Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/3cc89e-76df-46b3-9f14-a38dda13a608/1/_I7K-KQczgbKmGORR-QI9LiV9VA.roa
File: _I7K-KQczgbKmGORR-QI9LiV9VA.roa (raw, json)
Hash identifier: wOK5eg0jl3xijEgD06l+pkwPNUy1DPwlkqF/5k9w5uE=
Subject key identifier: FC:8E:CA:F8:A4:1C:CE:06:CA:98:63:91:47:E4:08:F4:B8:95:F5:50
Certificate issuer: /CN=25d9016727cea947bdb48b3a7de7e2071be4580a
Certificate serial: 01884E0585CF9B225842C86D46C37F4EB295
Authority key identifier: 25:D9:01:67:27:CE:A9:47:BD:B4:8B:3A:7D:E7:E2:07:1B:E4:58:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JdkBZyfOqUe9tIs6fefiBxvkWAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/3cc89e-76df-46b3-9f14-a38dda13a608/1/_I7K-KQczgbKmGORR-QI9LiV9VA.roa
Signing time: Wed 24 May 2023 13:49:24 +0000
ROA not before: Wed 24 May 2023 13:49:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203628
IP address blocks: 185.129.32.0/22 maxlen: 22
195.85.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:4e:05:85:cf:9b:22:58:42:c8:6d:46:c3:7f:4e:b2:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25d9016727cea947bdb48b3a7de7e2071be4580a
Validity
Not Before: May 24 13:49:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fc8ecaf8a41cce06ca98639147e408f4b895f550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:37:bc:e0:ff:d2:f3:c3:b6:5c:3a:82:fd:06:
ee:48:e0:99:ce:b0:48:6c:93:e0:39:25:ab:e3:fc:
b2:27:2d:d8:22:f5:73:72:43:b4:93:5c:24:38:ee:
6d:eb:61:0c:ea:33:32:5f:b0:7a:72:b5:90:85:36:
19:c8:f2:07:f8:e0:53:0a:56:9f:d8:a6:17:86:b8:
b3:73:2b:60:3e:bd:63:7e:ec:78:1a:a2:ae:6a:70:
e9:b5:3f:19:eb:f3:7d:f9:89:2f:e0:45:67:9f:35:
2d:db:a6:41:11:3c:5f:78:fc:ae:65:cc:9f:38:3d:
6c:06:0b:a6:9f:7f:c3:02:ef:1d:e9:70:f6:7b:15:
a1:23:cc:fd:a3:9e:35:a7:8b:10:9a:36:d9:1b:ff:
48:6b:76:8b:b7:a7:94:29:02:d8:c1:2d:57:0f:5a:
aa:df:0b:77:68:82:8b:a3:76:f0:db:8a:63:dd:02:
c6:f3:e9:c1:3d:71:86:7b:a4:75:27:c3:66:00:f9:
ec:1a:05:92:48:9a:81:03:ae:97:48:ad:b4:95:3e:
e1:53:0d:3e:ad:71:79:83:ae:95:b4:3a:9c:77:ff:
d2:33:cc:af:80:cc:ee:60:c3:5e:ae:49:f9:32:ec:
4c:e7:b6:8e:4f:b7:77:14:bf:44:de:c0:fb:2f:c3:
ac:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:8E:CA:F8:A4:1C:CE:06:CA:98:63:91:47:E4:08:F4:B8:95:F5:50
X509v3 Authority Key Identifier:
keyid:25:D9:01:67:27:CE:A9:47:BD:B4:8B:3A:7D:E7:E2:07:1B:E4:58:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JdkBZyfOqUe9tIs6fefiBxvkWAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3cc89e-76df-46b3-9f14-a38dda13a608/1/_I7K-KQczgbKmGORR-QI9LiV9VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/3cc89e-76df-46b3-9f14-a38dda13a608/1/JdkBZyfOqUe9tIs6fefiBxvkWAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.32.0/22
