Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/32wDz0eKoYIlwgVJ3r-9IB--fbg.roa
File: 32wDz0eKoYIlwgVJ3r-9IB--fbg.roa (raw, json)
Hash identifier: 0B2asqjziIaqVtLSv7jyQqs0GRLm5lAkeL8jad7YQms=
Subject key identifier: DF:6C:03:CF:47:8A:A1:82:25:C2:05:49:DE:BF:BD:20:1F:BE:7D:B8
Certificate issuer: /CN=2457027e3a087b65f968b535e415f67432695876
Certificate serial: 01870F0EE39F7DAC55007F6ED0FFFA8BECFA
Authority key identifier: 24:57:02:7E:3A:08:7B:65:F9:68:B5:35:E4:15:F6:74:32:69:58:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFcCfjoIe2X5aLU15BX2dDJpWHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/32wDz0eKoYIlwgVJ3r-9IB--fbg.roa
Signing time: Thu 23 Mar 2023 15:20:46 +0000
ROA not before: Thu 23 Mar 2023 15:20:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20792
IP address blocks: 213.216.0.0/19 maxlen: 19
185.95.192.0/22 maxlen: 22
2a02:13c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0f:0e:e3:9f:7d:ac:55:00:7f:6e:d0:ff:fa:8b:ec:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2457027e3a087b65f968b535e415f67432695876
Validity
Not Before: Mar 23 15:20:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df6c03cf478aa18225c20549debfbd201fbe7db8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:55:d0:0d:65:08:8c:4b:94:04:45:02:33:4e:
6f:d4:3c:e3:e1:65:31:18:39:67:c1:55:e0:a6:a6:
4e:cf:e0:6c:88:e0:a6:51:7f:32:77:ae:5e:52:d8:
bc:d1:e5:52:8e:73:91:14:9b:94:88:67:db:cf:27:
b7:d8:76:a1:a6:5a:02:1a:e8:3f:20:d6:06:f7:de:
a2:47:70:8c:b3:6a:2c:14:76:25:76:44:10:db:5f:
15:58:ff:fa:e1:60:b0:98:ef:29:7f:21:94:a7:74:
a4:27:d6:fe:e4:50:d1:07:eb:16:f7:86:0c:2d:84:
9d:56:11:26:42:22:2a:e5:23:0c:8a:7a:7c:ca:b7:
7c:76:9e:0f:4b:99:5f:bd:27:6d:fa:f9:05:cb:98:
a3:7d:4f:75:87:ec:47:c1:09:56:08:4e:e3:ce:02:
d9:d4:51:55:8b:ca:16:43:1c:6f:55:a9:d3:83:50:
91:39:bd:1a:b2:f4:23:2c:84:bf:39:14:4d:f4:6b:
d8:2e:fe:e9:ed:5d:ee:7d:02:cb:c9:54:57:b5:dd:
17:23:0b:e0:0e:93:ca:4a:59:85:8c:b9:61:2e:98:
17:36:de:7b:5b:b8:f4:fc:4f:97:c2:ce:eb:6f:6b:
c3:3c:bc:d3:52:b0:f9:5d:94:60:e5:03:64:7f:75:
37:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:6C:03:CF:47:8A:A1:82:25:C2:05:49:DE:BF:BD:20:1F:BE:7D:B8
X509v3 Authority Key Identifier:
keyid:24:57:02:7E:3A:08:7B:65:F9:68:B5:35:E4:15:F6:74:32:69:58:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFcCfjoIe2X5aLU15BX2dDJpWHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/32wDz0eKoYIlwgVJ3r-9IB--fbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/JFcCfjoIe2X5aLU15BX2dDJpWHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.192.0/22
213.216.0.0/19
