Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/FNuI192NAdIcUMx79GoMJC93H1o.roa
File: FNuI192NAdIcUMx79GoMJC93H1o.roa (raw, json)
Hash identifier: qP3tlB/4CK8Ym8SzurdYjocWmBR60x36NBkTEwcOxEk=
Subject key identifier: 14:DB:88:D7:DD:8D:01:D2:1C:50:CC:7B:F4:6A:0C:24:2F:77:1F:5A
Certificate issuer: /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial: 018CC3B66E385356A7952816110BF2163652
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/FNuI192NAdIcUMx79GoMJC93H1o.roa
Signing time: Mon 01 Jan 2024 06:29:21 +0000
ROA not before: Mon 01 Jan 2024 06:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61081
IP address blocks: 185.24.72.0/22 maxlen: 24
2a04:2ac0::/29 maxlen: 64
Validation: Failed, certificate revoked on Sun 19 May 2024 06:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:6e:38:53:56:a7:95:28:16:11:0b:f2:16:36:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Validity
Not Before: Jan 1 06:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14db88d7dd8d01d21c50cc7bf46a0c242f771f5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:8c:98:9d:c5:b9:bb:a3:b8:84:4a:4c:ce:09:
95:2d:65:33:3e:5d:4d:5b:c7:37:2f:8c:3e:a9:42:
98:8e:df:4a:b4:6b:79:f1:c6:84:0c:41:be:e6:39:
f8:96:98:4b:0e:80:22:61:a9:2b:1c:57:b9:23:ab:
d9:98:57:d6:e7:95:b1:c7:b4:ac:b3:04:a2:27:4e:
43:c8:7f:c5:2a:f8:56:5e:d7:dd:4e:d2:73:78:4d:
ff:ec:17:08:4b:95:23:7c:65:74:d5:7b:5c:ff:1c:
6e:6b:36:6e:fe:ea:94:d0:87:5f:fb:45:b7:6d:39:
e2:38:40:ee:1d:a8:3d:04:85:a3:27:d2:bd:69:f4:
ac:88:5a:52:72:0b:29:e5:86:48:69:0b:51:73:7c:
48:8b:97:c4:71:98:d6:b1:41:be:05:ab:61:cd:4a:
b6:3e:15:aa:dd:dd:61:f3:98:ce:49:da:51:77:5c:
59:30:ee:8a:42:35:b3:72:e4:5f:83:65:ea:bb:b6:
b1:11:e4:bc:4c:53:92:d0:c9:ad:80:ec:2e:46:67:
fa:03:bb:c0:a3:26:38:82:9f:57:3a:51:a9:a2:1a:
00:30:fd:fc:e2:79:ae:f1:05:25:3e:6a:c3:4d:9a:
fc:07:a0:db:4b:64:ba:65:43:2e:36:77:14:2d:8d:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DB:88:D7:DD:8D:01:D2:1C:50:CC:7B:F4:6A:0C:24:2F:77:1F:5A
X509v3 Authority Key Identifier:
keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/FNuI192NAdIcUMx79GoMJC93H1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.72.0/22
IPv6:
2a04:2ac0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:39:f2:8a:ee:79:4a:42:ea:8e:25:59:14:41:c2:4a:be:b4:
d3:12:a1:c5:4f:d4:ba:9c:ae:4d:c9:b3:1f:fc:ed:87:94:84:
e6:ad:72:36:94:f6:9e:ca:44:0a:f7:83:61:d2:5a:97:1c:16:
98:dc:1e:ab:56:f0:22:fa:70:28:79:9e:0c:1d:a7:e6:02:01:
ef:f6:76:19:42:f1:b2:9a:80:53:4f:bd:8d:d1:2d:ad:f2:50:
c9:97:b4:b0:61:1d:00:11:c5:02:4c:70:7f:0e:f1:17:13:61:
3c:1a:90:83:7b:1f:c0:79:ba:37:ac:10:0e:e0:01:01:f4:d5:
1b:6b:de:14:23:82:f9:21:9f:33:33:3f:1f:ed:fb:8c:af:75:
61:48:d9:7d:ba:1c:f3:88:bb:e4:d2:8e:65:ad:c7:37:41:c1:
23:d5:2d:be:5b:79:03:15:ad:12:a5:1b:94:51:c9:c4:51:6e:
28:75:68:e4:fa:05:24:9c:25:70:fe:10:a9:c5:a2:a2:0d:03:
ab:ec:4f:1a:54:e7:8c:f5:f4:d5:84:16:44:cd:cb:73:d1:9d:
ca:85:da:d1:0b:8f:19:db:49:58:c1:77:e3:af:c3:56:07:e9:
06:d0:6e:9b:ae:6b:ee:30:e5:ee:47:97:ce:f4:63:a8:39:46:
01:8e:70:7b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtm44U1anlSgWEQvyFjZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0
ZmI2ZmMwHhcNMjQwMTAxMDYyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRiODhkN2RkOGQwMWQyMWM1MGNjN2JmNDZhMGMyNDJmNzcxZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYyYncW5u6O4hEpMzgmVLWUzPl1N
W8c3L4w+qUKYjt9KtGt58caEDEG+5jn4lphLDoAiYakrHFe5I6vZmFfW55Wxx7Ss
swSiJ05DyH/FKvhWXtfdTtJzeE3/7BcIS5UjfGV01Xtc/xxuazZu/uqU0Idf+0W3
bTniOEDuHag9BIWjJ9K9afSsiFpScgsp5YZIaQtRc3xIi5fEcZjWsUG+BathzUq2
PhWq3d1h85jOSdpRd1xZMO6KQjWzcuRfg2Xqu7axEeS8TFOS0MmtgOwuRmf6A7vA
oyY4gp9XOlGpohoAMP384nmu8QUlPmrDTZr8B6DbS2S6ZUMuNncULY0YowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBTbiNfdjQHSHFDMe/RqDCQvdx9aMB8GA1UdIwQY
MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt
ODk4NjM0OTQyMjg1LzEvRk51STE5Mk5BZEljVU14NzlHb01KQzkzSDFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1
LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRhIMA0E
AgACMAcDBQMqBCrAMA0GCSqGSIb3DQEBCwUAA4IBAQB9OfKK7nlKQuqOJVkUQcJK
vrTTEqHFT9S6nK5NybMf/O2HlITmrXI2lPaeykQK94Nh0lqXHBaY3B6rVvAi+nAo
eZ4MHafmAgHv9nYZQvGymoBTT72N0S2t8lDJl7SwYR0AEcUCTHB/DvEXE2E8GpCD
ex/Aebo3rBAO4AEB9NUba94UI4L5IZ8zMz8f7fuMr3VhSNl9uhzziLvk0o5lrcc3
QcEj1S2+W3kDFa0SpRuUUcnEUW4odWjk+gUknCVw/hCpxaKiDQOr7E8aVOeM9fTV
hBZEzctz0Z3KhdrRC48Z20lYwXfjr8NWB+kG0G6brmvuMOXuR5fO9GOoOUYBjnB7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:45 2024 by rpki-client on console-ams.rpki-client.org