Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/_Ngd3ZKeJ5SQqdmQ6pG7Y2RWxP8.roa
File: _Ngd3ZKeJ5SQqdmQ6pG7Y2RWxP8.roa (raw, json)
Hash identifier: Zu02lwKhEDpWV7+d62t8h0Kg56RqHsevYlis0UDFZBk=
Subject key identifier: FC:D8:1D:DD:92:9E:27:94:90:A9:D9:90:EA:91:BB:63:64:56:C4:FF
Certificate issuer: /CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Certificate serial: 01856B2E93C1B4770C05EAE4FC5A3FF81A93
Authority key identifier: 78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/_Ngd3ZKeJ5SQqdmQ6pG7Y2RWxP8.roa
Signing time: Sun 01 Jan 2023 02:34:52 +0000
ROA not before: Sun 01 Jan 2023 02:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41281
IP address blocks: 193.189.100.0/24 maxlen: 24
193.189.101.0/24 maxlen: 24
45.154.255.0/24 maxlen: 24
45.154.254.0/24 maxlen: 24
2001:67c:130c::/48 maxlen: 48
2a0f:df00:dead::/48 maxlen: 48
2a0f:df00::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Mar 2023 12:12:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:2e:93:c1:b4:77:0c:05:ea:e4:fc:5a:3f:f8:1a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=787e31ce5d501d1a94afdabbd4e024cc2a788ef5
Validity
Not Before: Jan 1 02:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcd81ddd929e279490a9d990ea91bb636456c4ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:57:e6:14:0d:82:c1:88:25:c9:8e:09:0f:60:
90:7e:ee:e8:33:d1:9b:2e:35:f1:95:76:ab:35:79:
60:5a:8a:15:61:d7:65:42:ff:3a:9c:87:80:95:48:
12:18:a1:b0:81:7c:b4:85:98:c2:46:e6:7a:9f:17:
3d:51:28:2c:3a:3c:9a:17:c7:57:b8:4c:96:0b:02:
87:78:96:e3:28:2b:75:a2:9b:d4:30:49:69:fe:72:
4b:96:56:69:cb:69:36:94:2e:77:a5:0a:b7:5f:fa:
a1:7c:a4:3c:72:ce:a3:d9:51:6f:56:89:18:7d:06:
98:d3:6f:cd:99:a4:fc:78:0b:f3:e5:bd:df:33:b2:
1a:bf:43:32:6f:84:b1:58:34:54:b8:59:91:21:4f:
a8:30:dd:06:20:a8:23:cb:5c:ce:11:2c:dd:18:fe:
79:2d:93:ea:3e:6f:3a:82:95:fa:09:c6:b5:d6:f4:
f3:72:9a:0b:da:fb:35:37:8f:b6:7f:2f:7f:dd:f2:
0e:bd:4e:b4:38:23:b8:b2:02:58:a7:e1:dc:a1:8e:
b7:5d:c4:58:f8:6e:d8:7f:cf:cf:8f:2d:51:38:ed:
61:b9:b1:be:a1:80:1e:06:8b:47:6d:62:09:68:55:
95:5f:f4:17:cc:dd:52:64:a8:f9:2c:28:b8:db:76:
38:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D8:1D:DD:92:9E:27:94:90:A9:D9:90:EA:91:BB:63:64:56:C4:FF
X509v3 Authority Key Identifier:
keyid:78:7E:31:CE:5D:50:1D:1A:94:AF:DA:BB:D4:E0:24:CC:2A:78:8E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eH4xzl1QHRqUr9q71OAkzCp4jvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/_Ngd3ZKeJ5SQqdmQ6pG7Y2RWxP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/7c55d2-381c-4e87-8ca5-2307bb59225f/1/eH4xzl1QHRqUr9q71OAkzCp4jvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.254.0/23
