Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/FGkYWcCjKE5xxRgOwsDe1exIUtI.roa
File: FGkYWcCjKE5xxRgOwsDe1exIUtI.roa (raw, json)
Hash identifier: 3owMUps6W6g0Y01DfES4zULWTHrfMUfvkFHhZwTMOB4=
Subject key identifier: 14:69:18:59:C0:A3:28:4E:71:C5:18:0E:C2:C0:DE:D5:EC:48:52:D2
Certificate issuer: /CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Certificate serial: 01867DAF2A5BA4E332745E0422CE995AC8DA
Authority key identifier: F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/FGkYWcCjKE5xxRgOwsDe1exIUtI.roa
Signing time: Thu 23 Feb 2023 09:51:17 +0000
ROA not before: Thu 23 Feb 2023 09:51:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6895
IP address blocks: 193.149.0.0/23 maxlen: 24
195.95.153.0/24 maxlen: 24
185.79.172.0/22 maxlen: 24
2001:7f8:f::/48 maxlen: 48
2a03:5e60::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7d:af:2a:5b:a4:e3:32:74:5e:04:22:ce:99:5a:c8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7d32e75294187d46e8eae0f8fe72b5fd7abf886
Validity
Not Before: Feb 23 09:51:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14691859c0a3284e71c5180ec2c0ded5ec4852d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:32:41:6b:05:d2:d9:01:5a:64:9f:14:81:f2:
78:ca:7f:68:99:72:c3:39:52:39:16:4e:21:e3:29:
48:fb:c9:51:3b:d4:03:78:8a:20:1f:ff:c1:70:11:
5e:e8:a8:1e:0f:eb:4f:e5:d0:5a:74:33:ec:22:d9:
5a:ff:65:9a:c7:0f:7d:ea:eb:2d:2e:39:56:39:83:
b7:27:10:51:f8:ea:32:07:23:a9:46:6c:38:cd:35:
6f:aa:3e:c4:f8:54:5a:ca:a6:d1:af:fb:a8:ef:fa:
27:a9:a1:1e:2b:16:e5:ca:ce:17:31:f1:23:ed:ce:
f5:42:64:6e:77:94:e4:f2:6e:06:1a:fd:ef:01:d7:
9b:97:0f:0d:f2:4c:86:61:e7:cc:c6:b3:67:7c:30:
8e:ad:4a:64:86:ea:34:d4:92:b6:4d:93:74:83:fd:
97:c4:65:e0:e3:8a:86:3e:d4:4a:8f:26:eb:b4:c7:
a9:45:9b:48:f5:e0:2f:c3:02:99:db:aa:55:c8:34:
e3:2e:24:85:8e:19:2f:5a:b8:84:4b:65:91:82:c6:
82:39:72:e2:8a:59:c9:12:cb:70:7d:cc:af:73:9b:
16:fc:5e:e0:7d:d3:3f:ba:20:73:db:46:bd:22:14:
bf:9c:1f:37:32:59:14:51:53:e8:3e:73:95:49:f0:
a2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:69:18:59:C0:A3:28:4E:71:C5:18:0E:C2:C0:DE:D5:EC:48:52:D2
X509v3 Authority Key Identifier:
keyid:F7:D3:2E:75:29:41:87:D4:6E:8E:AE:0F:8F:E7:2B:5F:D7:AB:F8:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/99MudSlBh9Rujq4Pj-crX9er-IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/FGkYWcCjKE5xxRgOwsDe1exIUtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/d0cc41-c8f1-4a44-91f0-d1a4599cb0e5/1/99MudSlBh9Rujq4Pj-crX9er-IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.172.0/22
193.149.0.0/23
195.95.153.0/24
