Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/72FwNZu5JXIoUdWX2n7XrvBEKB4.roa
File: 72FwNZu5JXIoUdWX2n7XrvBEKB4.roa (raw, json)
Hash identifier: Kbp5LEeQTp2DXHMdxDoJ9obnOTZoRHdyJrrLWc3DujA=
Subject key identifier: EF:61:70:35:9B:B9:25:72:28:51:D5:97:DA:7E:D7:AE:F0:44:28:1E
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 019310968A676BBED06C9433BBBDAFB2DC18
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/72FwNZu5JXIoUdWX2n7XrvBEKB4.roa
Signing time: Sat 09 Nov 2024 11:02:01 +0000
ROA not before: Sat 09 Nov 2024 11:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Nov 2024 09:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:10:96:8a:67:6b:be:d0:6c:94:33:bb:bd:af:b2:dc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Nov 9 11:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef6170359bb925722851d597da7ed7aef044281e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f4:71:02:c3:b2:8f:38:40:1d:10:d2:54:bf:
de:02:e0:d9:88:e1:eb:44:5c:fe:4a:7c:01:c3:b3:
09:78:4c:35:ce:85:56:d1:2f:21:b8:50:1f:b8:0d:
43:1b:9b:c4:63:49:95:18:7f:12:4e:2c:2d:e5:ff:
f0:d2:fa:37:13:8e:34:3a:76:6b:2d:4b:ed:a0:d6:
44:75:e8:5b:82:03:b6:ae:5c:39:0c:22:c3:b4:a6:
64:29:ae:47:14:f9:06:99:0b:60:8d:f5:cc:62:85:
60:3d:62:4c:2f:e1:3f:d8:f0:20:94:23:65:f7:b4:
13:1f:cf:e4:ab:69:c7:76:08:d3:79:f6:8d:9e:19:
9e:45:38:78:6b:66:ee:c0:8c:c4:0c:e3:c7:6a:52:
f4:f1:d9:64:fb:95:a6:26:3a:2c:21:71:c9:7f:ec:
fd:8f:fe:ca:8f:64:87:e7:96:4e:c2:19:34:16:78:
b2:fc:73:0a:88:c2:35:0d:d4:b8:85:25:b7:cf:8c:
f6:e4:8f:a6:5e:83:cf:40:4e:86:89:79:59:bd:56:
a7:58:d0:55:c4:71:1d:7c:e2:ce:8c:c2:6c:b2:c3:
f6:4f:1b:55:1d:ef:18:4f:52:ed:ad:15:81:18:79:
11:da:e4:71:ac:21:8e:f1:25:42:1f:4e:54:81:bf:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:61:70:35:9B:B9:25:72:28:51:D5:97:DA:7E:D7:AE:F0:44:28:1E
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/72FwNZu5JXIoUdWX2n7XrvBEKB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/48
Signature Algorithm: sha256WithRSAEncryption
af:91:ab:72:c3:67:6a:18:ac:e6:e8:92:b0:c2:a0:b1:e5:41:
bc:93:13:a6:f6:bd:7a:1b:d3:de:b0:a5:d6:69:11:5d:bb:44:
6b:37:0d:77:e1:4d:05:20:0a:b6:a2:0b:ae:a8:d7:41:2d:9b:
84:b2:c2:d6:d0:ba:12:40:77:16:e9:8d:53:81:08:6f:c1:33:
f3:d6:b7:4a:ac:39:b1:35:d4:3d:7e:47:02:25:8e:82:16:86:
18:41:c9:c4:05:b4:d5:58:76:bc:0e:40:f8:0e:bc:6d:1e:91:
47:7a:15:52:68:c7:cf:3e:44:1d:88:fe:97:d3:1c:f6:a7:56:
2a:99:f8:72:0c:e7:65:b8:a2:37:8f:47:ef:5f:77:b4:f7:6f:
87:a6:4c:ef:a0:5d:c1:05:da:19:ab:17:54:7f:ec:e0:d4:93:
1f:6c:37:fe:de:a2:76:77:2c:f8:14:bf:1b:18:d7:5c:3d:c1:
f8:b2:a9:d4:65:3b:02:d1:0b:38:fa:b8:ae:b0:24:db:6a:93:
10:39:49:ea:cd:d4:e4:78:6a:78:a5:e7:d6:00:12:2a:60:39:
18:38:63:34:ed:35:1f:c4:e3:8a:8e:08:1b:21:de:f0:71:25:
cf:47:8b:00:75:9f:ec:07:3c:1f:55:2d:55:80:5f:6e:7e:9e:
07:77:89:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZMQlopna77QbJQzu72vstwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQxMTA5MTEwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjYxNzAzNTliYjkyNTcyMjg1MWQ1OTdkYTdlZDdhZWYwNDQyODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vRxAsOyjzhAHRDSVL/eAuDZiOHr
RFz+SnwBw7MJeEw1zoVW0S8huFAfuA1DG5vEY0mVGH8STiwt5f/w0vo3E440OnZr
LUvtoNZEdehbggO2rlw5DCLDtKZkKa5HFPkGmQtgjfXMYoVgPWJML+E/2PAglCNl
97QTH8/kq2nHdgjTefaNnhmeRTh4a2buwIzEDOPHalL08dlk+5WmJjosIXHJf+z9
j/7Kj2SH55ZOwhk0Fniy/HMKiMI1DdS4hSW3z4z25I+mXoPPQE6GiXlZvVanWNBV
xHEdfOLOjMJsssP2TxtVHe8YT1LtrRWBGHkR2uRxrCGO8SVCH05Ugb8o8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9hcDWbuSVyKFHVl9p+167wRCgeMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xLzcyRndOWnU1SlhJb1VkV1gybjdYcnZCRUtCNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHACoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAr5GrcsNn
ahis5uiSsMKgseVBvJMTpva9ehvT3rCl1mkRXbtEazcNd+FNBSAKtqILrqjXQS2b
hLLC1tC6EkB3FumNU4EIb8Ez89a3Sqw5sTXUPX5HAiWOghaGGEHJxAW01Vh2vA5A
+A68bR6RR3oVUmjHzz5EHYj+l9Mc9qdWKpn4cgznZbiiN49H7193tPdvh6ZM76Bd
wQXaGasXVH/s4NSTH2w3/t6idncs+BS/GxjXXD3B+LKp1GU7AtELOPq4rrAk22qT
EDlJ6s3U5HhqeKXn1gASKmA5GDhjNO01H8Tjio4IGyHe8HElz0eLAHWf7Ac8H1Ut
VYBfbn6eB3eJEA==
-----END CERTIFICATE-----
Generated at Mon Nov 11 13:29:12 2024 by rpki-client on console-ams.rpki-client.org