Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/FlDbEKehQsJSjo0s3jft5nTjGgA.roa
File: FlDbEKehQsJSjo0s3jft5nTjGgA.roa (raw, json)
Hash identifier: 8omC+UNO6ZgyRaUkiBfOGc7v1TGPR0cK3QR8z3+gqyY=
Subject key identifier: 16:50:DB:10:A7:A1:42:C2:52:8E:8D:2C:DE:37:ED:E6:74:E3:1A:00
Certificate issuer: /CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Certificate serial: 018CC9BCE35799E52DDB3365DDF9D7E60E47
Authority key identifier: 30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/FlDbEKehQsJSjo0s3jft5nTjGgA.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206994
IP address blocks: 193.5.147.0/24 maxlen: 24
2a0c:8187::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 30 Sep 2024 12:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e3:57:99:e5:2d:db:33:65:dd:f9:d7:e6:0e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30309941a6d84fa4dbddaf0f4ecd99f9f043cfdc
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1650db10a7a142c2528e8d2cde37ede674e31a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:85:b1:ac:d5:b4:e9:97:ff:4f:bb:00:cd:59:
bf:10:17:d6:5a:d4:c3:63:41:1d:48:69:d2:72:e4:
4b:d3:44:6f:0d:06:de:b0:87:93:2d:c0:c6:37:80:
1f:c9:19:4d:8c:0b:36:de:ba:d4:de:47:a1:3a:44:
6a:92:e4:87:00:12:ed:b3:f6:35:76:57:3c:a6:ae:
da:13:f3:e1:1e:4b:7d:6f:b0:80:87:89:74:3d:8b:
a1:a8:c9:c2:e0:ee:27:67:80:00:54:2e:44:c3:40:
b1:98:3e:ca:a3:8d:d5:0d:5c:8c:93:8c:16:95:0d:
05:b5:22:1d:ae:f6:a5:36:75:cc:0c:c1:40:21:a0:
bd:0b:e4:d5:53:68:3b:17:31:3e:92:ab:c9:96:2a:
7c:33:43:e9:6a:fb:f0:e4:5c:e8:4b:d9:48:9e:ef:
31:99:4a:d6:7f:d6:73:56:f9:5f:48:69:f2:b8:97:
c5:a4:7a:bb:8f:b9:2f:25:97:a3:8d:bb:da:d5:92:
f9:09:66:1f:17:f3:fd:ca:0c:21:e0:6c:e7:ee:b8:
e0:c2:28:fc:71:96:e6:03:d0:52:79:08:8a:41:b1:
8d:47:4a:a4:3c:c2:cf:2a:00:64:9b:bd:87:63:97:
b7:6b:f4:52:68:f8:99:94:35:22:54:b4:90:27:81:
92:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:50:DB:10:A7:A1:42:C2:52:8E:8D:2C:DE:37:ED:E6:74:E3:1A:00
X509v3 Authority Key Identifier:
keyid:30:30:99:41:A6:D8:4F:A4:DB:DD:AF:0F:4E:CD:99:F9:F0:43:CF:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/FlDbEKehQsJSjo0s3jft5nTjGgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/f1af90-355c-484b-b923-d31d4cb1b129/1/MDCZQabYT6Tb3a8PTs2Z-fBDz9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.147.0/24
IPv6:
2a0c:8187::/32
Signature Algorithm: sha256WithRSAEncryption
