Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/FbA-igpIe1YdKsnfKykhtp8eLUM.roa
File: FbA-igpIe1YdKsnfKykhtp8eLUM.roa (raw, json)
Hash identifier: q0HzAK3ot7dOQ/z4E1oHcTXijJAGMwIQxX+CsM1CZME=
Subject key identifier: 15:B0:3E:8A:0A:48:7B:56:1D:2A:C9:DF:2B:29:21:B6:9F:1E:2D:43
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018D7DD34B7D93971185819CA6880DFA6CC1
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/FbA-igpIe1YdKsnfKykhtp8eLUM.roa
Signing time: Tue 06 Feb 2024 09:50:15 +0000
ROA not before: Tue 06 Feb 2024 09:50:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47376
IP address blocks: 85.9.86.0/23 maxlen: 23
85.9.116.0/22 maxlen: 22
185.131.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Jun 2024 12:18:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:d3:4b:7d:93:97:11:85:81:9c:a6:88:0d:fa:6c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Feb 6 09:50:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15b03e8a0a487b561d2ac9df2b2921b69f1e2d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e6:86:58:36:8c:08:57:c7:ff:fa:93:00:e2:
6f:4a:26:07:30:c7:75:dd:3d:cc:2c:58:92:51:14:
c2:eb:da:77:bd:02:7a:f7:96:b5:3b:2f:5b:33:0e:
a9:25:63:af:4b:5c:85:6e:09:f5:a2:99:60:07:58:
d0:aa:54:a9:45:fb:0e:c6:59:cb:28:b3:82:7f:cc:
d9:93:53:4f:26:2d:b5:0f:3d:99:18:15:5c:e4:26:
f2:2c:46:03:b1:31:95:54:77:13:e6:15:9c:19:30:
93:97:13:dd:de:b5:54:eb:6f:10:01:bd:e0:12:f3:
37:58:81:5e:1c:d8:6d:23:da:20:39:48:d6:69:67:
ac:80:1d:e6:a1:13:15:0f:ec:76:0c:f1:d1:df:3a:
0d:2d:d0:df:4b:01:b1:57:67:ee:05:9c:5d:20:38:
1d:91:05:bd:49:0a:89:87:d9:9a:02:d1:91:fc:93:
17:03:04:f7:9b:f4:2f:1f:84:2f:57:07:4d:ef:67:
8c:37:5e:ca:e9:f7:c9:49:76:82:a7:c8:0c:d4:74:
20:51:26:a9:78:9a:8a:a8:4e:c6:91:17:6c:bd:8b:
5c:0b:c5:a2:ff:95:fa:5c:21:15:b4:06:47:4c:de:
95:62:34:0b:78:e0:73:7f:8e:46:0f:76:13:4e:76:
83:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B0:3E:8A:0A:48:7B:56:1D:2A:C9:DF:2B:29:21:B6:9F:1E:2D:43
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/FbA-igpIe1YdKsnfKykhtp8eLUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.86.0/23
85.9.116.0/22
185.131.29.0/24
Signature Algorithm: sha256WithRSAEncryption
53:63:2d:6a:6f:48:20:00:ed:0d:5f:12:7a:27:a7:21:eb:63:
b5:41:a5:08:19:fa:e4:c9:2f:b2:a3:b0:17:e3:49:93:f0:84:
a0:d6:20:cb:e9:cf:0b:13:64:44:f3:6f:bb:10:12:c9:a7:47:
01:03:e6:fe:de:fd:b1:65:97:e9:19:0a:99:a7:dc:50:bb:e3:
65:55:b5:6e:fb:a0:ab:a0:93:90:5b:a0:5e:3f:29:b8:bc:1b:
0f:6d:3a:f1:50:20:5b:3b:c6:c7:72:61:c4:4b:96:a4:58:f3:
3e:a8:29:e9:af:02:5b:31:9f:80:d4:1e:c7:82:8f:49:b8:8c:
0d:6a:88:e8:a2:15:08:05:f9:8d:c2:f8:60:4d:0d:03:24:bb:
79:69:66:b2:03:53:3c:84:c9:37:52:59:49:f5:18:95:26:34:
67:1e:d9:87:24:ac:31:25:2d:00:ad:88:e7:c1:60:91:9c:56:
5c:ed:f4:aa:17:30:7e:14:a1:0c:c1:27:dc:3c:60:5a:6a:77:
5d:8e:d4:69:72:e2:8f:65:61:d5:a5:97:51:d4:a4:ba:bd:5a:
71:59:d4:af:15:21:43:a9:59:14:1d:07:9a:26:f2:6b:33:f0:
11:59:36:37:7a:fb:f0:70:84:7c:eb:cb:a3:de:90:d6:d7:62:
2e:1c:d0:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1900t9k5cRhYGcpogN+mzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjQwMjA2MDk1MDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWIwM2U4YTBhNDg3YjU2MWQyYWM5ZGYyYjI5MjFiNjlmMWUyZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeaGWDaMCFfH//qTAOJvSiYHMMd1
3T3MLFiSURTC69p3vQJ695a1Oy9bMw6pJWOvS1yFbgn1oplgB1jQqlSpRfsOxlnL
KLOCf8zZk1NPJi21Dz2ZGBVc5CbyLEYDsTGVVHcT5hWcGTCTlxPd3rVU628QAb3g
EvM3WIFeHNhtI9ogOUjWaWesgB3moRMVD+x2DPHR3zoNLdDfSwGxV2fuBZxdIDgd
kQW9SQqJh9maAtGR/JMXAwT3m/QvH4QvVwdN72eMN17K6ffJSXaCp8gM1HQgUSap
eJqKqE7GkRdsvYtcC8Wi/5X6XCEVtAZHTN6VYjQLeOBzf45GD3YTTnaDqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBWwPooKSHtWHSrJ3yspIbafHi1DMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvRmJBLWlncEllMVlkS3NuZkt5a2h0cDhlTFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVQlWAwQC
VQl0AwQAuYMdMA0GCSqGSIb3DQEBCwUAA4IBAQBTYy1qb0ggAO0NXxJ6J6ch62O1
QaUIGfrkyS+yo7AX40mT8ISg1iDL6c8LE2RE82+7EBLJp0cBA+b+3v2xZZfpGQqZ
p9xQu+NlVbVu+6CroJOQW6BePym4vBsPbTrxUCBbO8bHcmHES5akWPM+qCnprwJb
MZ+A1B7Hgo9JuIwNaojoohUIBfmNwvhgTQ0DJLt5aWayA1M8hMk3UllJ9RiVJjRn
HtmHJKwxJS0ArYjnwWCRnFZc7fSqFzB+FKEMwSfcPGBaanddjtRpcuKPZWHVpZdR
1KS6vVpxWdSvFSFDqVkUHQeaJvJrM/ARWTY3evvwcIR868uj3pDW12IuHNBn
-----END CERTIFICATE-----
Generated at Sat Jun 22 13:19:41 2024 by rpki-client on console-ams.rpki-client.org