Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/1-FjBsonUeAk3aBkFZ4lyeDBdR_E.roa
File: 1-FjBsonUeAk3aBkFZ4lyeDBdR_E.roa (raw, json)
Hash identifier: uTAAWFBwYSzzqHXKTiVrmJwsOPteI+04sXemP9WCkOI=
Subject key identifier: F8:58:C1:B2:89:D4:78:09:37:68:19:05:67:89:72:78:30:5D:47:F1
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 018C558E1F98077FCF94DBF794A840DB9AE5
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/1-FjBsonUeAk3aBkFZ4lyeDBdR_E.roa
Signing time: Sun 10 Dec 2023 21:07:06 +0000
ROA not before: Sun 10 Dec 2023 21:07:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57479
IP address blocks: 176.124.228.0/24 maxlen: 24
176.124.230.0/24 maxlen: 24
176.124.229.0/24 maxlen: 24
194.60.252.0/24 maxlen: 24
194.60.253.0/24 maxlen: 24
2001:67c:11a0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:55:8e:1f:98:07:7f:cf:94:db:f7:94:a8:40:db:9a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Dec 10 21:07:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f858c1b289d478093768190567897278305d47f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:01:64:b0:f6:10:3a:6b:5c:3e:75:dc:8b:7e:
ca:b7:53:85:9a:dc:4c:51:c9:5f:69:20:e5:26:d1:
3b:3e:86:3c:24:ef:6b:4c:05:0e:e7:bf:f8:e4:a8:
33:fa:8b:eb:04:ae:e4:46:3c:41:b1:84:ec:84:9e:
9c:a6:25:79:0e:b8:67:28:14:41:c8:02:8c:f8:bd:
49:18:4f:ef:4d:2f:56:f7:8e:e9:25:24:c9:70:f4:
1d:2d:0c:df:15:b8:4d:3c:51:b9:07:6c:6d:40:11:
bc:b8:43:52:71:a7:92:76:5d:4e:32:90:ed:02:8f:
32:89:ec:5f:9b:5b:f3:fc:78:fc:eb:ac:ba:4e:17:
dc:4c:03:08:7c:46:36:88:45:af:c1:04:b5:07:56:
34:2e:3e:cd:1f:77:62:e5:5f:08:39:3f:be:9e:40:
94:cb:48:6f:31:91:09:86:dd:fb:37:3d:2e:6c:51:
01:86:e8:5e:04:1c:aa:ef:7c:94:7d:c4:9d:93:fe:
58:12:c7:f2:a1:d4:e4:5f:78:bb:40:d9:83:2b:a0:
67:c3:9a:c3:75:d8:54:7a:44:1c:41:98:4f:14:95:
cb:b7:5a:56:7d:ed:aa:84:25:93:5b:10:62:73:bf:
43:cc:e1:e8:4c:62:ce:71:2c:60:af:df:63:f2:c2:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:58:C1:B2:89:D4:78:09:37:68:19:05:67:89:72:78:30:5D:47:F1
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/1-FjBsonUeAk3aBkFZ4lyeDBdR_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.228.0-176.124.230.255
194.60.252.0/23
IPv6:
2001:67c:11a0::/48
Signature Algorithm: sha256WithRSAEncryption
71:28:ab:bd:a2:68:56:e0:66:13:8f:5e:43:4c:54:ac:f4:5d:
6a:39:6f:44:d1:fa:7d:92:ff:83:b2:ed:a8:50:1a:ed:71:26:
e7:c4:90:e3:76:66:0c:67:9c:12:e8:73:4c:36:0d:91:38:29:
b6:d3:40:72:02:0a:25:f0:2d:c4:b8:e1:c0:3b:2b:e3:63:92:
89:e3:6e:66:f3:c3:ba:7c:16:21:c1:cb:a7:70:f7:39:4a:33:
59:26:40:b5:cb:4f:a3:e6:2b:e5:ca:b5:f2:d0:2c:36:bc:b1:
5c:2d:05:d2:6a:ed:b3:ed:89:ee:4e:cc:c2:5d:90:e8:70:53:
25:9e:51:fa:7b:d9:61:e7:31:d4:c1:ef:77:64:42:1f:ae:a6:
c1:f1:f1:5d:39:58:d6:3e:a3:f0:96:f3:ff:d2:79:26:95:0d:
01:e9:4c:52:a7:5e:7b:3a:8f:19:61:e5:67:e7:ed:c0:14:aa:
df:32:b4:1e:a5:2f:e6:b0:52:97:e8:2c:cb:ef:c8:e0:5f:b8:
a5:df:b4:fc:3a:e9:4d:fb:7a:de:4c:ec:5d:68:6a:e1:10:03:
40:d2:50:59:4b:02:57:58:f9:9f:47:53:ab:e2:65:c1:37:08:
8e:7c:66:e8:de:d7:7f:bf:04:e3:e9:54:71:57:4e:d9:5f:b3:
fc:01:39:59
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxVjh+YB3/PlNv3lKhA25rlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjMxMjEwMjEwNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODU4YzFiMjg5ZDQ3ODA5Mzc2ODE5MDU2Nzg5NzI3ODMwNWQ0N2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngFksPYQOmtcPnXci37Kt1OFmtxM
UclfaSDlJtE7PoY8JO9rTAUO57/45Kgz+ovrBK7kRjxBsYTshJ6cpiV5DrhnKBRB
yAKM+L1JGE/vTS9W947pJSTJcPQdLQzfFbhNPFG5B2xtQBG8uENScaeSdl1OMpDt
Ao8yiexfm1vz/Hj866y6ThfcTAMIfEY2iEWvwQS1B1Y0Lj7NH3di5V8IOT++nkCU
y0hvMZEJht37Nz0ubFEBhuheBByq73yUfcSdk/5YEsfyodTkX3i7QNmDK6Bnw5rD
ddhUekQcQZhPFJXLt1pWfe2qhCWTWxBic79DzOHoTGLOcSxgr99j8sJwFwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPhYwbKJ1HgJN2gZBWeJcngwXUfxMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvMS1GakJzb25VZUFrM2FCa0ZaNGx5ZURCZFJfRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvOGM0ZWM0LWQ2MzctNGQzZi05ZGU4LTA1NTU5YzFmNTkx
NS8xL2FqWnYzOHFpRG9Eb3Y4TXdwTml4dm4zbW9kQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA+BggrBgEFBQcBBwEB/wQvMC0wGgQCAAEwFDAMAwQCsHzk
AwQAsHzmAwQBwjz8MA8EAgACMAkDBwAgAQZ8EaAwDQYJKoZIhvcNAQELBQADggEB
AHEoq72iaFbgZhOPXkNMVKz0XWo5b0TR+n2S/4Oy7ahQGu1xJufEkON2ZgxnnBLo
c0w2DZE4KbbTQHICCiXwLcS44cA7K+Njkonjbmbzw7p8FiHBy6dw9zlKM1kmQLXL
T6PmK+XKtfLQLDa8sVwtBdJq7bPtie5OzMJdkOhwUyWeUfp72WHnMdTB73dkQh+u
psHx8V05WNY+o/CW8//SeSaVDQHpTFKnXns6jxlh5Wfn7cAUqt8ytB6lL+awUpfo
LMvvyOBfuKXftPw66U37et5M7F1oauEQA0DSUFlLAldY+Z9HU6viZcE3CI58Zuje
13+/BOPpVHFXTtlfs/wBOVk=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:46 2024 by rpki-client on console-fra.rpki-client.org