21:74:1c:12:1a:91:3e:20:7e:c4:67:26:59:72:b9:f7:00:78:
ef:17:99:8f:21:40:da:93:de:0f:cb:88:09:14:c7:a7:27:56:
e5:db:12:9d:ad:19:f6:be:36:c3:4e:c5:a6:8f:6f:ff:9e:19:
20:49:d9:74:f5:c4:5a:1d:d5:53:b1:ab:5b:42:57:69:b9:ef:
78:c3:02:bf:ec:a8:e8:e8:a0:48:00:33:4c:fa:a1:ea:60:7f:
fb:b0:7e:a5:7d:bf:be:4e:9c:c9:22:22:7c:c5:76:6e:09:3c:
aa:01:a6:2c:9c:6a:9b:8c:3c:c8:97:27:98:b0:27:76:c7:b9:
63:6c:06:ce:93:2c:bd:1e:49:67:71:ce:d0:f3:e4:ed:ed:b6:
e5:34:d2:72:e0:48:73:88:22:4d:ec:32:58:34:cb:37:3b:36:
cc:ff:7d:dd:43:ba:dc:82:72:e9:0f:a5:4a:05:42:dd:a1:ba:
aa:9e:15:61:38:69:95:db:48:ab:4d:de:81:b6:3e:36:bd:2d:
79:1c:1d:c7:c3:2b:93:01:35:4c:9c:b7:eb:99:48:84:7c:c9:
33:f9:03:cd:4d:24:19:8a:a4:24:cd:97:9c:f4:38:5a:47:b0:
db:40:bb:ee:4e:6a:74:71:0e:82:63:77:81:c7:aa:f8:55:e9:
0a:7f:4f:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvONXmeUt2zNl3fnX5g5HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMzA5OTQxYTZkODRmYTRkYmRkYWYwZjRlY2Q5OWY5ZjA0
M2NmZGMwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUwZGIxMGE3YTE0MmMyNTI4ZThkMmNkZTM3ZWRlNjc0ZTMxYTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIWxrNW06Zf/T7sAzVm/EBfWWtTD
Y0EdSGnScuRL00RvDQbesIeTLcDGN4AfyRlNjAs23rrU3kehOkRqkuSHABLts/Y1
dlc8pq7aE/PhHkt9b7CAh4l0PYuhqMnC4O4nZ4AAVC5Ew0CxmD7Ko43VDVyMk4wW
lQ0FtSIdrvalNnXMDMFAIaC9C+TVU2g7FzE+kqvJlip8M0Ppavvw5FzoS9lInu8x
mUrWf9ZzVvlfSGnyuJfFpHq7j7kvJZejjbva1ZL5CWYfF/P9ygwh4Gzn7rjgwij8
cZbmA9BSeQiKQbGNR0qkPMLPKgBkm72HY5e3a/RSaPiZlDUiVLSQJ4GSvQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBZQ2xCnoULCUo6NLN437eZ04xoAMB8GA1UdIwQY
MBaAFDAwmUGm2E+k292vD07NmfnwQ8/cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMt
ZDMxZDRjYjFiMTI5LzEvRmxEYkVLZWhRc0pTam8wczNqZnQ1blRqR2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9mMWFmOTAtMzU1Yy00ODRiLWI5MjMtZDMxZDRjYjFiMTI5
LzEvTURDWlFhYllUNlRiM2E4UFRzMlotZkJEejl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwQWTMA0E
AgACMAcDBQAqDIGHMA0GCSqGSIb3DQEBCwUAA4IBAQAhdBwSGpE+IH7EZyZZcrn3
AHjvF5mPIUDak94Py4gJFMenJ1bl2xKdrRn2vjbDTsWmj2//nhkgSdl09cRaHdVT
satbQldpue94wwK/7Kjo6KBIADNM+qHqYH/7sH6lfb++TpzJIiJ8xXZuCTyqAaYs
nGqbjDzIlyeYsCd2x7ljbAbOkyy9Hklncc7Q8+Tt7bblNNJy4EhziCJN7DJYNMs3
OzbM/33dQ7rcgnLpD6VKBULdobqqnhVhOGmV20irTd6Btj42vS15HB3HwyuTATVM
nLfrmUiEfMkz+QPNTSQZiqQkzZec9DhaR7DbQLvuTmp0cQ6CY3eBx6r4VekKf0+J
-----END CERTIFICATE-----
Generated at Mon Sep 30 17:34:43 2024 by rpki-client on console-ams.rpki-client.org