Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_Cmg5UA-nOpQzbk44nDrHYY_jOs.roa
File: _Cmg5UA-nOpQzbk44nDrHYY_jOs.roa (raw, json)
Hash identifier: RbYHoKth8riRQJmEG7Q9VqM8YI0Jo074SPsD0o9lFT4=
Subject key identifier: FC:29:A0:E5:40:3E:9C:EA:50:CD:B9:38:E2:70:EB:1D:86:3F:8C:EB
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC96CBAC1E100A5242C69DF5202FCF
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_Cmg5UA-nOpQzbk44nDrHYY_jOs.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15723
IP address blocks: 164.215.97.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 23 Jan 2024 10:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:96:cb:ac:1e:10:0a:52:42:c6:9d:f5:20:2f:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc29a0e5403e9cea50cdb938e270eb1d863f8ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f8:dc:bc:2e:a0:c4:b3:85:e9:64:0c:7b:cc:
0c:5d:4f:b9:ce:54:49:46:4f:1e:ba:88:6e:ae:6a:
7b:9f:4c:65:ce:ef:db:73:ef:5a:90:da:cd:a5:bc:
72:e6:1a:41:6a:8b:3c:a5:46:30:79:2d:d4:14:d4:
34:41:b8:9d:73:72:35:a2:8d:c0:b2:99:9c:2f:cd:
cb:e3:b8:0e:d3:65:95:0b:19:32:fb:79:7c:ff:b4:
aa:17:9a:bc:5b:d7:77:45:22:81:82:24:eb:ea:b2:
f7:21:8e:cf:29:c9:af:ea:82:ce:1c:f1:1a:c5:82:
c6:ea:00:a1:62:13:74:f5:ec:51:00:bb:97:d3:cf:
b6:84:72:4c:51:b4:bb:e3:3e:cd:10:06:2e:0f:75:
28:26:87:e5:5c:01:44:44:7f:5c:61:39:c1:56:f7:
c8:92:3c:cf:a2:21:1c:f2:14:c5:17:10:62:a9:37:
7a:30:e3:77:24:47:f6:13:92:9a:43:30:ca:64:13:
60:a2:1d:8d:8a:2c:e8:d6:8d:49:7c:1e:88:4b:ae:
1b:fb:bb:94:05:f9:b0:8c:f8:99:99:32:fc:66:1f:
91:aa:e3:8e:12:ac:05:4e:ff:b6:29:d7:68:59:f8:
47:ac:f1:ae:b6:6e:f8:87:cf:47:93:dc:94:78:aa:
46:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:29:A0:E5:40:3E:9C:EA:50:CD:B9:38:E2:70:EB:1D:86:3F:8C:EB
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_Cmg5UA-nOpQzbk44nDrHYY_jOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.215.97.0/24
188.64.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:17:eb:f8:f4:ae:12:94:ce:48:07:e1:0c:e5:21:b4:4c:da:
b7:a3:3c:45:73:31:ad:25:d6:91:65:fc:83:07:49:fa:fa:26:
2f:aa:ac:55:a7:d3:0c:b9:36:a5:42:28:13:ce:b4:ed:9b:01:
96:e8:a7:7b:7e:2a:39:68:54:b3:b8:5e:c7:f3:a7:62:6a:bc:
ce:6d:b8:43:a2:e4:71:65:a6:99:55:9e:81:d6:32:4d:98:64:
99:1c:47:7a:d1:f0:2d:f9:c7:f4:4d:88:9c:9f:fb:9c:a5:11:
7a:07:bc:f6:26:6d:49:66:de:aa:61:f4:fd:90:17:ae:c6:36:
d2:0c:2c:5f:c2:d7:ed:e0:30:83:22:02:84:fc:af:62:50:64:
b8:09:7a:bf:73:85:4e:cb:1c:e9:c0:63:85:13:b0:b6:74:42:
f2:8b:99:25:9d:dc:ed:f1:74:09:e7:c0:6c:c7:0c:3e:ef:64:
6c:0d:2d:00:47:1f:b3:7c:53:8e:4a:11:79:19:cc:a4:e0:88:
29:a1:68:a9:90:7f:0e:76:4a:c8:89:d5:8c:46:35:37:6f:66:
15:53:d2:0a:7e:b4:10:8d:59:88:35:ab:3a:d8:f0:42:b0:20:
ee:6c:be:5f:b6:6e:1f:21:30:22:d7:b0:89:e0:25:4e:1c:c4:
93:24:45:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3JbLrB4QClJCxp31IC/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI5YTBlNTQwM2U5Y2VhNTBjZGI5MzhlMjcwZWIxZDg2M2Y4Y2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPjcvC6gxLOF6WQMe8wMXU+5zlRJ
Rk8euohurmp7n0xlzu/bc+9akNrNpbxy5hpBaos8pUYweS3UFNQ0Qbidc3I1oo3A
spmcL83L47gO02WVCxky+3l8/7SqF5q8W9d3RSKBgiTr6rL3IY7PKcmv6oLOHPEa
xYLG6gChYhN09exRALuX08+2hHJMUbS74z7NEAYuD3UoJoflXAFERH9cYTnBVvfI
kjzPoiEc8hTFFxBiqTd6MON3JEf2E5KaQzDKZBNgoh2Niizo1o1JfB6IS64b+7uU
BfmwjPiZmTL8Zh+RquOOEqwFTv+2KddoWfhHrPGutm74h89Hk9yUeKpG/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwpoOVAPpzqUM25OOJw6x2GP4zrMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvX0NtZzVVQS1uT3BRemJrNDRuRHJIWVlfak9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQApNdhAwQC
vEAIMA0GCSqGSIb3DQEBCwUAA4IBAQA8F+v49K4SlM5IB+EM5SG0TNq3ozxFczGt
JdaRZfyDB0n6+iYvqqxVp9MMuTalQigTzrTtmwGW6Kd7fio5aFSzuF7H86diarzO
bbhDouRxZaaZVZ6B1jJNmGSZHEd60fAt+cf0TYicn/ucpRF6B7z2Jm1JZt6qYfT9
kBeuxjbSDCxfwtft4DCDIgKE/K9iUGS4CXq/c4VOyxzpwGOFE7C2dELyi5klndzt
8XQJ58Bsxww+72RsDS0ARx+zfFOOShF5Gcyk4IgpoWipkH8OdkrIidWMRjU3b2YV
U9IKfrQQjVmINas62PBCsCDubL5ftm4fITAi17CJ4CVOHMSTJEUL
-----END CERTIFICATE-----
Generated at Tue Jan 23 14:54:00 2024 by rpki-client on console-fra.rpki-client.org