Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/fVOT0EB-wiS1h9YmWc87q8PrnTQ.roa
File: fVOT0EB-wiS1h9YmWc87q8PrnTQ.roa (raw, json)
Hash identifier: X3m7QYsa1LagU5/C5w1jI9qRV4oncDu1YbKRZHsc3ac=
Subject key identifier: 7D:53:93:D0:40:7E:C2:24:B5:87:D6:26:59:CF:3B:AB:C3:EB:9D:34
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0188D8A5CA53D2F99E73D62EDE315B1E49F2
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/fVOT0EB-wiS1h9YmWc87q8PrnTQ.roa
Signing time: Tue 20 Jun 2023 11:52:03 +0000
ROA not before: Tue 20 Jun 2023 11:52:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202053
IP address blocks: 95.111.208.0/22 maxlen: 22
2a04:3544:8000::/34 maxlen: 34
2a04:3542:8000::/34 maxlen: 34
Validation: Failed, certificate revoked on Thu 22 Jun 2023 10:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:a5:ca:53:d2:f9:9e:73:d6:2e:de:31:5b:1e:49:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jun 20 11:52:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d5393d0407ec224b587d62659cf3babc3eb9d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:79:85:65:73:85:57:0a:3c:f3:f2:f7:6e:f5:
88:96:6d:87:13:b9:3a:a6:c7:9e:93:02:81:36:ad:
21:2a:ac:42:3e:0d:dd:e8:e2:0b:c5:e3:a9:8f:94:
5e:0a:d7:87:69:9f:2e:47:62:58:9c:3b:7e:70:73:
40:95:8c:40:65:1c:c6:4b:3d:4e:22:05:a5:96:95:
da:ba:20:a3:2c:a7:86:63:5e:54:5d:5a:ed:4f:ca:
0f:28:e3:90:75:1d:e9:37:40:b0:17:f0:e7:00:c7:
f1:a1:ce:b1:6e:9f:4d:e9:6d:53:c8:15:2a:a3:3c:
36:e9:32:23:22:e8:54:8b:2f:d2:f7:06:a8:fd:c3:
fe:3f:bb:d1:66:1b:45:d2:f3:a9:d0:3c:d1:74:b9:
7c:60:a5:e0:56:fd:06:88:5d:89:ca:b7:62:c6:fe:
03:ec:1f:bb:74:bb:39:bf:e3:14:fa:14:7d:45:0b:
0c:be:b7:f6:ab:f6:00:95:5c:ff:fd:c3:24:1b:bf:
d4:8e:be:0c:19:2a:c2:da:53:3b:c2:39:aa:72:cc:
ed:c7:8f:0e:d0:af:6e:74:30:cb:4a:46:e2:f5:c5:
77:a9:7d:0a:c8:94:76:16:a1:54:fe:f3:c1:3a:f5:
19:d0:0a:b2:00:31:63:4a:61:4e:79:ee:b9:e0:88:
c6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:53:93:D0:40:7E:C2:24:B5:87:D6:26:59:CF:3B:AB:C3:EB:9D:34
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/fVOT0EB-wiS1h9YmWc87q8PrnTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.208.0/22
IPv6:
2a04:3542:8000::/34
2a04:3544:8000::/34
Signature Algorithm: sha256WithRSAEncryption
1d:36:6f:91:09:e7:95:f3:c7:90:0d:31:62:d3:62:30:04:b9:
34:1a:97:31:7d:45:22:76:26:ad:d8:a9:ae:21:91:54:a0:0a:
17:13:fb:60:6f:58:9b:ff:b0:fb:98:d3:0e:38:a8:09:51:28:
82:96:35:07:b5:78:dd:86:07:b8:07:62:c3:2b:b2:02:d8:e4:
44:81:cf:f9:4d:b8:8c:cb:90:15:bb:e0:35:9b:3e:d4:b7:cf:
9f:c2:51:74:bf:e5:34:ec:e8:44:6c:15:7b:49:f6:88:6c:8c:
2d:cf:07:0e:a1:88:b3:15:fe:7a:aa:54:25:39:92:86:db:29:
f8:18:bb:3e:82:7e:6f:73:2f:2e:ab:0c:a4:1f:c3:70:f0:ee:
b2:b5:12:3e:dd:be:77:fa:14:d9:10:7c:81:81:e3:cb:b5:77:
19:24:b5:0d:7c:37:a1:8d:1e:df:5f:2d:1e:6d:a3:53:80:31:
a7:a5:61:e5:51:07:34:e6:21:2a:44:2a:0c:05:d6:af:17:12:
d1:2f:8c:4b:f4:99:8e:6a:32:2d:54:8f:14:ec:4d:fd:a6:a7:
4b:c9:01:7d:6c:ec:06:ec:dd:7d:f4:2b:60:89:76:1d:5a:e8:
bb:0c:4b:a3:ce:ae:37:a6:7d:3a:a8:53:b3:53:c4:67:19:91:
43:5b:39:b5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYjYpcpT0vmec9Yu3jFbHknyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjMwNjIwMTE1MjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDUzOTNkMDQwN2VjMjI0YjU4N2Q2MjY1OWNmM2JhYmMzZWI5ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnmFZXOFVwo88/L3bvWIlm2HE7k6
pseekwKBNq0hKqxCPg3d6OILxeOpj5ReCteHaZ8uR2JYnDt+cHNAlYxAZRzGSz1O
IgWllpXauiCjLKeGY15UXVrtT8oPKOOQdR3pN0CwF/DnAMfxoc6xbp9N6W1TyBUq
ozw26TIjIuhUiy/S9wao/cP+P7vRZhtF0vOp0DzRdLl8YKXgVv0GiF2Jyrdixv4D
7B+7dLs5v+MU+hR9RQsMvrf2q/YAlVz//cMkG7/Ujr4MGSrC2lM7wjmqcsztx48O
0K9udDDLSkbi9cV3qX0KyJR2FqFU/vPBOvUZ0AqyADFjSmFOee654IjGrQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFH1Tk9BAfsIktYfWJlnPO6vD6500MB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvZlZPVDBFQi13aVMxaDlZbVdjODdxOFByblRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCX2/QMBYE
AgACMBADBgYqBDVCgAMGBioENUSAMA0GCSqGSIb3DQEBCwUAA4IBAQAdNm+RCeeV
88eQDTFi02IwBLk0GpcxfUUidiat2KmuIZFUoAoXE/tgb1ib/7D7mNMOOKgJUSiC
ljUHtXjdhge4B2LDK7IC2OREgc/5TbiMy5AVu+A1mz7Ut8+fwlF0v+U07OhEbBV7
SfaIbIwtzwcOoYizFf56qlQlOZKG2yn4GLs+gn5vcy8uqwykH8Nw8O6ytRI+3b53
+hTZEHyBgePLtXcZJLUNfDehjR7fXy0ebaNTgDGnpWHlUQc05iEqRCoMBdavFxLR
L4xL9JmOajItVI8U7E39pqdLyQF9bOwG7N199CtgiXYdWui7DEujzq43pn06qFOz
U8RnGZFDWzm1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:51 2024 by rpki-client on console-ams.rpki-client.org