Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/fBu-fS0ENiOQkTrzacA5bSCdKp4.roa
File: fBu-fS0ENiOQkTrzacA5bSCdKp4.roa (raw, json)
Hash identifier: 6DwKDZXEDqQKuBgW2iRKaeKh9vJWsjjDbAfzzfwX368=
Subject key identifier: 7C:1B:BE:7D:2D:04:36:23:90:91:3A:F3:69:C0:39:6D:20:9D:2A:9E
Certificate issuer: /CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Certificate serial: 018C6469376F79ACAB56F6939A769B319467
Authority key identifier: 68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/fBu-fS0ENiOQkTrzacA5bSCdKp4.roa
Signing time: Wed 13 Dec 2023 18:21:06 +0000
ROA not before: Wed 13 Dec 2023 18:21:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208287
IP address blocks: 217.28.129.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:69:37:6f:79:ac:ab:56:f6:93:9a:76:9b:31:94:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68a839cc8159fc5d3d75dedf62aadb81c40eabed
Validity
Not Before: Dec 13 18:21:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c1bbe7d2d04362390913af369c0396d209d2a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:88:b3:0e:58:11:4b:d0:7e:9d:04:fb:cd:73:
9b:49:c7:5b:07:79:67:2b:36:78:52:16:df:fa:54:
79:4a:a0:c2:bd:1e:e5:b7:b4:d0:de:67:d6:4b:ad:
5c:f8:57:f4:91:3e:b7:28:58:2c:3f:6f:5b:7a:14:
a7:61:32:b3:c2:83:8e:13:cf:a0:e4:98:24:04:7a:
78:a5:2d:7a:4e:ec:67:ee:22:ad:f3:db:13:5d:b0:
61:15:35:9a:ed:78:09:27:24:7d:bc:e4:df:b0:56:
2d:f1:68:bf:b8:cb:17:9a:5b:ae:8c:66:86:f5:d7:
a3:89:ef:00:48:58:15:ef:b5:51:8b:67:44:8c:f7:
c2:bd:0d:e6:54:4c:bc:51:d9:d8:53:e5:45:23:1d:
05:0c:20:98:ad:fa:8f:54:20:7a:59:dc:e6:e0:f3:
6d:cb:e0:bc:2e:03:d0:a6:49:e0:a3:59:2c:91:12:
fd:ba:a4:1f:95:3f:84:20:ac:61:42:a7:16:b9:1e:
1f:8b:49:b6:a2:6c:21:ee:9c:e1:d9:e6:b0:17:e6:
09:79:b1:ab:df:26:c2:3a:04:6a:70:b9:5e:0d:59:
5c:50:65:c5:e1:23:1f:d7:ff:5b:f5:59:6d:3b:cf:
a5:2f:01:98:ee:9e:91:ad:53:86:c7:e4:64:4a:f2:
bf:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1B:BE:7D:2D:04:36:23:90:91:3A:F3:69:C0:39:6D:20:9D:2A:9E
X509v3 Authority Key Identifier:
keyid:68:A8:39:CC:81:59:FC:5D:3D:75:DE:DF:62:AA:DB:81:C4:0E:AB:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aKg5zIFZ_F09dd7fYqrbgcQOq-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/fBu-fS0ENiOQkTrzacA5bSCdKp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/7f631d-d0a1-4e23-96f8-1b2b2faf1cac/1/aKg5zIFZ_F09dd7fYqrbgcQOq-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.129.0/24
