Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/o-FbNNMap_8T09DvBdzifiozywA.roa
File: o-FbNNMap_8T09DvBdzifiozywA.roa (raw, json)
Hash identifier: WjB6gVwYJQ9l/IwWlMjaubOB4tnc6jBfNNSe1jqEK5M=
Subject key identifier: A3:E1:5B:34:D3:1A:A7:FF:13:D3:D0:EF:05:DC:E2:7E:2A:33:CB:00
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 018F1935FD2C94C20665727B5ACF67C66CB5
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/o-FbNNMap_8T09DvBdzifiozywA.roa
Signing time: Fri 26 Apr 2024 07:01:59 +0000
ROA not before: Fri 26 Apr 2024 07:01:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 89.50.0.0/16 maxlen: 24
194.97.192.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 07:13:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:35:fd:2c:94:c2:06:65:72:7b:5a:cf:67:c6:6c:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Apr 26 07:01:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3e15b34d31aa7ff13d3d0ef05dce27e2a33cb00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f6:e0:b1:08:9d:2a:84:b4:0d:4f:f6:aa:8f:
05:11:3b:30:c2:02:24:bf:09:67:d0:ed:e5:c8:e6:
9f:a7:7d:5f:85:97:78:37:a4:51:58:20:f1:78:2d:
c3:b5:bc:d2:2e:70:b5:d6:8c:23:e8:fe:38:da:1e:
e3:4d:01:84:df:7b:c7:26:9c:5e:2d:82:70:98:23:
2d:37:8a:e7:48:2e:3d:68:3e:3e:a4:07:c6:44:02:
34:bf:06:66:c0:36:19:50:78:2b:ae:02:0e:5c:f1:
76:51:e0:d6:7b:9a:95:b5:bc:e8:92:a4:c8:87:b4:
c5:2d:2f:36:9b:b9:c8:01:d5:09:f1:c0:aa:17:b3:
f5:18:44:7f:54:1b:ed:e6:d8:94:dc:f9:9a:5e:ef:
ad:66:e7:d5:32:4b:1a:2f:15:6f:43:03:f3:57:72:
6c:67:56:4b:42:23:11:63:52:1d:a6:9c:82:8a:46:
a0:46:dd:79:d8:6d:4f:12:ff:ef:f8:00:4a:37:00:
46:e5:e8:e0:fd:fa:a5:ca:13:0a:0d:19:e7:28:d0:
6b:fb:f9:ad:f4:d2:01:a3:8c:62:5a:bd:01:e2:68:
13:9a:2d:34:c2:1c:58:80:2b:ab:83:8a:06:f0:65:
57:c2:2e:d0:a7:07:96:71:a8:84:f8:60:6b:cd:31:
c9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E1:5B:34:D3:1A:A7:FF:13:D3:D0:EF:05:DC:E2:7E:2A:33:CB:00
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/o-FbNNMap_8T09DvBdzifiozywA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.50.0.0/16
194.97.192.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:a1:10:d0:02:00:18:74:c8:92:1b:27:63:ba:8b:1f:4c:92:
96:96:1a:56:66:83:0a:1e:b3:e6:3b:73:b9:bb:4a:88:58:82:
d1:4f:0a:ed:ed:42:bd:87:f7:e9:87:65:38:4f:d1:88:4f:df:
a5:4f:a9:76:3e:0b:e4:f6:88:9b:8a:19:d5:eb:6b:73:49:9d:
32:ef:60:af:c1:7d:59:67:07:4b:49:d1:af:55:c0:a2:dc:34:
b7:d1:3b:22:ff:9d:3a:c2:c6:ca:20:89:a1:0f:84:fd:55:82:
dc:c6:3a:62:0b:32:7f:98:ef:5d:4a:b8:d6:15:f5:58:67:6d:
78:8b:db:4d:fc:be:c2:42:cd:6a:3b:fe:0c:3c:3d:86:4d:df:
55:ea:50:81:73:1d:f1:31:a1:fb:5a:89:02:b9:0c:40:79:18:
ad:29:9d:77:84:c8:65:4b:79:9e:46:09:29:8d:9b:6a:91:33:
01:5b:33:63:f5:f8:c9:86:9d:2d:b5:e8:d1:c7:a8:3d:a2:8d:
f1:91:6d:21:6f:dd:b2:7e:91:c2:8e:60:c3:c0:e3:25:fe:a2:
bc:7f:43:1a:f4:50:b5:df:40:43:1e:89:e1:69:bc:aa:ec:49:
f1:42:85:8e:a3:d3:81:82:b2:30:0f:d1:39:bd:e9:75:51:e3:
d7:1a:31:44
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAY8ZNf0slMIGZXJ7Ws9nxmy1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjQwNDI2MDcwMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2UxNWIzNGQzMWFhN2ZmMTNkM2QwZWYwNWRjZTI3ZTJhMzNjYjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fbgsQidKoS0DU/2qo8FETswwgIk
vwln0O3lyOafp31fhZd4N6RRWCDxeC3DtbzSLnC11owj6P442h7jTQGE33vHJpxe
LYJwmCMtN4rnSC49aD4+pAfGRAI0vwZmwDYZUHgrrgIOXPF2UeDWe5qVtbzokqTI
h7TFLS82m7nIAdUJ8cCqF7P1GER/VBvt5tiU3PmaXu+tZufVMksaLxVvQwPzV3Js
Z1ZLQiMRY1IdppyCikagRt152G1PEv/v+ABKNwBG5ejg/fqlyhMKDRnnKNBr+/mt
9NIBo4xiWr0B4mgTmi00whxYgCurg4oG8GVXwi7QpweWcaiE+GBrzTHJlQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFKPhWzTTGqf/E9PQ7wXc4n4qM8sAMB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvby1GYk5OTWFwXzhUMDlEdkJkemlmaW96eXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAWTIDBAHC
YcAwDQYJKoZIhvcNAQELBQADggEBAC+hENACABh0yJIbJ2O6ix9MkpaWGlZmgwoe
s+Y7c7m7SohYgtFPCu3tQr2H9+mHZThP0YhP36VPqXY+C+T2iJuKGdXra3NJnTLv
YK/BfVlnB0tJ0a9VwKLcNLfROyL/nTrCxsogiaEPhP1VgtzGOmILMn+Y711KuNYV
9VhnbXiL2038vsJCzWo7/gw8PYZN31XqUIFzHfExoftaiQK5DEB5GK0pnXeEyGVL
eZ5GCSmNm2qRMwFbM2P1+MmGnS216NHHqD2ijfGRbSFv3bJ+kcKOYMPA4yX+orx/
Qxr0ULXfQEMeieFpvKrsSfFChY6j04GCsjAP0Tm96XVR49caMUQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:53 2024 by rpki-client on console-ams.rpki-client.org