Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/FB7OFjAohA6dNpTzOTJIYNrDWOg.roa
File: FB7OFjAohA6dNpTzOTJIYNrDWOg.roa (raw, json)
Hash identifier: 26I7wrZMe1yOHqjR/U+07UVVSAV6Q0C3mAuOdMoY9Qo=
Subject key identifier: 14:1E:CE:16:30:28:84:0E:9D:36:94:F3:39:32:48:60:DA:C3:58:E8
Certificate issuer: /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial: 018CC26D40FC876A2B696B6A7743A52F3964
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/FB7OFjAohA6dNpTzOTJIYNrDWOg.roa
Signing time: Mon 01 Jan 2024 00:29:48 +0000
ROA not before: Mon 01 Jan 2024 00:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.200.53.0/24 maxlen: 24
193.200.56.0/23 maxlen: 23
31.15.120.0/22 maxlen: 22
185.74.172.0/23 maxlen: 23
185.74.175.0/24 maxlen: 24
46.30.128.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 17 Jan 2024 12:55:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:40:fc:87:6a:2b:69:6b:6a:77:43:a5:2f:39:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Validity
Not Before: Jan 1 00:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=141ece163028840e9d3694f339324860dac358e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b7:77:24:9e:27:57:df:9f:d4:09:71:63:f2:
cd:e3:a1:42:6b:9c:33:29:54:84:a6:58:b5:6e:06:
03:1c:7b:ab:02:39:48:21:f9:fe:76:e2:7f:47:c6:
50:2c:30:97:78:1c:9d:d3:91:13:34:69:72:9a:a1:
af:2e:2e:59:70:7e:4e:1f:df:4e:e1:03:b5:96:a7:
35:d7:4a:3f:1c:af:c6:7a:2b:a0:31:2b:b6:d0:48:
07:75:d2:f9:57:0d:1c:a9:32:56:d9:82:75:e1:b3:
98:5f:f6:99:30:86:7a:d0:0f:fd:c7:df:56:1f:37:
b1:51:0d:5b:61:17:e0:c9:99:3f:9d:eb:6e:17:a0:
97:0d:18:60:f3:5c:5f:4d:48:5c:06:18:68:46:7b:
85:dc:4d:f9:59:c3:96:2e:cf:3d:0a:78:88:83:c2:
3b:89:9a:27:d5:d1:a0:98:ea:34:18:9b:c8:9b:5b:
01:b2:fc:07:8c:92:a5:6e:9d:6c:0a:dc:6f:54:b2:
b5:da:84:c4:6a:fc:e4:6b:43:af:d7:f4:a2:a8:2c:
ca:ab:99:f3:44:70:66:24:72:02:0d:30:8c:0d:79:
d0:62:25:b1:75:fc:ec:7f:5f:1c:a1:fa:6c:9b:f7:
34:e9:01:39:3e:77:fa:8d:b1:12:c0:4c:7f:df:40:
ea:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:1E:CE:16:30:28:84:0E:9D:36:94:F3:39:32:48:60:DA:C3:58:E8
X509v3 Authority Key Identifier:
keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/FB7OFjAohA6dNpTzOTJIYNrDWOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.120.0/22
46.30.128.0/23
185.74.172.0/23
185.74.175.0/24
193.200.53.0/24
193.200.56.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:b4:0a:43:21:32:22:ae:5d:3a:8f:b4:1b:14:c8:2d:bf:e1:
b3:ff:f9:7d:37:0d:8a:3b:b5:56:cc:bf:be:2c:82:05:a5:67:
3e:42:06:2e:fb:57:29:bd:21:b3:56:f7:2c:75:34:a8:ab:e2:
34:7e:bd:0e:e1:e0:b0:0e:53:5a:94:6b:36:f1:c3:dd:70:e0:
67:c5:63:fa:17:46:d8:43:3b:ab:fb:8e:3d:21:98:7a:d7:52:
e9:be:60:b1:11:04:74:b7:e5:c5:9a:8b:c1:ee:54:18:d1:90:
10:9c:23:53:67:7a:59:0c:ae:89:8a:c0:f6:2c:53:57:ac:8e:
8f:29:77:0b:36:97:ad:28:5b:0e:58:22:3c:3e:10:b9:ff:83:
90:d2:56:81:d7:7f:78:79:cd:58:4b:95:86:7c:58:82:00:c7:
8b:80:f6:d6:1a:74:7e:86:97:e5:b7:ce:62:86:8f:f4:b0:ea:
9b:7f:33:92:4c:a2:c2:8a:31:86:a7:10:8e:e4:70:21:9a:dc:
4b:18:25:40:b6:05:cf:69:64:cd:9c:8f:f7:ab:3c:4b:5f:9a:
d3:8d:69:0a:39:de:c4:0c:ce:52:45:7f:18:75:02:42:43:43:
a0:e1:46:d7:85:6e:78:8e:56:4c:fe:23:51:70:ec:b8:c3:08:
61:28:38:49
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzCbUD8h2oraWtqd0OlLzlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjQwMTAxMDAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDFlY2UxNjMwMjg4NDBlOWQzNjk0ZjMzOTMyNDg2MGRhYzM1OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbd3JJ4nV9+f1AlxY/LN46FCa5wz
KVSEpli1bgYDHHurAjlIIfn+duJ/R8ZQLDCXeByd05ETNGlymqGvLi5ZcH5OH99O
4QO1lqc110o/HK/GeiugMSu20EgHddL5Vw0cqTJW2YJ14bOYX/aZMIZ60A/9x99W
HzexUQ1bYRfgyZk/netuF6CXDRhg81xfTUhcBhhoRnuF3E35WcOWLs89CniIg8I7
iZon1dGgmOo0GJvIm1sBsvwHjJKlbp1sCtxvVLK12oTEavzka0Ov1/SiqCzKq5nz
RHBmJHICDTCMDXnQYiWxdfzsf18cofpsm/c06QE5Pnf6jbESwEx/30DqiQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBQezhYwKIQOnTaU8zkySGDaw1joMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvRkI3T0ZqQW9oQTZkTnBUek9USklZTnJEV09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHw94AwQB
Lh6AAwQBuUqsAwQAuUqvAwQAwcg1AwQBwcg4MA0GCSqGSIb3DQEBCwUAA4IBAQBb
tApDITIirl06j7QbFMgtv+Gz//l9Nw2KO7VWzL++LIIFpWc+QgYu+1cpvSGzVvcs
dTSoq+I0fr0O4eCwDlNalGs28cPdcOBnxWP6F0bYQzur+449IZh611LpvmCxEQR0
t+XFmovB7lQY0ZAQnCNTZ3pZDK6JisD2LFNXrI6PKXcLNpetKFsOWCI8PhC5/4OQ
0laB1394ec1YS5WGfFiCAMeLgPbWGnR+hpflt85iho/0sOqbfzOSTKLCijGGpxCO
5HAhmtxLGCVAtgXPaWTNnI/3qzxLX5rTjWkKOd7EDM5SRX8YdQJCQ0Og4UbXhW54
jlZM/iNRcOy4wwhhKDhJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:04 2024 by rpki-client on console-ams.rpki-client.org