Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/fwXkk4716SeTbt3cyL_9SyV_VG8.roa
File: fwXkk4716SeTbt3cyL_9SyV_VG8.roa (raw, json)
Hash identifier: 2DPz21EjlWLR9nm/jJRpm2S6//MNJtY42k+EX9skobw=
Subject key identifier: 7F:05:E4:93:8E:F5:E9:27:93:6E:DD:DC:C8:BF:FD:4B:25:7F:54:6F
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 01867E177466CA7ACF712A6130DC30864220
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/fwXkk4716SeTbt3cyL_9SyV_VG8.roa
Signing time: Thu 23 Feb 2023 11:45:11 +0000
ROA not before: Thu 23 Feb 2023 11:45:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15924
IP address blocks: 195.177.230.0/24 maxlen: 24
195.177.231.0/24 maxlen: 24
195.178.104.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 28 Feb 2023 18:19:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:7e:17:74:66:ca:7a:cf:71:2a:61:30:dc:30:86:42:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Feb 23 11:45:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f05e4938ef5e927936edddcc8bffd4b257f546f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:51:1a:64:9f:85:e6:89:60:d4:a7:ce:3c:c6:
b0:93:92:12:50:5b:1e:a5:a0:3d:2e:1a:26:7f:66:
ab:79:59:4c:e7:d0:8a:68:b5:04:d2:7a:f2:f7:f3:
cf:41:41:e2:42:fb:8c:df:de:b8:d7:d3:84:00:30:
cd:b3:45:49:7f:11:96:a1:63:12:11:8d:ad:04:d5:
82:35:76:8b:be:f2:60:ca:ea:2b:d9:b6:16:fe:31:
f0:13:ed:57:a6:8c:64:89:f6:4c:8c:4e:07:52:96:
8f:97:70:9f:da:31:16:0c:2e:31:67:40:a2:91:d1:
69:44:05:ca:b3:2f:5f:1c:ac:06:21:78:94:0b:1e:
1b:3d:fc:b1:38:eb:be:57:94:4a:64:23:37:0a:16:
a6:f3:2e:16:0c:5b:fb:97:79:d8:22:2e:af:dd:33:
65:df:20:74:db:81:21:b1:74:ab:d4:d1:33:d2:1a:
34:09:87:38:4d:9d:de:ae:95:9f:e4:e4:52:b2:49:
29:81:30:da:57:21:e8:62:8d:6c:22:c2:51:39:92:
ed:4e:b8:75:4d:37:dd:d0:c4:bb:e9:c1:0b:a2:50:
63:83:84:f2:8c:38:86:5e:cc:6f:16:93:09:66:53:
aa:c6:34:bc:ad:0c:5a:ed:b6:14:d0:65:33:d7:98:
a9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:05:E4:93:8E:F5:E9:27:93:6E:DD:DC:C8:BF:FD:4B:25:7F:54:6F
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/fwXkk4716SeTbt3cyL_9SyV_VG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.230.0/23
195.178.104.0/23
Signature Algorithm: sha256WithRSAEncryption
70:06:90:33:19:67:40:87:14:49:51:fd:ae:ec:89:62:fb:5b:
32:f1:50:9f:0c:8f:6e:ff:3b:15:85:7a:b2:52:d3:b7:9a:45:
0f:39:17:79:1d:6a:d8:96:3b:08:0e:08:13:d2:1c:c9:6a:4f:
61:4f:66:d4:cd:f9:5c:8a:53:a3:2e:a2:d1:87:6a:4f:ad:ca:
05:29:35:96:6c:7c:9a:6e:38:44:9d:e6:8e:97:29:85:5c:a4:
8d:6a:f5:6f:94:4f:96:ef:66:62:9c:95:bd:64:f2:18:51:d0:
d5:ba:b1:d8:cd:20:98:d6:c8:8f:1d:6e:d6:66:fe:67:db:ce:
2b:49:28:31:fb:92:94:69:fc:6a:1d:cc:12:12:31:62:85:d3:
3d:fb:0e:be:7c:76:16:80:ae:fd:b0:b7:32:7c:06:c4:45:be:
da:f5:c7:bf:c5:ed:58:85:19:1e:44:3c:2b:40:80:bc:e2:05:
4a:50:7d:bf:4f:cb:fc:b0:23:ac:5f:ee:e8:33:f7:f4:5e:59:
06:bb:62:ad:3c:ba:6c:c3:c9:e2:07:47:48:91:9a:37:0f:a1:
4d:86:8c:2b:12:58:cf:9d:3b:70:56:28:3c:17:d3:f4:73:f7:
d1:c0:4d:e5:36:92:96:09:71:25:b1:28:24:ef:c0:cd:65:b7:
0d:29:45:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZ+F3RmynrPcSphMNwwhkIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjMwMjIzMTE0NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjA1ZTQ5MzhlZjVlOTI3OTM2ZWRkZGNjOGJmZmQ0YjI1N2Y1NDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFEaZJ+F5olg1KfOPMawk5ISUFse
paA9Lhomf2areVlM59CKaLUE0nry9/PPQUHiQvuM396419OEADDNs0VJfxGWoWMS
EY2tBNWCNXaLvvJgyuor2bYW/jHwE+1XpoxkifZMjE4HUpaPl3Cf2jEWDC4xZ0Ci
kdFpRAXKsy9fHKwGIXiUCx4bPfyxOOu+V5RKZCM3Cham8y4WDFv7l3nYIi6v3TNl
3yB024EhsXSr1NEz0ho0CYc4TZ3erpWf5ORSskkpgTDaVyHoYo1sIsJROZLtTrh1
TTfd0MS76cELolBjg4TyjDiGXsxvFpMJZlOqxjS8rQxa7bYU0GUz15ipxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH8F5JOO9eknk27d3Mi//Uslf1RvMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvZndYa2s0NzE2U2VUYnQzY3lMXzlTeVZfVkc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw7HmAwQB
w7JoMA0GCSqGSIb3DQEBCwUAA4IBAQBwBpAzGWdAhxRJUf2u7Ili+1sy8VCfDI9u
/zsVhXqyUtO3mkUPORd5HWrYljsIDggT0hzJak9hT2bUzflcilOjLqLRh2pPrcoF
KTWWbHyabjhEneaOlymFXKSNavVvlE+W72ZinJW9ZPIYUdDVurHYzSCY1siPHW7W
Zv5n284rSSgx+5KUafxqHcwSEjFihdM9+w6+fHYWgK79sLcyfAbERb7a9ce/xe1Y
hRkeRDwrQIC84gVKUH2/T8v8sCOsX+7oM/f0XlkGu2KtPLpsw8niB0dIkZo3D6FN
howrEljPnTtwVig8F9P0c/fRwE3lNpKWCXElsSgk78DNZbcNKUVM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org