Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/FUbAj4ItrRRFNKYD_s3YTnZ4p1E.roa
File: FUbAj4ItrRRFNKYD_s3YTnZ4p1E.roa (raw, json)
Hash identifier: RvFLcYPcglBgV3eeslbqQhzx3qwoUdNOtHSVF/lIf/0=
Subject key identifier: 15:46:C0:8F:82:2D:AD:14:45:34:A6:03:FE:CD:D8:4E:76:78:A7:51
Certificate issuer: /CN=abbad3de831da94222c1add104caf4c3247689ac
Certificate serial: 018713438D48A4F8B8C3327C0B815CABC4B3
Authority key identifier: AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/FUbAj4ItrRRFNKYD_s3YTnZ4p1E.roa
Signing time: Fri 24 Mar 2023 10:56:46 +0000
ROA not before: Fri 24 Mar 2023 10:56:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 212.68.172.0/24 maxlen: 24
212.68.174.0/24 maxlen: 24
212.68.173.0/24 maxlen: 24
212.68.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:13:43:8d:48:a4:f8:b8:c3:32:7c:0b:81:5c:ab:c4:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abbad3de831da94222c1add104caf4c3247689ac
Validity
Not Before: Mar 24 10:56:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1546c08f822dad144534a603fecdd84e7678a751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:df:c5:42:06:9d:8c:56:26:27:08:86:5a:3c:
3a:96:40:cf:71:aa:c2:e8:7f:fa:ea:0a:19:79:47:
bd:af:ff:c5:09:99:7c:fc:32:f2:1a:cc:bc:54:c9:
fd:37:d9:cb:67:0d:50:d8:22:d5:c0:50:43:c7:92:
73:32:92:63:72:d2:5b:7f:7a:f2:9b:f8:df:09:22:
6f:99:5e:1d:96:12:82:99:ca:55:50:76:a7:fd:56:
47:98:bc:4e:16:6c:47:61:d2:10:38:66:fa:ae:a1:
55:fa:c5:04:fd:0c:75:8d:3d:a6:d1:5f:fd:ac:39:
9a:2e:32:de:68:f5:0a:6d:42:8c:1d:6f:e5:1b:d2:
b4:1e:12:34:70:cf:09:d0:cc:cf:74:a3:ad:f9:12:
2b:de:37:e9:b9:cc:5b:54:df:f9:4d:73:3d:47:7b:
c4:ed:3f:5b:05:8b:3e:3a:9f:1f:e2:6e:f0:46:c7:
1e:41:3f:4a:76:bc:95:80:af:ef:12:5b:07:32:c4:
dc:36:0d:32:18:2a:a5:58:8f:4b:b0:73:6c:5d:3b:
5b:00:26:1c:d1:8f:01:b3:54:30:2f:35:e6:0b:ae:
d0:62:84:a2:ae:a6:ce:69:9c:c5:c5:e0:da:bb:8f:
4c:e5:13:e5:d9:2d:3c:aa:6e:4a:e2:6c:23:92:b1:
4f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:46:C0:8F:82:2D:AD:14:45:34:A6:03:FE:CD:D8:4E:76:78:A7:51
X509v3 Authority Key Identifier:
keyid:AB:BA:D3:DE:83:1D:A9:42:22:C1:AD:D1:04:CA:F4:C3:24:76:89:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q7rT3oMdqUIiwa3RBMr0wyR2iaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/FUbAj4ItrRRFNKYD_s3YTnZ4p1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8e8149-d53c-4992-bd07-55c434eec96c/1/q7rT3oMdqUIiwa3RBMr0wyR2iaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.68.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:a0:07:f7:44:0d:60:a2:1f:73:09:84:b1:cd:db:97:f3:f5:
