Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/FnjDzKkzpD5GHl_-yGgJQ1pacEY.roa
File: FnjDzKkzpD5GHl_-yGgJQ1pacEY.roa (raw, json)
Hash identifier: NCF+51Zp6FthM1mK8kzaVc7dmfO5DpiEJcDjCo62FbE=
Subject key identifier: 16:78:C3:CC:A9:33:A4:3E:46:1E:5F:FE:C8:68:09:43:5A:5A:70:46
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018D506C1F9E66DA2205E8F8A5648219E252
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/FnjDzKkzpD5GHl_-yGgJQ1pacEY.roa
Signing time: Sun 28 Jan 2024 14:14:39 +0000
ROA not before: Sun 28 Jan 2024 14:14:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49581
IP address blocks: 185.91.127.0/24 maxlen: 24
2a12:de40::/29 maxlen: 29
2a12:de40::/32 maxlen: 32
2a12:de44::/32 maxlen: 32
2a12:de45::/32 maxlen: 32
2a12:de46::/32 maxlen: 32
2a12:de47::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 21 Feb 2024 23:28:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:50:6c:1f:9e:66:da:22:05:e8:f8:a5:64:82:19:e2:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Jan 28 14:14:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1678c3cca933a43e461e5ffec86809435a5a7046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:4d:d4:1a:1b:95:0f:0f:04:34:ef:7b:eb:
1c:51:6b:0d:72:48:11:5a:22:6c:6f:12:a9:02:ea:
b9:ac:13:5d:b2:45:4b:83:4c:52:a0:4a:35:8f:96:
ca:c2:12:fb:cc:bf:e7:70:8b:4e:b4:58:47:d6:8b:
99:12:50:4b:23:bc:2c:57:bd:0b:c9:70:c5:49:57:
79:2d:ed:1f:e6:1f:d5:a8:4d:03:c0:b2:c1:04:30:
d4:d1:27:4c:ad:9f:64:99:80:87:40:e2:20:61:d4:
86:f9:75:97:3c:1f:4f:e3:75:dd:73:b5:23:bb:78:
ce:95:8e:64:5d:db:a7:27:ba:37:55:19:93:2e:3d:
d6:df:0f:04:e9:02:ec:6e:14:55:62:7b:45:0b:16:
a1:ec:f9:e0:51:be:43:66:bd:a7:28:d6:ad:57:55:
de:3b:09:df:5d:36:ec:fe:ad:8f:cb:36:43:d8:16:
f8:59:08:57:e8:fc:39:fa:8d:b2:38:b5:2d:2d:7f:
59:2b:7a:57:a8:75:e7:db:9e:d1:50:8e:59:56:eb:
6a:53:cb:08:b0:4d:cf:2c:7d:20:28:c2:cc:45:20:
47:4d:ea:d0:a9:96:f2:48:cd:4d:20:84:4c:04:eb:
c7:b1:5f:04:5b:20:20:d0:c4:5f:06:76:5d:61:a3:
81:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:78:C3:CC:A9:33:A4:3E:46:1E:5F:FE:C8:68:09:43:5A:5A:70:46
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/FnjDzKkzpD5GHl_-yGgJQ1pacEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.127.0/24
IPv6:
2a12:de40::/29
Signature Algorithm: sha256WithRSAEncryption
03:e8:85:14:a9:a4:96:f9:3a:e6:8c:22:65:a7:e2:40:14:90:
04:7f:04:b6:d0:22:8c:3e:23:54:cb:0d:26:80:27:41:d5:38:
57:2c:d6:9c:86:2b:b8:2b:4b:f1:40:e3:7e:d3:54:7a:b7:3f:
31:23:e3:20:b5:71:13:43:ac:c9:08:34:5c:4d:d1:bf:ac:fc:
59:80:f4:c4:c9:7d:fe:59:52:5c:03:e5:d5:96:1e:a1:3f:fe:
a5:5e:c4:e6:50:0d:0a:f4:17:86:df:96:dc:0b:ea:7d:79:6d:
ed:18:46:aa:54:ed:e7:96:ad:0e:76:5b:95:5f:76:b1:02:22:
ed:8f:16:37:27:a8:fd:4e:00:20:13:68:98:ba:57:54:9a:fb:
f0:57:aa:18:5f:5d:76:ad:59:11:57:dc:f8:dc:ea:eb:20:2f:
af:e3:20:96:97:d8:ab:8b:5c:af:a5:ab:d4:8f:01:99:60:35:
72:4f:0e:3d:6e:bc:7f:e5:f1:75:95:98:3e:3b:e9:da:38:24:
a3:5d:0d:c5:ea:99:e8:f0:75:9d:3d:eb:27:90:81:fe:3a:76:
c9:a1:20:00:c8:a7:e2:1b:46:1a:e6:85:66:42:d8:20:1b:63:
ab:ae:c6:36:39:a5:9e:72:c2:67:b8:0f:88:f0:d3:1c:5e:67:
bd:95:ec:d0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY1QbB+eZtoiBej4pWSCGeJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjQwMTI4MTQxNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjc4YzNjY2E5MzNhNDNlNDYxZTVmZmVjODY4MDk0MzVhNWE3MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudJN1BoblQ8PBDTve+scUWsNckgR
WiJsbxKpAuq5rBNdskVLg0xSoEo1j5bKwhL7zL/ncItOtFhH1ouZElBLI7wsV70L
yXDFSVd5Le0f5h/VqE0DwLLBBDDU0SdMrZ9kmYCHQOIgYdSG+XWXPB9P43Xdc7Uj
u3jOlY5kXdunJ7o3VRmTLj3W3w8E6QLsbhRVYntFCxah7PngUb5DZr2nKNatV1Xe
OwnfXTbs/q2PyzZD2Bb4WQhX6Pw5+o2yOLUtLX9ZK3pXqHXn257RUI5ZVutqU8sI
sE3PLH0gKMLMRSBHTerQqZbySM1NIIRMBOvHsV8EWyAg0MRfBnZdYaOBzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBZ4w8ypM6Q+Rh5f/shoCUNaWnBGMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvRm5qRHpLa3pwRDVHSGxfLXlHZ0pRMXBhY0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuVt/MA0E
AgACMAcDBQMqEt5AMA0GCSqGSIb3DQEBCwUAA4IBAQAD6IUUqaSW+TrmjCJlp+JA
FJAEfwS20CKMPiNUyw0mgCdB1ThXLNachiu4K0vxQON+01R6tz8xI+MgtXETQ6zJ
CDRcTdG/rPxZgPTEyX3+WVJcA+XVlh6hP/6lXsTmUA0K9BeG35bcC+p9eW3tGEaq
VO3nlq0OdluVX3axAiLtjxY3J6j9TgAgE2iYuldUmvvwV6oYX112rVkRV9z43Orr
IC+v4yCWl9iri1yvpavUjwGZYDVyTw49brx/5fF1lZg+O+naOCSjXQ3F6pno8HWd
PesnkIH+OnbJoSAAyKfiG0Ya5oVmQtggG2OrrsY2OaWecsJnuA+I8NMcXme9lezQ
Generated at Thu Feb 22 02:26:28 2024 by rpki-client on console-fra.rpki-client.org