Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fL__OrnGYCc0KdBQDq6CJasHgZQ.roa
File: fL__OrnGYCc0KdBQDq6CJasHgZQ.roa (raw, json)
Hash identifier: Xd6ku90vRytLk4EZBi9/p8+DWODKmQTb3REZBNjgoVQ=
Subject key identifier: 7C:BF:FF:3A:B9:C6:60:27:34:29:D0:50:0E:AE:82:25:AB:07:81:94
Certificate issuer: /CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Certificate serial: 018AB203AD5B4867B27BF440EB47324BD850
Authority key identifier: 7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fL__OrnGYCc0KdBQDq6CJasHgZQ.roa
Signing time: Wed 20 Sep 2023 09:55:00 +0000
ROA not before: Wed 20 Sep 2023 09:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39563
IP address blocks: 185.231.16.0/24 maxlen: 24
185.231.17.0/24 maxlen: 24
185.231.18.0/24 maxlen: 24
185.231.19.0/24 maxlen: 24
185.80.8.0/22 maxlen: 24
85.8.131.0/24 maxlen: 24
2a0c:3900::/29 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:03:ad:5b:48:67:b2:7b:f4:40:eb:47:32:4b:d8:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Validity
Not Before: Sep 20 09:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cbfff3ab9c660273429d0500eae8225ab078194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:6f:b2:7c:5a:95:72:2d:0c:fa:71:c3:14:
75:2f:85:e6:ea:f0:56:e2:30:4f:5e:60:db:8a:98:
e9:6d:cf:6b:2d:55:00:4c:99:b3:8f:c9:c0:23:78:
8d:c0:22:9b:42:2b:02:18:09:e7:ab:98:71:1b:56:
a5:dc:b2:f8:52:56:3e:fd:9d:47:80:70:1f:34:60:
86:5a:ec:fe:88:a7:5d:3a:e1:4a:07:42:84:de:52:
75:6c:ca:8b:9c:b9:ee:48:83:0f:5c:63:3c:23:7c:
6b:1c:f9:35:3b:07:14:1f:49:02:77:36:14:f1:b1:
8d:57:bf:d0:c1:fa:1e:2d:5f:8a:51:96:cf:ec:21:
ac:cd:7f:97:74:16:d3:08:cc:27:48:d2:d4:69:1c:
d8:30:41:a3:55:ce:ea:6f:39:14:6e:40:67:5a:42:
bf:f3:fa:23:90:db:75:de:78:73:d8:41:8f:2d:55:
ce:06:46:6d:ed:7e:38:24:7c:dd:c9:c5:84:fd:5b:
80:62:35:a6:89:1f:6c:df:38:06:88:cc:49:59:2c:
83:e4:fc:8e:c2:c8:ab:81:24:db:07:36:2d:a8:ca:
be:bc:f1:6c:a8:66:d0:cb:5e:04:04:d9:6c:a2:0e:
24:28:b5:14:20:67:43:8c:a5:0d:e8:90:b2:ff:ff:
e8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:BF:FF:3A:B9:C6:60:27:34:29:D0:50:0E:AE:82:25:AB:07:81:94
X509v3 Authority Key Identifier:
keyid:7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fL__OrnGYCc0KdBQDq6CJasHgZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.131.0/24
185.80.8.0/22
185.231.16.0/22
IPv6:
2a0c:3900::/29
Signature Algorithm: sha256WithRSAEncryption