Signature Algorithm: sha256WithRSAEncryption
59:32:fe:33:4c:65:f3:fe:9d:73:53:eb:f3:d5:33:d1:b4:c6:
65:e9:d6:ee:55:38:1b:fb:38:94:ac:60:05:9f:62:59:4d:9c:
8e:19:71:72:e5:ff:08:29:0f:29:2d:88:57:25:fc:80:c4:e4:
ab:57:22:5b:84:46:b6:b2:be:27:be:00:38:8c:ee:65:63:b4:
80:65:74:2d:92:a1:86:82:c7:87:65:99:99:0c:6d:e6:4e:e3:
9d:42:26:86:90:78:98:b5:b4:3a:de:38:cb:e2:6b:0c:88:6f:
fd:c9:55:ee:21:27:52:55:80:5f:92:87:7e:ce:64:f7:e9:7d:
f0:58:fd:30:1d:b8:1b:e9:ab:29:4a:df:ca:f1:c3:f2:b5:c4:
4c:e2:2a:17:a4:04:5b:cd:b5:4b:a6:12:d7:bd:81:ec:9d:c3:
56:03:30:62:5b:75:5a:5c:c3:e1:82:47:5e:2f:a5:6a:18:53:
7f:e0:90:ab:48:b9:03:d9:72:f1:a6:5d:30:86:f7:8a:e7:fe:
e2:b1:7d:d2:b2:5a:ee:71:3e:47:6f:b6:b2:55:b6:b6:d3:b2:
19:43:79:88:09:9f:5e:82:9b:fa:b5:d0:f3:8f:ca:44:f0:b0:
18:b6:81:92:46:7e:11:25:99:c5:84:3d:7b:17:30:76:d9:12:
cb:4f:89:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxkaTdveayrVvaTmnabMZRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YTgzOWNjODE1OWZjNWQzZDc1ZGVkZjYyYWFkYjgxYzQw
ZWFiZWQwHhcNMjMxMjEzMTgyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFiYmU3ZDJkMDQzNjIzOTA5MTNhZjM2OWMwMzk2ZDIwOWQyYTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04izDlgRS9B+nQT7zXObScdbB3ln
KzZ4Uhbf+lR5SqDCvR7lt7TQ3mfWS61c+Ff0kT63KFgsP29behSnYTKzwoOOE8+g
5JgkBHp4pS16Tuxn7iKt89sTXbBhFTWa7XgJJyR9vOTfsFYt8Wi/uMsXmluujGaG
9dejie8ASFgV77VRi2dEjPfCvQ3mVEy8UdnYU+VFIx0FDCCYrfqPVCB6Wdzm4PNt
y+C8LgPQpkngo1kskRL9uqQflT+EIKxhQqcWuR4fi0m2omwh7pzh2eawF+YJebGr
3ybCOgRqcLleDVlcUGXF4SMf1/9b9VltO8+lLwGY7p6RrVOGx+RkSvK/HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwbvn0tBDYjkJE682nAOW0gnSqeMB8GA1UdIwQY
MBaAFGioOcyBWfxdPXXe32Kq24HEDqvtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2Zjgt
MWIyYjJmYWYxY2FjLzEvZkJ1LWZTMEVOaU9Ra1RyemFjQTViU0NkS3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83ZjYzMWQtZDBhMS00ZTIzLTk2ZjgtMWIyYjJmYWYxY2Fj
LzEvYUtnNXpJRlpfRjA5ZGQ3ZllxcmJnY1FPcS0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RyBMA0G
CSqGSIb3DQEBCwUAA4IBAQBZMv4zTGXz/p1zU+vz1TPRtMZl6dbuVTgb+ziUrGAF
n2JZTZyOGXFy5f8IKQ8pLYhXJfyAxOSrVyJbhEa2sr4nvgA4jO5lY7SAZXQtkqGG
gseHZZmZDG3mTuOdQiaGkHiYtbQ63jjL4msMiG/9yVXuISdSVYBfkod+zmT36X3w
WP0wHbgb6aspSt/K8cPytcRM4ioXpARbzbVLphLXvYHsncNWAzBiW3VaXMPhgkde
L6VqGFN/4JCrSLkD2XLxpl0whveK5/7isX3SslrucT5Hb7ayVba207IZQ3mICZ9e
gpv6tdDzj8pE8LAYtoGSRn4RJZnFhD17FzB22RLLT4kh
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:53:02 2024 by rpki-client on console-fra.rpki-client.org