Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/fnAjUyu8mnwgfhpkJVh6JZ_Dbn0.roa
File: fnAjUyu8mnwgfhpkJVh6JZ_Dbn0.roa (raw, json)
Hash identifier: YJM2GOPADMwkY3QPhRXWUCG7QXkKPD+qEuXE50oUfnA=
Subject key identifier: 7E:70:23:53:2B:BC:9A:7C:20:7E:1A:64:25:58:7A:25:9F:C3:6E:7D
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 018CC3494BEFF8CF07B1357C69B2F7968A2F
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/fnAjUyu8mnwgfhpkJVh6JZ_Dbn0.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jan 2024 13:23:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4b:ef:f8:cf:07:b1:35:7c:69:b2:f7:96:8a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e7023532bbc9a7c207e1a6425587a259fc36e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:0f:7a:3d:a2:31:a5:78:da:73:46:3d:b3:a1:
3d:0a:43:e8:c0:6d:d9:b2:47:3b:82:f3:14:42:f1:
48:81:7b:2a:ba:38:1d:bf:59:e7:93:9a:af:0e:76:
f7:23:4e:a3:d5:55:8a:83:c8:4e:cd:24:3b:c8:36:
6e:51:82:ec:7a:de:50:69:1e:69:89:46:12:f2:ff:
a0:d3:06:2f:59:e5:37:ea:06:fc:40:f5:90:4d:b6:
e5:7c:1a:83:6f:de:3e:11:53:99:32:0a:35:91:b3:
9b:a0:d4:2e:c0:58:12:9c:1d:a9:a6:0d:c3:6d:d1:
cf:d6:08:eb:01:34:49:09:94:67:67:76:27:74:a8:
21:f3:9b:ae:bd:b8:f6:08:b5:da:bc:64:75:1f:27:
cb:ea:0b:09:83:c6:98:0c:ac:12:03:6d:88:61:9f:
4e:a8:0e:97:ce:f7:f6:3d:72:a1:ee:22:f0:52:ff:
06:dc:a9:a1:99:d5:b6:74:90:cf:dc:f9:0e:8e:1b:
6e:a5:1b:2c:54:1a:94:92:68:85:d7:a2:f5:ff:f4:
86:be:e4:ec:01:e1:ac:40:96:cc:c2:3f:9e:52:e9:
01:3d:d0:43:f4:05:16:eb:cd:9c:ea:5e:ce:53:b4:
46:ff:f2:5e:35:32:5e:0d:f7:85:c0:c1:cf:0a:cc:
8d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:70:23:53:2B:BC:9A:7C:20:7E:1A:64:25:58:7A:25:9F:C3:6E:7D
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/fnAjUyu8mnwgfhpkJVh6JZ_Dbn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9b:25:25:2e:39:7f:9d:8e:63:d4:45:9d:ed:63:82:f4:90:39:
25:d8:73:da:42:4d:5d:72:4d:5a:4e:5a:bc:73:a7:d0:bf:da:
bd:a0:df:bb:2e:80:bd:f7:92:62:af:b8:c2:fb:c7:38:9d:c9:
cb:67:cc:ba:91:81:a0:0a:e1:f6:d4:b9:4d:e8:42:ec:19:7d:
92:c1:fc:d8:b2:20:90:d3:68:46:07:67:b6:03:7b:cf:53:1c:
b0:26:c4:bd:5e:0a:ea:22:d2:45:54:ca:db:31:1d:95:8a:18:
2e:b3:c7:f1:54:d9:85:98:c4:e7:96:08:f5:1f:9b:de:0b:76:
ea:73:27:01:13:ad:4b:af:be:7d:7b:d8:8b:21:a8:06:c6:38:
ec:83:06:8f:45:0b:ab:65:24:4d:8b:e4:a1:39:05:99:c4:dc:
45:39:1e:bc:9d:33:5e:2e:91:f1:2a:63:b2:9c:b2:2c:5b:1b:
c3:80:c3:f4:1b:7e:36:a7:c2:dc:4c:9a:58:7b:fa:f8:ab:01:
0d:66:c6:5b:35:d9:de:a1:f0:af:69:af:7c:2b:e3:ec:b4:0b:
3b:72:d7:5b:4f:0e:05:5a:5f:39:98:17:2d:f6:41:93:d7:07:
ca:88:44:82:26:7f:02:93:b7:e9:b0:79:f8:a4:e5:34:af:e6:
95:a1:76:13
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDSUvv+M8HsTV8abL3loovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTcwMjM1MzJiYmM5YTdjMjA3ZTFhNjQyNTU4N2EyNTlmYzM2ZTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6A96PaIxpXjac0Y9s6E9CkPowG3Z
skc7gvMUQvFIgXsqujgdv1nnk5qvDnb3I06j1VWKg8hOzSQ7yDZuUYLset5QaR5p
iUYS8v+g0wYvWeU36gb8QPWQTbblfBqDb94+EVOZMgo1kbOboNQuwFgSnB2ppg3D
bdHP1gjrATRJCZRnZ3YndKgh85uuvbj2CLXavGR1HyfL6gsJg8aYDKwSA22IYZ9O
qA6Xzvf2PXKh7iLwUv8G3KmhmdW2dJDP3PkOjhtupRssVBqUkmiF16L1//SGvuTs
AeGsQJbMwj+eUukBPdBD9AUW682c6l7OU7RG//JeNTJeDfeFwMHPCsyNXwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFH5wI1MrvJp8IH4aZCVYeiWfw259MB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvZm5BalV5dThtbndnZmhwa0pWaDZKWl9EYm4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuYEQMBgE
AgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEBAJslJS45
f52OY9RFne1jgvSQOSXYc9pCTV1yTVpOWrxzp9C/2r2g37sugL33kmKvuML7xzid
yctnzLqRgaAK4fbUuU3oQuwZfZLB/NiyIJDTaEYHZ7YDe89THLAmxL1eCuoi0kVU
ytsxHZWKGC6zx/FU2YWYxOeWCPUfm94LdupzJwETrUuvvn172IshqAbGOOyDBo9F
C6tlJE2L5KE5BZnE3EU5HrydM14ukfEqY7KcsixbG8OAw/QbfjanwtxMmlh7+vir
AQ1mxls12d6h8K9pr3wr4+y0Czty11tPDgVaXzmYFy32QZPXB8qIRIImfwKTt+mw
efik5TSv5pWhdhM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org