Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fjY8q1JWrkNhQuuIkmuZqyMac5c.roa
File: fjY8q1JWrkNhQuuIkmuZqyMac5c.roa (raw, json)
Hash identifier: 3bnw1IhtKWQ2qEAlV2lSXtJH8GzuTVekJZtnDPc1txI=
Subject key identifier: 7E:36:3C:AB:52:56:AE:43:61:42:EB:88:92:6B:99:AB:23:1A:73:97
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B49C34D7050E0E65713D810059092
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fjY8q1JWrkNhQuuIkmuZqyMac5c.roa
Signing time: Tue 02 Jan 2024 12:34:43 +0000
ROA not before: Tue 02 Jan 2024 12:34:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: Failed, certificate revoked on Thu 19 Sep 2024 03:52:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:49:c3:4d:70:50:e0:e6:57:13:d8:10:05:90:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e363cab5256ae436142eb88926b99ab231a7397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a2:ae:7a:9d:5b:f1:74:32:01:04:49:28:a7:
87:fa:34:6d:f3:1f:1d:6b:d3:6c:27:2f:5b:8b:78:
ba:e0:38:e0:54:e0:65:fa:86:1e:46:19:5b:9d:e4:
10:a4:7f:fd:f7:68:ad:43:25:f8:12:3f:31:aa:25:
74:06:95:a8:47:7f:d6:8a:bf:03:37:55:4f:e6:74:
c6:c0:93:b3:2b:18:ca:e3:6e:11:20:62:89:e6:f5:
e9:2f:7b:f8:13:e4:89:e1:eb:ff:ec:05:83:7a:aa:
07:37:44:b6:d3:a6:16:21:2c:46:aa:fe:9a:34:b6:
0b:d9:3f:bc:da:70:db:0f:80:17:6e:75:3c:f6:5a:
39:29:f7:ec:73:64:3b:3c:ba:09:5d:cb:4a:e1:42:
6c:01:00:88:3d:a5:c5:f1:15:b6:21:80:b6:df:b6:
70:aa:f1:fc:79:e0:19:bb:e1:53:fc:92:98:f8:29:
99:6a:f3:a5:e8:bb:d5:a9:e1:e0:2f:98:58:80:39:
c4:3f:0b:a5:57:53:80:bb:f4:f3:03:cc:d3:dc:1d:
2e:08:17:a3:b1:49:29:7e:84:53:11:ff:c6:ea:7c:
d1:d9:22:df:ee:e4:5d:55:78:6a:09:6f:16:de:c4:
13:31:46:84:79:9c:79:e6:89:19:73:33:db:60:57:
f4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:36:3C:AB:52:56:AE:43:61:42:EB:88:92:6B:99:AB:23:1A:73:97
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/fjY8q1JWrkNhQuuIkmuZqyMac5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
98:5d:d3:0c:b3:07:1f:67:8b:a1:f2:2f:e2:81:60:c3:b1:34:
79:36:38:28:6c:5a:8b:dc:81:80:1c:d0:0b:33:ce:51:4c:3a:
c6:7c:77:ba:ba:09:42:3d:5f:52:21:98:37:20:e4:84:91:eb:
cf:9f:17:83:51:9c:7b:78:7c:20:a0:d3:11:f6:47:57:f5:dc:
5b:e5:5f:62:65:df:76:55:1f:fe:17:25:fc:bc:96:64:29:ea:
9b:b1:8b:4b:25:6c:62:f6:65:79:a5:c5:43:23:63:93:55:ce:
6d:71:46:7b:ec:31:3a:47:9f:f7:3a:96:9f:58:47:0f:d7:cb:
b1:8c:48:a1:df:9b:f0:1d:ea:f7:7a:74:0a:6c:b6:53:5d:1c:
4e:43:d2:51:4b:ae:ab:0a:c8:31:ab:ab:14:ec:7d:14:c9:0d:
35:3e:62:27:5b:dd:4c:24:21:3b:16:91:27:f1:2b:a9:04:9c:
b4:64:f1:12:14:bb:7d:15:8d:2d:0c:cc:c2:e6:96:35:43:59:
ab:94:d5:5a:ba:76:01:df:23:8d:3a:aa:c7:89:aa:ed:81:1e:
52:4d:fc:45:79:76:33:2f:3c:ef:09:52:47:79:52:fe:7e:d5:
1e:cf:26:3a:28:6b:cf:20:5d:6a:bd:56:37:66:a0:05:d6:fc:
8b:11:5e:43
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKK0nDTXBQ4OZXE9gQBZCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTM2M2NhYjUyNTZhZTQzNjE0MmViODg5MjZiOTlhYjIzMWE3Mzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqKuep1b8XQyAQRJKKeH+jRt8x8d
a9NsJy9bi3i64DjgVOBl+oYeRhlbneQQpH/992itQyX4Ej8xqiV0BpWoR3/Wir8D
N1VP5nTGwJOzKxjK424RIGKJ5vXpL3v4E+SJ4ev/7AWDeqoHN0S206YWISxGqv6a
NLYL2T+82nDbD4AXbnU89lo5Kffsc2Q7PLoJXctK4UJsAQCIPaXF8RW2IYC237Zw
qvH8eeAZu+FT/JKY+CmZavOl6LvVqeHgL5hYgDnEPwulV1OAu/TzA8zT3B0uCBej
sUkpfoRTEf/G6nzR2SLf7uRdVXhqCW8W3sQTMUaEeZx55okZczPbYFf01wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFH42PKtSVq5DYULriJJrmasjGnOXMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvZmpZOHExSldya05oUXV1SWttdVpxeU1hYzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYVJAwQA
wpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAJhd0wyzBx9n
i6HyL+KBYMOxNHk2OChsWovcgYAc0AszzlFMOsZ8d7q6CUI9X1IhmDcg5ISR68+f
F4NRnHt4fCCg0xH2R1f13FvlX2Jl33ZVH/4XJfy8lmQp6puxi0slbGL2ZXmlxUMj
Y5NVzm1xRnvsMTpHn/c6lp9YRw/Xy7GMSKHfm/Ad6vd6dApstlNdHE5D0lFLrqsK
yDGrqxTsfRTJDTU+Yidb3UwkITsWkSfxK6kEnLRk8RIUu30VjS0MzMLmljVDWauU
1Vq6dgHfI406qseJqu2BHlJN/EV5djMvPO8JUkd5Uv5+1R7PJjooa88gXWq9Vjdm
oAXW/IsRXkM=
-----END CERTIFICATE-----
Generated at Thu Sep 19 07:47:40 2024 by rpki-client on console-fra.rpki-client.org