Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/FcRTUyVXTaPXir0dMfvMkQZ44X0.roa
File: FcRTUyVXTaPXir0dMfvMkQZ44X0.roa (raw, json)
Hash identifier: gTDYbaOvThqoqQ7ed62+Q5dc++0QvmZoho/e7DNisQ8=
Subject key identifier: 15:C4:53:53:25:57:4D:A3:D7:8A:BD:1D:31:FB:CC:91:06:78:E1:7D
Certificate issuer: /CN=206f1c32bc0a9006081d552fede67d6842921ec3
Certificate serial: 0191DBF9D3F5E1DC15E3130E3D4AE996076C
Authority key identifier: 20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/FcRTUyVXTaPXir0dMfvMkQZ44X0.roa
Signing time: Tue 10 Sep 2024 12:47:48 +0000
ROA not before: Tue 10 Sep 2024 12:47:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215066
IP address blocks: 188.64.36.0/22 maxlen: 24
194.164.226.0/24 maxlen: 24
194.164.227.0/24 maxlen: 24
194.164.228.0/24 maxlen: 24
194.164.229.0/24 maxlen: 24
195.144.8.0/24 maxlen: 24
2a07:244::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 12 Nov 2024 14:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:f9:d3:f5:e1:dc:15:e3:13:0e:3d:4a:e9:96:07:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=206f1c32bc0a9006081d552fede67d6842921ec3
Validity
Not Before: Sep 10 12:47:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15c4535325574da3d78abd1d31fbcc910678e17d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:df:d5:fd:ac:49:d0:ff:60:ba:0e:d9:73:86:
86:aa:63:a1:40:87:21:84:d9:e3:10:23:6a:84:83:
44:bd:39:b9:d2:21:d7:f4:e5:37:60:61:08:a7:22:
cb:ca:d8:e4:45:5c:b7:9f:00:db:24:98:c1:92:b5:
21:f0:c8:5e:ac:00:ca:88:3c:89:88:0c:8d:e7:39:
f5:09:f9:bf:10:7f:07:32:95:e3:83:95:71:2f:bd:
12:d2:c5:c1:a1:55:ed:b0:62:7e:9c:de:4b:ba:d8:
99:30:4d:75:23:d1:d6:55:a6:71:20:98:29:41:f5:
34:05:6b:95:dc:81:60:3e:d6:b9:51:0a:ef:65:c5:
48:1b:0a:03:81:9f:1f:6d:ec:00:5a:82:3f:b0:d4:
60:c2:2f:68:49:23:72:8d:24:f6:3b:db:8f:c5:0c:
6c:5b:e2:37:32:6a:18:95:d0:bb:54:bd:43:e9:28:
f2:f3:48:90:d7:9b:14:88:c4:77:fc:57:d4:55:f7:
d2:63:bd:6a:79:14:27:ef:e2:3c:92:4a:36:4f:94:
aa:e5:99:58:23:45:49:b2:56:df:96:14:f7:01:f6:
de:e7:92:38:24:71:5f:32:9a:6c:3b:5e:30:d4:98:
f1:87:19:59:9b:8e:a3:a7:8b:67:4a:e3:0d:1a:83:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:C4:53:53:25:57:4D:A3:D7:8A:BD:1D:31:FB:CC:91:06:78:E1:7D
X509v3 Authority Key Identifier:
keyid:20:6F:1C:32:BC:0A:90:06:08:1D:55:2F:ED:E6:7D:68:42:92:1E:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/FcRTUyVXTaPXir0dMfvMkQZ44X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a91884-6f58-4ddd-8932-bba860b26c02/1/IG8cMrwKkAYIHVUv7eZ9aEKSHsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.36.0/22