193.189.100.0/23
IPv6:
2001:67c:130c::/48
2a0f:df00::/48
2a0f:df00:dead::/48
Signature Algorithm: sha256WithRSAEncryption
e5:c4:03:99:91:b0:34:f0:d8:5f:fb:71:5a:73:21:38:dd:13:
fe:c6:ca:0d:47:1b:95:a7:f0:f2:cc:65:6d:9a:a0:83:51:60:
22:9a:ca:38:72:98:85:da:25:45:eb:48:6f:26:28:80:60:f7:
2b:12:b3:16:b2:c6:3c:a5:1a:a2:e9:58:18:eb:2d:ba:d5:1c:
c6:3e:73:e5:3c:3c:b0:ab:69:3a:74:43:db:e1:74:9d:82:f0:
46:9b:40:64:75:f6:42:d5:fb:d7:83:0c:fe:50:54:1e:70:1d:
e2:b8:87:d7:98:24:78:cf:af:78:e4:70:96:ce:d5:87:24:08:
b5:ce:44:0a:6e:64:f0:5e:f1:73:11:51:9d:02:8a:ec:f4:77:
03:12:9f:27:99:2a:2c:12:be:ff:f4:7e:aa:bd:4c:d4:0c:3f:
97:e0:ec:37:f3:fe:c4:e5:4c:f2:27:33:67:03:dd:e9:5c:ea:
01:d7:0b:aa:09:28:cc:75:8c:b0:a5:87:bb:0c:1b:4b:c8:57:
10:00:52:3b:9a:83:07:20:2c:a5:a2:ce:2b:2e:47:34:cd:df:
0b:35:ef:52:f4:1c:72:f8:f6:fe:29:6c:d8:c2:ad:41:89:dc:
b8:fa:e3:c2:33:9e:82:e4:26:0f:f2:da:02:ee:0e:2d:69:3c:
f6:4b:33:ca
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVrLpPBtHcMBerk/Fo/+BqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4N2UzMWNlNWQ1MDFkMWE5NGFmZGFiYmQ0ZTAyNGNjMmE3
ODhlZjUwHhcNMjMwMTAxMDIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2Q4MWRkZDkyOWUyNzk0OTBhOWQ5OTBlYTkxYmI2MzY0NTZjNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1fmFA2CwYglyY4JD2CQfu7oM9Gb
LjXxlXarNXlgWooVYddlQv86nIeAlUgSGKGwgXy0hZjCRuZ6nxc9USgsOjyaF8dX
uEyWCwKHeJbjKCt1opvUMElp/nJLllZpy2k2lC53pQq3X/qhfKQ8cs6j2VFvVokY
fQaY02/NmaT8eAvz5b3fM7Iav0Myb4SxWDRUuFmRIU+oMN0GIKgjy1zOESzdGP55
LZPqPm86gpX6Cca11vTzcpoL2vs1N4+2fy9/3fIOvU60OCO4sgJYp+HcoY63XcRY
+G7Yf8/Pjy1ROO1hubG+oYAeBotHbWIJaFWVX/QXzN1SZKj5LCi423Y4rwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPzYHd2SnieUkKnZkOqRu2NkVsT/MB8GA1UdIwQY
MBaAFHh+Mc5dUB0alK/au9TgJMwqeI71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUt
MjMwN2JiNTkyMjVmLzEvX05nZDNaS2VKNVNRcWRtUTZwRzdZMlJXeFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi83YzU1ZDItMzgxYy00ZTg3LThjYTUtMjMwN2JiNTkyMjVm
LzEvZUg0eHpsMVFIUnFVcjlxNzFPQWt6Q3A0anZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQBLZr+AwQB
wb1kMCEEAgACMBsDBwAgAQZ8EwwDBwAqD98AAAADBwAqD98A3q0wDQYJKoZIhvcN
AQELBQADggEBAOXEA5mRsDTw2F/7cVpzITjdE/7Gyg1HG5Wn8PLMZW2aoINRYCKa
yjhymIXaJUXrSG8mKIBg9ysSsxayxjylGqLpWBjrLbrVHMY+c+U8PLCraTp0Q9vh
dJ2C8EabQGR19kLV+9eDDP5QVB5wHeK4h9eYJHjPr3jkcJbO1YckCLXORApuZPBe
8XMRUZ0Ciuz0dwMSnyeZKiwSvv/0fqq9TNQMP5fg7Dfz/sTlTPInM2cD3elc6gHX
C6oJKMx1jLClh7sMG0vIVxAAUjuagwcgLKWizisuRzTN3ws171L0HHL49v4pbNjC
rUGJ3Lj648IznoLkJg/y2gLuDi1pPPZLM8o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org