Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/f0oXVGQqLqjjOisyb5zckQP4jTY.roa
File: f0oXVGQqLqjjOisyb5zckQP4jTY.roa (raw, json)
Hash identifier: nEum62UJREwYQ0o3J84cVaLVlx0AvjTvIz1qYCg760k=
Subject key identifier: 7F:4A:17:54:64:2A:2E:A8:E3:3A:2B:32:6F:9C:DC:91:03:F8:8D:36
Certificate issuer: /CN=d28fcbdf572bcaf93e1544de10a176cb301106bb
Certificate serial: 01857142ECAC1C6A17193D4C79A242A8671C
Authority key identifier: D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0o_L31cryvk-FUTeEKF2yzARBrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/f0oXVGQqLqjjOisyb5zckQP4jTY.roa
Signing time: Mon 02 Jan 2023 06:54:49 +0000
ROA not before: Mon 02 Jan 2023 06:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20677
IP address blocks: 46.17.244.0/22 maxlen: 22
185.113.152.0/22 maxlen: 22
185.38.52.0/22 maxlen: 22
185.113.148.0/22 maxlen: 22
212.87.128.0/19 maxlen: 19
185.145.220.0/22 maxlen: 22
2a00:fac0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:42:ec:ac:1c:6a:17:19:3d:4c:79:a2:42:a8:67:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d28fcbdf572bcaf93e1544de10a176cb301106bb
Validity
Not Before: Jan 2 06:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f4a1754642a2ea8e33a2b326f9cdc9103f88d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:06:d4:36:14:28:d1:5c:d2:8e:0c:be:de:
36:5d:42:3b:59:be:28:3a:91:f5:2c:77:f5:22:78:
95:75:01:bf:2e:ef:71:19:a1:09:f8:7b:56:ff:83:
26:d5:85:a0:4b:fa:01:12:97:6d:7f:91:31:7d:64:
46:09:2b:63:d5:a4:09:5f:83:ee:87:93:1d:b1:63:
6f:00:1b:98:25:bb:5e:46:0b:4e:0e:8b:2a:b4:85:
7b:48:6d:95:89:49:7d:86:99:c7:b9:3d:c8:75:e4:
df:9d:06:9f:68:60:64:10:2f:90:e1:cc:2b:ab:b0:
27:20:5e:fc:96:df:67:ac:a2:7b:ab:13:82:a0:4a:
a4:f1:a9:c8:6b:29:db:6a:97:36:c2:d8:b4:14:3f:
e6:f4:4f:99:a7:3a:27:4d:a6:1e:48:e6:8a:6c:47:
72:ad:2d:2e:3d:77:26:b3:82:dd:af:20:9c:42:80:
cc:d0:be:5d:ca:ce:df:ea:5a:e2:e6:72:b5:d2:f2:
ec:27:de:1b:de:ad:1f:ad:1f:76:dd:92:b1:ca:a7:
f1:c1:ec:1e:41:73:5f:a1:9c:a4:bb:25:a2:ee:3f:
cd:7a:e9:09:cc:c8:4b:57:89:f7:f1:34:e7:15:07:
19:10:97:ab:2f:7e:d2:a7:5b:90:50:ef:95:ae:e9:
fe:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4A:17:54:64:2A:2E:A8:E3:3A:2B:32:6F:9C:DC:91:03:F8:8D:36
X509v3 Authority Key Identifier:
keyid:D2:8F:CB:DF:57:2B:CA:F9:3E:15:44:DE:10:A1:76:CB:30:11:06:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0o_L31cryvk-FUTeEKF2yzARBrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/f0oXVGQqLqjjOisyb5zckQP4jTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/01a103-5b25-4442-a892-0fe8399de727/1/0o_L31cryvk-FUTeEKF2yzARBrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.244.0/22
185.38.52.0/22
185.113.148.0-185.113.155.255