194.164.226.0-194.164.229.255
195.144.8.0/24
IPv6:
2a07:244::/32
Signature Algorithm: sha256WithRSAEncryption
af:30:a8:3f:21:2a:fa:19:1b:cb:23:be:cc:8f:ca:50:39:75:
f6:52:c8:e2:a0:85:5b:78:a2:66:cb:d0:c3:12:fc:e8:50:a2:
aa:aa:32:b0:02:f1:41:b7:f0:c5:7f:67:15:03:3e:f0:ed:76:
e1:44:b6:13:61:d7:c3:1f:51:b4:df:e1:09:6b:a7:e5:b6:74:
27:4d:75:40:2f:59:3c:eb:53:69:4a:ea:32:34:29:a7:3d:bf:
91:31:81:77:ef:54:96:8f:68:55:68:e7:a9:3a:53:2f:6f:2d:
c1:d0:58:e6:cb:ee:50:de:02:9b:69:6a:0f:eb:a4:ec:60:06:
9e:6e:ed:c8:13:b5:e9:92:8f:cc:d0:be:58:bd:40:70:b8:6a:
5b:df:63:0d:f8:d3:18:46:5c:c4:ae:64:09:21:6b:34:04:81:
c5:29:fe:9b:d2:2f:6b:85:ea:ce:1e:1b:db:7c:f1:71:e2:27:
f5:7a:4b:3a:95:9f:7c:b7:4d:a6:a9:86:d1:83:e1:61:24:f7:
d5:e9:af:ad:d3:27:ad:91:f5:6c:d1:c5:b9:34:31:07:30:e1:
6e:9a:97:20:c4:34:03:30:4e:d0:84:ed:6c:b8:2d:29:98:83:
0f:2c:1d:d7:22:78:39:00:a3:63:eb:d3:68:05:74:7e:f3:a7:
b1:32:cd:67
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZHb+dP14dwV4xMOPUrplgdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwNmYxYzMyYmMwYTkwMDYwODFkNTUyZmVkZTY3ZDY4NDI5
MjFlYzMwHhcNMjQwOTEwMTI0NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWM0NTM1MzI1NTc0ZGEzZDc4YWJkMWQzMWZiY2M5MTA2NzhlMTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoN/V/axJ0P9gug7Zc4aGqmOhQIch
hNnjECNqhINEvTm50iHX9OU3YGEIpyLLytjkRVy3nwDbJJjBkrUh8MherADKiDyJ
iAyN5zn1Cfm/EH8HMpXjg5VxL70S0sXBoVXtsGJ+nN5LutiZME11I9HWVaZxIJgp
QfU0BWuV3IFgPta5UQrvZcVIGwoDgZ8fbewAWoI/sNRgwi9oSSNyjST2O9uPxQxs
W+I3MmoYldC7VL1D6Sjy80iQ15sUiMR3/FfUVffSY71qeRQn7+I8kko2T5Sq5ZlY
I0VJslbflhT3Afbe55I4JHFfMppsO14w1JjxhxlZm46jp4tnSuMNGoPzRQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBXEU1MlV02j14q9HTH7zJEGeOF9MB8GA1UdIwQY
MBaAFCBvHDK8CpAGCB1VL+3mfWhCkh7DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzIt
YmJhODYwYjI2YzAyLzEvRmNSVFV5VlhUYVBYaXIwZE1mdk1rUVo0NFgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hOTE4ODQtNmY1OC00ZGRkLTg5MzItYmJhODYwYjI2YzAy
LzEvSUc4Y01yd0trQVlJSFZVdjdlWjlhRUtTSHNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCvEAkMAwD
BAHCpOIDBAHCpOQDBADDkAgwDQQCAAIwBwMFACoHAkQwDQYJKoZIhvcNAQELBQAD
ggEBAK8wqD8hKvoZG8sjvsyPylA5dfZSyOKghVt4ombL0MMS/OhQoqqqMrAC8UG3
8MV/ZxUDPvDtduFEthNh18MfUbTf4Qlrp+W2dCdNdUAvWTzrU2lK6jI0Kac9v5Ex
gXfvVJaPaFVo56k6Uy9vLcHQWObL7lDeAptpag/rpOxgBp5u7cgTtemSj8zQvli9
QHC4alvfYw340xhGXMSuZAkhazQEgcUp/pvSL2uF6s4eG9t88XHiJ/V6SzqVn3y3
TaaphtGD4WEk99Xpr63TJ62R9WzRxbk0MQcw4W6alyDENAMwTtCE7Wy4LSmYgw8s
HdcieDkAo2Pr02gFdH7zp7EyzWc=
-----END CERTIFICATE-----
Generated at Tue Nov 12 18:29:14 2024 by rpki-client on console-fra.rpki-client.org