a1:e4:93:e2:bb:8f:74:5f:b2:6e:6e:e6:54:dc:8f:d9:e4:b1:
b5:e1:a1:eb:ea:e9:60:33:03:d9:84:a0:04:9b:77:a1:63:5a:
a4:ad:b2:1c:0b:60:02:92:85:5d:14:1a:a7:f6:6a:04:d9:87:
f1:37:87:fb:f0:3e:ca:44:1f:00:35:32:fd:d1:58:d2:0b:61:
81:0a:c2:b9:58:87:3c:da:dc:39:07:fb:05:ea:4f:ad:c6:7f:
02:8f:17:43:4e:2c:e0:55:ba:53:ea:93:98:f5:90:5c:76:3c:
85:a6:79:3a:f1:91:16:4e:19:3f:9b:71:0f:a4:8a:6f:04:c9:
2b:9a:b9:4a:6d:95:f6:95:3d:e2:37:58:38:f9:87:97:77:ec:
0e:60:c2:61:ea:c1:bb:3b:21:e1:ae:e8:93:06:67:ac:a6:5d:
7d:de:1f:df:b3:c1:bb:62:39:e0:db:73:d6:92:5b:d3:e4:f9:
03:49:2a:a6:4e:01:74:a7:04:48:bc:5e:3c:99:14:87:76:0c:
14:b7:ac:4e:79:9b:e0:2d:b7:f6:3a:4f:8d:75:90:33:06:b8:
32:ee:48:91:e9:91:9d:77:38:29:92:a7:2d:d6:14:9a:3b:7e:
e3:24:60:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcTQ41IpPi4wzJ8C4Fcq8SzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYmFkM2RlODMxZGE5NDIyMmMxYWRkMTA0Y2FmNGMzMjQ3
Njg5YWMwHhcNMjMwMzI0MTA1NjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTQ2YzA4ZjgyMmRhZDE0NDUzNGE2MDNmZWNkZDg0ZTc2NzhhNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmN/FQgadjFYmJwiGWjw6lkDPcarC
6H/66goZeUe9r//FCZl8/DLyGsy8VMn9N9nLZw1Q2CLVwFBDx5JzMpJjctJbf3ry
m/jfCSJvmV4dlhKCmcpVUHan/VZHmLxOFmxHYdIQOGb6rqFV+sUE/Qx1jT2m0V/9
rDmaLjLeaPUKbUKMHW/lG9K0HhI0cM8J0MzPdKOt+RIr3jfpucxbVN/5TXM9R3vE
7T9bBYs+Op8f4m7wRsceQT9KdryVgK/vElsHMsTcNg0yGCqlWI9LsHNsXTtbACYc
0Y8Bs1QwLzXmC67QYoSirqbOaZzFxeDau49M5RPl2S08qm5K4mwjkrFP5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBVGwI+CLa0URTSmA/7N2E52eKdRMB8GA1UdIwQY
MBaAFKu6096DHalCIsGt0QTK9MMkdomsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDct
NTVjNDM0ZWVjOTZjLzEvRlViQWo0SXRyUlJGTktZRF9zM1lUblo0cDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZTgxNDktZDUzYy00OTkyLWJkMDctNTVjNDM0ZWVjOTZj
LzEvcTdyVDNvTWRxVUlpd2EzUkJNcjB3eVIyaWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1ESsMA0G
CSqGSIb3DQEBCwUAA4IBAQC1oAf3RA1goh9zCYSxzduX8/Wh5JPiu490X7JubuZU
3I/Z5LG14aHr6ulgMwPZhKAEm3ehY1qkrbIcC2ACkoVdFBqn9moE2YfxN4f78D7K
RB8ANTL90VjSC2GBCsK5WIc82tw5B/sF6k+txn8CjxdDTizgVbpT6pOY9ZBcdjyF
pnk68ZEWThk/m3EPpIpvBMkrmrlKbZX2lT3iN1g4+YeXd+wOYMJh6sG7OyHhruiT
Bmespl193h/fs8G7Yjng23PWklvT5PkDSSqmTgF0pwRIvF48mRSHdgwUt6xOeZvg
Lbf2Ok+NdZAzBrgy7kiR6ZGddzgpkqct1hSaO37jJGB9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:57 2023 by rpki-client on console-ams.rpki-client.org