Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fkjrZZuMTFTfuuZEgCfmT7s-Y2E.roa
File: fkjrZZuMTFTfuuZEgCfmT7s-Y2E.roa (raw, json)
Hash identifier: Hp51vRSpg93tPgrKtdId6YC/bnQbbHr9uHz8s2+FFsM=
Subject key identifier: 7E:48:EB:65:9B:8C:4C:54:DF:BA:E6:44:80:27:E6:4F:BB:3E:63:61
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018F162B143A5CC1371A28D2B1C4557F8EE8
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fkjrZZuMTFTfuuZEgCfmT7s-Y2E.roa
Signing time: Thu 25 Apr 2024 16:51:13 +0000
ROA not before: Thu 25 Apr 2024 16:51:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147291
IP address blocks: 93.115.36.0/24 maxlen: 24
93.119.193.0/24 maxlen: 24
176.126.204.0/24 maxlen: 24
188.241.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 May 2024 21:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:16:2b:14:3a:5c:c1:37:1a:28:d2:b1:c4:55:7f:8e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Apr 25 16:51:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e48eb659b8c4c54dfbae6448027e64fbb3e6361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ec:d6:bc:b9:d6:0f:26:41:65:05:fa:06:c3:
0b:ae:4f:b7:7f:07:2c:16:4d:ce:cc:0b:3a:a1:1f:
f8:2a:29:22:2d:e1:d0:8b:17:0c:8d:08:1a:ab:39:
d2:0a:a3:b2:a7:2e:e4:cb:3c:26:13:0f:ca:fd:24:
a1:b7:65:e9:c5:15:14:c9:19:55:08:1c:83:8a:4e:
7e:54:fa:e4:1d:e0:ce:00:38:f7:a3:73:e9:3e:34:
86:a1:92:4e:02:05:bf:45:2c:5e:b3:72:26:f9:2d:
4f:5e:f8:bf:92:bd:c4:9c:c3:33:83:c9:7e:cc:09:
f5:3e:18:32:3d:f4:55:37:d4:c7:65:10:9d:b7:f9:
3b:02:fd:05:20:59:cb:4e:3f:f0:68:bb:1b:d3:88:
61:98:9b:e8:fa:87:14:71:61:d0:83:9f:e9:cf:96:
f6:f2:0c:47:09:c6:d6:4b:e5:9d:f2:4d:f6:8a:79:
3a:5e:9b:7a:bd:e9:60:a2:32:34:cf:ad:96:74:b7:
0c:89:d0:5c:f3:08:5c:d1:f3:f8:52:87:4c:d8:d8:
df:32:55:d8:0b:20:0b:d5:12:a1:58:44:27:16:02:
90:02:a4:58:cf:44:8f:7e:3a:03:15:e6:65:76:b0:
d9:76:06:45:c1:f7:93:cd:7a:89:6e:5b:47:76:b4:
9a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:48:EB:65:9B:8C:4C:54:DF:BA:E6:44:80:27:E6:4F:BB:3E:63:61
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/fkjrZZuMTFTfuuZEgCfmT7s-Y2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.115.36.0/24
93.119.193.0/24
176.126.204.0/24
188.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:5e:fd:d6:43:8b:20:8a:42:68:34:fb:22:a9:46:ce:60:26:
bb:83:1d:03:e9:dd:5c:9a:74:3d:a5:cf:5f:79:4b:60:75:69:
33:b7:c7:74:9e:f3:7d:d0:81:b2:05:6b:dd:fa:c7:2e:aa:1e:
ac:29:0b:f5:aa:fa:30:ff:06:e0:68:8e:75:6f:b6:d4:ef:5c:
8a:bc:aa:ac:d9:a9:93:1c:68:15:c9:ce:25:a6:d1:6c:8d:77:
98:47:73:80:94:8b:42:ee:d8:00:e3:d8:8b:d8:8a:08:7d:20:
cb:dd:68:a8:1b:fa:2c:bc:87:f6:f2:40:d7:0f:0c:e8:a7:ad:
49:46:ce:70:09:b3:2b:02:6f:c5:ed:c5:cb:ef:63:8c:b6:58:
28:1b:0f:58:2f:6a:33:01:cb:5a:13:e2:66:a6:dc:0a:55:b6:
03:6c:8b:62:bf:0c:87:ef:a0:cf:a6:b8:54:0a:b8:cd:cd:a1:
59:6f:90:34:8c:53:4c:b9:26:58:2a:2b:cc:c4:db:f3:97:86:
e2:4f:ee:bb:0f:3b:b0:a3:d1:d1:22:69:86:e5:b9:df:a4:cd:
f6:f2:55:ee:61:16:d1:cd:a4:92:71:55:da:b6:a3:4e:2a:6b:
3c:dd:b6:a1:b1:e6:ef:b2:14:34:ff:80:2d:79:82:c6:1b:eb:
41:bd:0e:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8WKxQ6XME3GijSscRVf47oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNDI1MTY1MTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ4ZWI2NTliOGM0YzU0ZGZiYWU2NDQ4MDI3ZTY0ZmJiM2U2MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOzWvLnWDyZBZQX6BsMLrk+3fwcs
Fk3OzAs6oR/4KikiLeHQixcMjQgaqznSCqOypy7kyzwmEw/K/SSht2XpxRUUyRlV
CByDik5+VPrkHeDOADj3o3PpPjSGoZJOAgW/RSxes3Im+S1PXvi/kr3EnMMzg8l+
zAn1PhgyPfRVN9THZRCdt/k7Av0FIFnLTj/waLsb04hhmJvo+ocUcWHQg5/pz5b2
8gxHCcbWS+Wd8k32ink6Xpt6velgojI0z62WdLcMidBc8whc0fP4UodM2NjfMlXY
CyAL1RKhWEQnFgKQAqRYz0SPfjoDFeZldrDZdgZFwfeTzXqJbltHdrSa6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH5I62WbjExU37rmRIAn5k+7PmNhMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvZmtqclpadU1URlRmdXVaRWdDZm1UN3MtWTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXMkAwQA
XXfBAwQAsH7MAwQAvPHAMA0GCSqGSIb3DQEBCwUAA4IBAQBKXv3WQ4sgikJoNPsi
qUbOYCa7gx0D6d1cmnQ9pc9feUtgdWkzt8d0nvN90IGyBWvd+scuqh6sKQv1qvow
/wbgaI51b7bU71yKvKqs2amTHGgVyc4lptFsjXeYR3OAlItC7tgA49iL2IoIfSDL
3WioG/osvIf28kDXDwzop61JRs5wCbMrAm/F7cXL72OMtlgoGw9YL2ozActaE+Jm
ptwKVbYDbItivwyH76DPprhUCrjNzaFZb5A0jFNMuSZYKivMxNvzl4biT+67Dzuw
o9HRImmG5bnfpM328lXuYRbRzaSScVXatqNOKms83bahsebvshQ0/4AteYLGG+tB
vQ5j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:34 2024 by rpki-client on console-fra.rpki-client.org