:c8:
17:76:9b:a5:31:64:d5:70:c2:29:7d:fc:61:07:d4:ea:91:4e:
1e:84:ca:24:03:8c:59:94:29:aa:94:90:ff:9b:c8:d2:f9:f3:
49:35:79:14:2f:d1:c2:04:9f:5c:98:7b:cb:51:39:bf:f9:73:
6d:9e:e3:4b:27:d7:55:d2:43:f3:16:3c:8f:05:c5:8d:99:2b:
d0:18:2d:5d:b1:07:11:d5:5d:a3:3b:68:86:ac:74:1e:75:d0:
5c:d0:9b:8f:73:ec:5c:c0:55:79:73:5e:99:b3:e2:35:74:48:
65:3d:b3:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYbb7RqwISoCPvX1c4eZVRlIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyM2NiN2Q5ZTUyMWU2NDY5ZmQ3ZTJhZDEzNjAzZmI3ZWVi
ZmUwZTAwHhcNMjMwMzEzMTcwMzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y4ODhkMDVkMTQ3NWEwYTAzNzU4YzVhYzFkYzVlMTAyZDMwMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplY8kNCryjPq8IP3GFnXlZ+1Fdo3
S3mZjV1zXDWAZ30IyeEnEaknsPN0iwdsNjVncVd1oPZrUm/b5NEuwbeQCVpG1d0t
j4Tcay2M5DKgp2grSPP2Oz23o0vvkl+vQ+cCERa1XQAUq0Z8lGEFBzeaP369fv4g
fCF5gs+DY4iTlN+Z41sOQg5hrCXpsGS62z6N0TS//rmOA9YTEYaLeosMGEgpdHIO
bu/Lr4RXCWt0+FRp3mK8Sw2lteYyP5ZknSGXBtcPrf3/tc2lWu23/BkKTxljfwi6
ckSSXUE4ZUPvAFf5pTMtDr2LVBkI22WOE7L6dH0t1upjj/4iq646IUkkgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHz4iNBdFHWgoDdYxawdxeEC0wKoMB8GA1UdIwQY
MBaAFOI8t9nlIeZGn9firRNgP7fuv+DgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGp5MzJlVWg1a2FmMS1LdEUyQV90LTZfNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9iMjY5OGMtNjQwOS00NTljLWIwNDYt
ZWE2ZjcwNWQyYzBkLzEvZlBpSTBGMFVkYUNnTjFqRnJCM0Y0UUxUQXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9iMjY5OGMtNjQwOS00NTljLWIwNDYtZWE2ZjcwNWQyYzBk
LzEvNGp5MzJlVWg1a2FmMS1LdEUyQV90LTZfNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGW5QAAwQC
ufI4MA0EAgACMAcDBQMqAx2AMA0GCSqGSIb3DQEBCwUAA4IBAQAHIpMnJ2hi6rxk
noElVwvWO+qyRPcPQ1OHvuUXUx4fLShWSTQYyXyxRd6v8i5Sqk5K7H2AYr+tJwAw
HCJCHPTaHp+ez2+lDHH7FG5qepbrx+DMD3Vbhc8rb8csmj1bCENc4Gp1lLeJziUb
Ut6+wqjsL9OpmDsfRF/qT5ahHYHimj3I5S0jwHAiBojS8Yw+BsgXdpulMWTVcMIp
ffxhB9TqkU4ehMokA4xZlCmqlJD/m8jS+fNJNXkUL9HCBJ9cmHvLUTm/+XNtnuNL
J9dV0kPzFjyPBcWNmSvQGC1dsQcR1V2jO2iGrHQeddBc0JuPc+xcwFV5c16Zs+I1
dEhlPbMb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:31 2024 by rpki-client on console-fra.rpki-client.org