Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fd4p5wGMWWSmpRJs2MSEGypyAak.roa
File: fd4p5wGMWWSmpRJs2MSEGypyAak.roa (raw, json)
Hash identifier: bKAZESRM9HuW19/fd+RISOCGCK9kSBB1LasVEr5wRbw=
Subject key identifier: 7D:DE:29:E7:01:8C:59:64:A6:A5:12:6C:D8:C4:84:1B:2A:72:01:A9
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018AEACC6ACE61427288F2DC820562CA344C
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fd4p5wGMWWSmpRJs2MSEGypyAak.roa
Signing time: Sun 01 Oct 2023 10:32:59 +0000
ROA not before: Sun 01 Oct 2023 10:32:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 213.145.72.0/21 maxlen: 24
213.145.91.0/24 maxlen: 24
213.145.89.0/24 maxlen: 24
213.145.90.0/24 maxlen: 24
213.145.93.0/24 maxlen: 24
213.145.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Oct 2023 11:05:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ea:cc:6a:ce:61:42:72:88:f2:dc:82:05:62:ca:34:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 1 10:32:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dde29e7018c5964a6a5126cd8c4841b2a7201a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f4:91:c8:88:b4:79:a3:67:9b:8e:e2:d7:d5:
6c:42:2b:e9:f5:ad:4e:13:71:7c:d2:92:0d:94:15:
7b:14:13:86:b8:2d:0f:ae:f3:21:b5:ba:85:f8:94:
6f:0f:c1:e8:db:0f:78:ef:29:ec:bf:8c:66:20:07:
ca:e3:2b:e0:b5:ed:2a:e1:7e:59:55:1d:5a:6e:4f:
ee:85:98:29:b5:b3:12:9c:56:10:13:4c:81:1a:39:
ca:19:9a:5d:5a:78:0a:84:8b:d6:10:fc:cb:b8:6b:
ad:10:2c:db:39:dc:46:cf:cf:40:bf:43:65:8c:58:
8d:a4:23:9d:de:20:35:a3:55:6c:7b:bd:8c:31:48:
7a:93:5f:01:82:22:26:e8:1f:c3:e1:14:4b:55:95:
8e:c7:4f:91:09:54:00:21:82:df:2e:ad:20:9e:92:
4f:94:ad:6c:f0:69:8b:9c:9d:44:5a:ee:00:a6:ca:
bb:5e:83:00:70:70:7f:dd:cd:cd:44:43:ca:73:73:
88:b6:2b:11:dd:78:01:49:ef:f9:ad:d6:18:4b:cd:
af:4e:e9:0b:2a:f5:14:2a:c4:72:5f:d0:6d:94:50:
c1:95:b3:d6:ab:c5:a2:75:ee:7c:df:8f:b8:df:71:
27:20:b5:ff:80:82:ca:36:e7:e8:f8:7f:51:16:0f:
b8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:DE:29:E7:01:8C:59:64:A6:A5:12:6C:D8:C4:84:1B:2A:72:01:A9
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/fd4p5wGMWWSmpRJs2MSEGypyAak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/21
213.145.89.0-213.145.91.255
213.145.93.0-213.145.94.255
Signature Algorithm: sha256WithRSAEncryption
c4:bd:e5:63:e1:be:0d:cc:b5:93:b4:c6:35:f9:81:a1:26:7c:
d4:ab:90:a9:23:e8:08:8e:40:0c:89:07:ed:71:fc:99:84:2b:
9d:e0:1b:83:e2:41:61:6a:2b:fd:8a:e0:3d:5c:a7:1b:65:0b:
83:77:80:7a:f0:7f:20:61:88:d8:15:19:83:ae:fb:48:0d:22:
41:18:f4:11:b8:f7:10:ec:04:5c:81:14:6f:46:bd:06:b6:31:
b5:2f:5b:06:2c:d9:87:90:4d:93:8f:36:5b:d9:da:18:28:a1:
4f:08:c7:17:da:55:40:e3:83:09:20:db:0f:60:06:b8:29:9c:
dc:20:40:a9:bf:65:34:ca:68:14:b4:f3:16:a3:c1:5b:70:4e:
50:91:70:30:95:3d:a9:4f:06:0e:5d:65:9b:53:e0:f2:74:a0:
cc:e1:48:27:1f:59:5a:d3:d5:85:2d:44:b9:ab:6c:1c:7c:33:
b1:0e:f7:59:1a:96:af:f9:61:a5:e2:7f:3d:ab:1a:08:1c:e7:
62:99:ca:6d:b0:7b:10:28:0a:52:33:99:3e:f9:87:c3:9d:d0:
64:5e:b7:61:24:a0:1f:18:31:32:34:69:67:22:fb:84:2d:eb:
34:7e:c9:20:9a:60:a2:79:e6:4c:0d:4e:47:25:fe:09:45:9a:
50:f8:bc:51
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYrqzGrOYUJyiPLcggViyjRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjMxMDAxMTAzMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGRlMjllNzAxOGM1OTY0YTZhNTEyNmNkOGM0ODQxYjJhNzIwMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/SRyIi0eaNnm47i19VsQivp9a1O
E3F80pINlBV7FBOGuC0PrvMhtbqF+JRvD8Ho2w947ynsv4xmIAfK4yvgte0q4X5Z
VR1abk/uhZgptbMSnFYQE0yBGjnKGZpdWngKhIvWEPzLuGutECzbOdxGz89Av0Nl
jFiNpCOd3iA1o1Vse72MMUh6k18BgiIm6B/D4RRLVZWOx0+RCVQAIYLfLq0gnpJP
lK1s8GmLnJ1EWu4Apsq7XoMAcHB/3c3NREPKc3OItisR3XgBSe/5rdYYS82vTukL
KvUUKsRyX9BtlFDBlbPWq8Wide5834+433EnILX/gILKNufo+H9RFg+4xQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH3eKecBjFlkpqUSbNjEhBsqcgGpMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvZmQ0cDV3R01XV1NtcFJKczJNU0VHeXB5QWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQD1ZFIMAwD
BADVkVkDBALVkVgwDAMEANWRXQMEANWRXjANBgkqhkiG9w0BAQsFAAOCAQEAxL3l
Y+G+Dcy1k7TGNfmBoSZ81KuQqSPoCI5ADIkH7XH8mYQrneAbg+JBYWor/YrgPVyn
G2ULg3eAevB/IGGI2BUZg677SA0iQRj0Ebj3EOwEXIEUb0a9BrYxtS9bBizZh5BN
k482W9naGCihTwjHF9pVQOODCSDbD2AGuCmc3CBAqb9lNMpoFLTzFqPBW3BOUJFw
MJU9qU8GDl1lm1Pg8nSgzOFIJx9ZWtPVhS1EuatsHHwzsQ73WRqWr/lhpeJ/Pasa
CBznYpnKbbB7ECgKUjOZPvmHw53QZF63YSSgHxgxMjRpZyL7hC3rNH7JIJpgonnm
TA1ORyX+CUWaUPi8UQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:12 2024 by rpki-client on console-ams.rpki-client.org