IPv6:
2a02:13c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:6b:2a:1a:00:99:a0:70:49:2c:16:04:44:cd:79:d9:c4:92:
f3:a0:55:ad:39:e4:fd:08:4b:e1:76:dc:cc:c2:01:49:00:a0:
b1:23:77:cb:d0:14:28:21:1d:b1:ad:4e:36:27:f9:ce:21:67:
ca:cf:fd:c3:fc:71:88:13:4b:04:dd:be:47:4d:a5:c4:28:9d:
3b:8d:64:31:5b:13:36:c7:94:34:4a:28:83:e4:3f:13:d9:dc:
bb:2f:f3:34:f0:96:7f:3e:93:6a:d4:87:70:34:28:47:21:49:
fc:c0:d7:dd:bd:54:d9:35:79:ac:79:52:cd:5e:6c:06:2a:ba:
90:0b:4a:2e:52:c2:a2:04:ea:0e:24:b6:d8:9c:d5:d9:bb:ac:
5b:26:3b:56:d6:62:33:59:56:75:bb:c6:49:69:4f:33:33:4d:
0e:6a:79:f9:95:de:1f:83:c2:88:df:f1:ab:f5:e5:ff:e1:38:
51:1b:ce:9f:28:2c:f9:c8:63:0b:df:0a:7b:2b:aa:d9:10:c6:
a8:a7:7c:ce:bc:31:e9:f8:f1:c5:a3:6c:bc:ca:9e:43:df:8e:
65:9c:6e:24:52:04:16:1f:12:24:c4:9e:67:15:ce:2f:2c:cb:
94:f5:94:f9:b7:ec:21:e4:f0:01:02:4d:d9:8b:bf:9d:d0:f8:
64:79:84:30
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcPDuOffaxVAH9u0P/6i+z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTcwMjdlM2EwODdiNjVmOTY4YjUzNWU0MTVmNjc0MzI2
OTU4NzYwHhcNMjMwMzIzMTUyMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjZjMDNjZjQ3OGFhMTgyMjVjMjA1NDlkZWJmYmQyMDFmYmU3ZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1XQDWUIjEuUBEUCM05v1Dzj4WUx
GDlnwVXgpqZOz+BsiOCmUX8yd65eUti80eVSjnORFJuUiGfbzye32HahploCGug/
INYG996iR3CMs2osFHYldkQQ218VWP/64WCwmO8pfyGUp3SkJ9b+5FDRB+sW94YM
LYSdVhEmQiIq5SMMinp8yrd8dp4PS5lfvSdt+vkFy5ijfU91h+xHwQlWCE7jzgLZ
1FFVi8oWQxxvVanTg1CROb0asvQjLIS/ORRN9GvYLv7p7V3ufQLLyVRXtd0XIwvg
DpPKSlmFjLlhLpgXNt57W7j0/E+Xws7rb2vDPLzTUrD5XZRg5QNkf3U3LwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN9sA89HiqGCJcIFSd6/vSAfvn24MB8GA1UdIwQY
MBaAFCRXAn46CHtl+Wi1NeQV9nQyaVh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZjQ2Zqb0llMlg1YUxVMTVCWDJkREpwV0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85NWYzMjAtYzdkMy00MWRkLWIxMjUt
Yjc5ZDA4ZmExNzQ3LzEvMzJ3RHowZUtvWUlsd2dWSjNyLTlJQi0tZmJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85NWYzMjAtYzdkMy00MWRkLWIxMjUtYjc5ZDA4ZmExNzQ3
LzEvSkZjQ2Zqb0llMlg1YUxVMTVCWDJkREpwV0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV/AAwQF
1dgAMA0EAgACMAcDBQAqAhPAMA0GCSqGSIb3DQEBCwUAA4IBAQBaayoaAJmgcEks
FgREzXnZxJLzoFWtOeT9CEvhdtzMwgFJAKCxI3fL0BQoIR2xrU42J/nOIWfKz/3D
/HGIE0sE3b5HTaXEKJ07jWQxWxM2x5Q0SiiD5D8T2dy7L/M08JZ/PpNq1IdwNChH
IUn8wNfdvVTZNXmseVLNXmwGKrqQC0ouUsKiBOoOJLbYnNXZu6xbJjtW1mIzWVZ1
u8ZJaU8zM00Oann5ld4fg8KI3/Gr9eX/4ThRG86fKCz5yGML3wp7K6rZEMaop3zO
vDHp+PHFo2y8yp5D345lnG4kUgQWHxIkxJ5nFc4vLMuU9ZT5t+wh5PABAk3Zi7+d
0PhkeYQw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org