195.85.227.0/24
Signature Algorithm: sha256WithRSAEncryption
77:8d:9d:eb:eb:3c:07:1f:c8:a2:dc:8b:1c:d7:e7:a8:d6:de:
d8:ed:40:54:94:22:b4:ed:73:be:93:6f:68:25:5e:0b:9e:10:
d7:a2:2c:f8:a1:ae:b5:fe:06:62:88:dd:3e:17:96:03:bd:21:
db:ac:de:ba:6b:64:b5:d5:5a:41:c4:f6:ce:39:cf:9a:af:a7:
66:e6:f1:e9:d5:c3:41:00:5c:58:84:04:04:2b:e0:50:65:4b:
fd:d7:d0:04:db:f6:60:de:f6:c4:b1:d8:15:40:39:c5:e4:be:
29:1b:4e:9d:7d:84:a7:0b:a1:f3:69:b9:a4:4f:30:b3:da:ca:
4a:78:2d:0f:81:c8:48:e9:8a:67:e5:de:db:01:f9:80:f8:c9:
ad:f1:d8:e8:14:51:8a:bf:b5:31:5e:a4:70:62:90:7f:be:5c:
49:51:06:4b:e7:fa:4c:f3:89:72:25:97:aa:45:ac:af:01:e7:
06:e3:72:cf:eb:dc:c5:86:32:f2:e2:ee:ae:e7:2b:67:37:18:
ef:41:9e:b2:f0:72:bd:1b:e7:60:86:46:09:a9:d9:c2:3f:57:
54:4a:cf:ae:fa:96:fd:e4:8e:e8:b2:75:ba:00:fe:e0:3d:0d:
e4:c7:b3:d5:d6:87:0f:4d:35:f4:6a:d0:99:36:70:0f:b8:8a:
ef:79:f3:f2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhOBYXPmyJYQshtRsN/TrKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZDkwMTY3MjdjZWE5NDdiZGI0OGIzYTdkZTdlMjA3MWJl
NDU4MGEwHhcNMjMwNTI0MTM0OTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzhlY2FmOGE0MWNjZTA2Y2E5ODYzOTE0N2U0MDhmNGI4OTVmNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDe84P/S88O2XDqC/QbuSOCZzrBI
bJPgOSWr4/yyJy3YIvVzckO0k1wkOO5t62EM6jMyX7B6crWQhTYZyPIH+OBTClaf
2KYXhrizcytgPr1jfux4GqKuanDptT8Z6/N9+Ykv4EVnnzUt26ZBETxfePyuZcyf
OD1sBgumn3/DAu8d6XD2exWhI8z9o541p4sQmjbZG/9Ia3aLt6eUKQLYwS1XD1qq
3wt3aIKLo3bw24pj3QLG8+nBPXGGe6R1J8NmAPnsGgWSSJqBA66XSK20lT7hUw0+
rXF5g66VtDqcd//SM8yvgMzuYMNerkn5MuxM57aOT7d3FL9E3sD7L8Os4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPyOyvikHM4GyphjkUfkCPS4lfVQMB8GA1UdIwQY
MBaAFCXZAWcnzqlHvbSLOn3n4gcb5FgKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmRrQlp5Zk9xVWU5dElzNmZlZmlCeHZrV0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zY2M4OWUtNzZkZi00NmIzLTlmMTQt
YTM4ZGRhMTNhNjA4LzEvX0k3Sy1LUWN6Z2JLbUdPUlItUUk5TGlWOVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zY2M4OWUtNzZkZi00NmIzLTlmMTQtYTM4ZGRhMTNhNjA4
LzEvSmRrQlp5Zk9xVWU5dElzNmZlZmlCeHZrV0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYEgAwQA
w1XjMA0GCSqGSIb3DQEBCwUAA4IBAQB3jZ3r6zwHH8ii3Isc1+eo1t7Y7UBUlCK0
7XO+k29oJV4LnhDXoiz4oa61/gZiiN0+F5YDvSHbrN66a2S11VpBxPbOOc+ar6dm
5vHp1cNBAFxYhAQEK+BQZUv919AE2/Zg3vbEsdgVQDnF5L4pG06dfYSnC6Hzabmk
TzCz2spKeC0PgchI6Ypn5d7bAfmA+Mmt8djoFFGKv7UxXqRwYpB/vlxJUQZL5/pM
84lyJZeqRayvAecG43LP69zFhjLy4u6u5ytnNxjvQZ6y8HK9G+dghkYJqdnCP1dU
Ss+u+pb95I7osnW6AP7gPQ3kx7PV1ocPTTX0atCZNnAPuIrvefPy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:11 2024 by rpki-client on console-fra.rpki-client.org