9c:1e:97:c7:13:69:04:ad:84:e9:01:90:1e:13:2a:86:b4:8e:
3a:e2:0a:46:dd:47:a2:a6:d7:0b:4d:3d:bb:77:f9:d0:7f:6f:
d5:c6:0b:a4:b7:82:3f:67:c4:aa:a6:c9:73:a8:11:98:b8:a4:
2d:82:13:6c:27:53:3d:53:e5:3a:f0:1d:bf:c3:fa:61:72:18:
69:5b:ec:6b:90:3c:6c:6f:b0:a8:66:18:df:1a:d5:73:65:fb:
be:a8:d5:93:2e:5c:15:13:80:bd:cb:93:e7:f7:33:30:f7:0a:
d5:f5:20:3a:82:75:8f:8c:f8:3f:14:c3:a8:2f:48:f2:62:df:
d9:db:65:40:72:d6:a2:be:f3:b4:9b:1e:81:06:fa:13:a9:71:
e0:b1:38:96:bd:14:d6:c8:dc:67:f6:6f:1d:8f:3a:33:69:d1:
08:a2:4f:b6:01:a5:1f:2e:ef:e3:f9:cd:cd:74:b3:f9:c7:34:
a2:a1:fe:8b:b3:69:9b:f9:4e:fe:67:9b:4f:be:cd:0e:3e:cd:
5d:10:cb:9b:ea:0a:77:a3:fe:4e:d4:3f:5d:e1:63:1f:05:93:
f9:4a:bf:9f:8b:b1:1f:24:51:60:5a:2c:5a:ef:85:d1:80:ad:
fe:cb:f0:72:fd:0a:47:94:d0:60:fe:81:d1:fb:16:24:99:b5:
c2:6b:52:af
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYqyA61bSGeye/RA60cyS9hQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDgwYmFiNTViZjM0NzMxODhjMjBjNzM2NmE2Y2IwNDRj
NzE5NWMwHhcNMjMwOTIwMDk1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2JmZmYzYWI5YzY2MDI3MzQyOWQwNTAwZWFlODIyNWFiMDc4MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxlvsnxalXItDPpxwxR1L4Xm6vBW
4jBPXmDbipjpbc9rLVUATJmzj8nAI3iNwCKbQisCGAnnq5hxG1al3LL4UlY+/Z1H
gHAfNGCGWuz+iKddOuFKB0KE3lJ1bMqLnLnuSIMPXGM8I3xrHPk1OwcUH0kCdzYU
8bGNV7/QwfoeLV+KUZbP7CGszX+XdBbTCMwnSNLUaRzYMEGjVc7qbzkUbkBnWkK/
8/ojkNt13nhz2EGPLVXOBkZt7X44JHzdycWE/VuAYjWmiR9s3zgGiMxJWSyD5PyO
wsirgSTbBzYtqMq+vPFsqGbQy14EBNlsog4kKLUUIGdDjKUN6JCy///oVQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHy//zq5xmAnNCnQUA6ugiWrB4GUMB8GA1UdIwQY
MBaAFH4IC6tVvzRzGIwgxzZqbLBExxlcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMt
NjMwYmQ3M2NlMjY3LzEvZkxfX09ybkdZQ2MwS2RCUURxNkNKYXNIZ1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMtNjMwYmQ3M2NlMjY3
LzEvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAVQiDAwQC
uVAIAwQCuecQMA0EAgACMAcDBQMqDDkAMA0GCSqGSIb3DQEBCwUAA4IBAQCcHpfH
E2kErYTpAZAeEyqGtI464gpG3UeiptcLTT27d/nQf2/Vxgukt4I/Z8SqpslzqBGY
uKQtghNsJ1M9U+U68B2/w/phchhpW+xrkDxsb7CoZhjfGtVzZfu+qNWTLlwVE4C9
y5Pn9zMw9wrV9SA6gnWPjPg/FMOoL0jyYt/Z22VActaivvO0mx6BBvoTqXHgsTiW
vRTWyNxn9m8djzozadEIok+2AaUfLu/j+c3NdLP5xzSiof6Ls2mb+U7+Z5tPvs0O
Ps1dEMub6gp3o/5O1D9d4WMfBZP5Sr+fi7EfJFFgWixa74XRgK3+y/By/QpHlNBg
/oHR+xYkmbXCa1Kv
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:43 2024 by rpki-client on console-fra.rpki-client.org