185.145.220.0/22
212.87.128.0/19
IPv6:
2a00:fac0::/32
Signature Algorithm: sha256WithRSAEncryption
09:5e:66:a2:27:d9:6b:68:70:83:75:7d:d4:86:07:2f:f1:51:
39:91:a0:8a:81:54:d7:db:a5:bf:3d:66:c0:b8:bf:c7:f5:d2:
0e:93:52:b1:f2:0d:6d:a5:4a:5c:ee:9c:4c:7c:c5:cc:a5:89:
af:4e:f6:8e:ff:6d:e4:b9:68:14:bb:90:94:b3:a2:71:62:a8:
ea:00:3f:e9:28:cf:72:ff:96:11:eb:1c:e6:ba:e6:1c:47:6c:
28:01:a0:f1:b1:86:12:78:4f:bd:3a:1f:c5:d1:9f:0b:cf:55:
be:1e:8c:5a:81:fe:21:9b:84:56:77:78:22:03:97:b3:ad:61:
25:74:89:0e:a5:ea:90:ce:84:f4:4e:d6:bb:ce:f3:5d:c7:32:
3f:13:f3:38:49:3a:fc:cb:c6:6b:1a:5e:df:c7:2e:7e:e2:ce:
a1:98:ea:9d:a3:67:cb:ad:2d:4c:eb:46:e5:59:cf:21:58:a4:
12:0a:d9:4f:56:0d:78:e0:e8:3f:01:35:c8:82:30:6f:fa:36:
ec:6f:82:e2:d5:4a:52:dc:eb:97:6f:ac:1d:c3:e1:3e:46:1a:
a3:64:c6:ab:04:52:46:2a:fb:9a:44:23:9e:5a:44:6f:7d:8d:
d7:8b:f2:e5:7e:e6:6e:43:bf:97:0b:54:34:4a:68:d1:58:92:
8a:02:56:d9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYVxQuysHGoXGT1MeaJCqGccMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOGZjYmRmNTcyYmNhZjkzZTE1NDRkZTEwYTE3NmNiMzAx
MTA2YmIwHhcNMjMwMTAyMDY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRhMTc1NDY0MmEyZWE4ZTMzYTJiMzI2ZjljZGM5MTAzZjg4ZDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzkG1DYUKNFc0o4Mvt42XUI7Wb4o
OpH1LHf1IniVdQG/Lu9xGaEJ+HtW/4Mm1YWgS/oBEpdtf5ExfWRGCStj1aQJX4Pu
h5MdsWNvABuYJbteRgtODosqtIV7SG2ViUl9hpnHuT3IdeTfnQafaGBkEC+Q4cwr
q7AnIF78lt9nrKJ7qxOCoEqk8anIaynbapc2wti0FD/m9E+ZpzonTaYeSOaKbEdy
rS0uPXcms4LdryCcQoDM0L5dys7f6lri5nK10vLsJ94b3q0frR923ZKxyqfxwewe
QXNfoZykuyWi7j/NeukJzMhLV4n38TTnFQcZEJerL37Sp1uQUO+Vrun+DwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFH9KF1RkKi6o4zorMm+c3JED+I02MB8GA1UdIwQY
MBaAFNKPy99XK8r5PhVE3hChdsswEQa7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG9fTDMxY3J5dmstRlVUZUVLRjJ5ekFSQnJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wMWExMDMtNWIyNS00NDQyLWE4OTIt
MGZlODM5OWRlNzI3LzEvZjBvWFZHUXFMcWpqT2lzeWI1emNrUVA0alRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wMWExMDMtNWIyNS00NDQyLWE4OTItMGZlODM5OWRlNzI3
LzEvMG9fTDMxY3J5dmstRlVUZUVLRjJ5ekFSQnJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQCLhH0AwQC
uSY0MAwDBAK5cZQDBAK5cZgDBAK5kdwDBAXUV4AwDQQCAAIwBwMFACoA+sAwDQYJ
KoZIhvcNAQELBQADggEBAAleZqIn2WtocIN1fdSGBy/xUTmRoIqBVNfbpb89ZsC4
v8f10g6TUrHyDW2lSlzunEx8xcylia9O9o7/beS5aBS7kJSzonFiqOoAP+koz3L/
lhHrHOa65hxHbCgBoPGxhhJ4T706H8XRnwvPVb4ejFqB/iGbhFZ3eCIDl7OtYSV0
iQ6l6pDOhPRO1rvO813HMj8T8zhJOvzLxmsaXt/HLn7izqGY6p2jZ8utLUzrRuVZ
zyFYpBIK2U9WDXjg6D8BNciCMG/6NuxvguLVSlLc65dvrB3D4T5GGqNkxqsEUkYq
+5pEI55aRG99jdeL8uV+5m5Dv5cLVDRKaNFYkooCVtk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:18 2024 by rpki-client on console-ams.rpki-client.org