IPv6:
2001:7f8:f::/48
2a03:5e60::/32
Signature Algorithm: sha256WithRSAEncryption
6c:58:da:81:cc:77:f8:96:6f:19:9d:19:c0:e3:03:bf:19:25:
14:2f:b7:04:d5:ab:40:1d:1d:1f:ef:80:d9:6d:3b:70:b9:cf:
71:c6:93:6d:f1:1e:cb:e8:c1:55:7a:c6:ca:7e:39:87:b7:90:
a6:a5:4b:fe:93:d7:a8:1c:61:ee:44:6b:c9:ec:2a:28:66:06:
df:81:1b:9c:07:91:2c:d3:fa:0d:88:c2:b9:9d:f9:ed:b9:28:
28:5d:a0:09:bd:bf:fb:54:07:4d:63:70:4d:2e:a6:6b:a1:6c:
4d:b6:03:c5:41:75:86:70:b7:37:43:93:a0:6b:56:6b:b1:95:
81:80:54:f3:ff:a6:de:c0:55:5b:4c:11:4c:6c:b5:d6:7b:71:
83:4a:7c:6f:7a:fb:15:df:de:b8:d7:a7:44:9c:3d:49:3d:16:
56:d9:21:80:8e:e0:81:8b:ee:d3:74:f9:1d:37:b1:06:1b:93:
f8:91:ca:1d:02:b5:87:99:58:6b:ce:2d:9a:09:05:dc:ed:37:
2c:63:24:48:5b:0a:d5:ea:e4:08:df:82:b7:d1:d8:f5:ff:8b:
73:b0:7c:94:b7:d2:22:87:d2:d7:b8:68:9e:26:34:1b:e5:54:
73:c0:65:0a:84:0b:77:8c:61:2c:d8:b7:e8:6d:82:e4:dd:a5:
a8:a9:6f:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYZ9rypbpOMydF4EIs6ZWsjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3ZDMyZTc1Mjk0MTg3ZDQ2ZThlYWUwZjhmZTcyYjVmZDdh
YmY4ODYwHhcNMjMwMjIzMDk1MTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDY5MTg1OWMwYTMyODRlNzFjNTE4MGVjMmMwZGVkNWVjNDg1MmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDJBawXS2QFaZJ8UgfJ4yn9omXLD
OVI5Fk4h4ylI+8lRO9QDeIogH//BcBFe6KgeD+tP5dBadDPsItla/2Waxw996ust
LjlWOYO3JxBR+OoyByOpRmw4zTVvqj7E+FRayqbRr/uo7/onqaEeKxblys4XMfEj
7c71QmRud5Tk8m4GGv3vAdeblw8N8kyGYefMxrNnfDCOrUpkhuo01JK2TZN0g/2X
xGXg44qGPtRKjybrtMepRZtI9eAvwwKZ26pVyDTjLiSFjhkvWriES2WRgsaCOXLi
ilnJEstwfcyvc5sW/F7gfdM/uiBz20a9IhS/nB83MlkUUVPoPnOVSfCiMwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBRpGFnAoyhOccUYDsLA3tXsSFLSMB8GA1UdIwQY
MBaAFPfTLnUpQYfUbo6uD4/nK1/Xq/iGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAt
ZDFhNDU5OWNiMGU1LzEvRkdrWVdjQ2pLRTV4eFJnT3dzRGUxZXhJVXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9kMGNjNDEtYzhmMS00YTQ0LTkxZjAtZDFhNDU5OWNiMGU1
LzEvOTlNdWRTbEJoOVJ1anE0UGotY3JYOWVyLUlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCuU+sAwQB
wZUAAwQAw1+ZMBYEAgACMBADBwAgAQf4AA8DBQAqA15gMA0GCSqGSIb3DQEBCwUA
A4IBAQBsWNqBzHf4lm8ZnRnA4wO/GSUUL7cE1atAHR0f74DZbTtwuc9xxpNt8R7L
6MFVesbKfjmHt5CmpUv+k9eoHGHuRGvJ7CooZgbfgRucB5Es0/oNiMK5nfntuSgo
XaAJvb/7VAdNY3BNLqZroWxNtgPFQXWGcLc3Q5Oga1ZrsZWBgFTz/6bewFVbTBFM
bLXWe3GDSnxvevsV396416dEnD1JPRZW2SGAjuCBi+7TdPkdN7EGG5P4kcodArWH
mVhrzi2aCQXc7TcsYyRIWwrV6uQI34K30dj1/4tzsHyUt9Iih9LXuGieJjQb5VRz
wGUKhAt3jGEs2LfobYLk3aWoqW9G
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:55 2024 by rpki-client on console-ams.rpki-client.org