Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FpePV67hZgz2bxCxiGYVZT0UXQk.roa
File: FpePV67hZgz2bxCxiGYVZT0UXQk.roa (raw, json)
Hash identifier: q+cb7AvpWoIh6yd1ahLGi0HENOc/d5W8YEwSSWgeqro=
Subject key identifier: 16:97:8F:57:AE:E1:66:0C:F6:6F:10:B1:88:66:15:65:3D:14:5D:09
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14AC227728AFC9282F6686B6A3B501
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FpePV67hZgz2bxCxiGYVZT0UXQk.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 196705
IP address blocks: 188.191.20.0/24 maxlen: 24
188.191.21.0/24 maxlen: 24
188.191.22.0/24 maxlen: 24
188.191.23.0/24 maxlen: 24
188.191.20.0/22 maxlen: 22
188.191.28.0/24 maxlen: 24
188.191.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 16:13:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ac:22:77:28:af:c9:28:2f:66:86:b6:a3:b5:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16978f57aee1660cf66f10b1886615653d145d09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3a:b9:20:89:27:9b:cc:91:f5:62:b2:85:d6:
7d:4a:f2:c5:95:21:70:4e:24:48:84:b0:0b:79:69:
73:97:d2:8c:d8:3f:32:b1:16:64:7e:a8:99:38:38:
5b:78:ac:ad:86:d4:5a:31:0d:fa:60:ad:ac:11:53:
64:ed:03:62:e9:ee:54:74:38:38:21:58:7d:18:ee:
ea:47:9b:86:67:6e:45:6f:d0:7f:e4:d8:d4:e6:81:
70:4f:37:fa:c5:cc:2e:bd:5d:e8:b1:b3:1f:00:12:
18:d9:b5:46:2b:32:5a:f7:c0:e8:50:d5:c4:a5:ee:
03:c1:82:f1:a8:b5:95:c2:6a:e0:67:d7:02:3b:12:
af:56:5c:97:c9:2a:a7:69:c5:73:e8:3f:f2:21:f1:
e2:ce:49:48:10:86:cd:49:7d:eb:68:2c:fc:d4:41:
88:c4:22:c3:ae:ca:f9:92:b6:e0:05:9e:99:6c:e1:
71:3b:11:94:3f:1f:c1:2b:27:1a:f8:ae:23:f8:2d:
1c:6b:3e:fb:06:13:40:9d:46:46:6c:dc:46:a0:cf:
f0:83:45:50:1d:04:b8:61:76:d5:a7:23:a5:bf:0f:
0b:a3:a0:12:04:40:80:a0:22:4b:5b:8f:53:c2:2c:
dc:0d:af:27:a6:c8:16:59:7c:2b:41:9b:20:6c:4d:
8f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:97:8F:57:AE:E1:66:0C:F6:6F:10:B1:88:66:15:65:3D:14:5D:09
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/FpePV67hZgz2bxCxiGYVZT0UXQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.20.0/22
188.191.28.0/22
Signature Algorithm: sha256WithRSAEncryption
17:59:62:99:55:be:8e:19:c4:1b:42:9c:fa:b2:c6:19:ff:74:
51:ae:de:02:2d:fd:6b:7d:7c:54:f0:1c:eb:11:f3:78:f2:31:
9e:7d:8e:d7:75:73:7a:fe:18:3b:94:bc:43:ca:16:e3:08:77:
7d:5b:77:0b:92:ce:4c:40:65:e4:93:78:49:e7:c4:ad:7c:41:
55:59:fc:f5:0c:13:09:3d:59:9f:85:80:51:ff:c7:14:5a:cf:
16:54:04:ac:00:ea:01:20:be:ae:63:96:d4:8c:c3:c8:1e:0d:
a4:75:99:f4:5f:2e:f5:7d:a8:34:d9:e7:ee:78:4b:67:61:ee:
22:13:e4:b1:d1:ff:ec:7c:60:46:d8:95:e3:59:5b:77:76:ab:
2a:b6:6a:9f:99:4f:a8:db:93:5b:ce:7a:2d:aa:3f:03:70:b6:
13:63:f7:fb:31:5b:dd:b3:d3:09:26:cd:bf:74:08:14:54:6c:
77:2c:0a:93:b6:74:a8:df:e0:91:ae:20:cf:40:f2:bd:2f:7d:
08:cb:09:90:6e:3e:e1:85:af:e0:f7:41:27:2f:dc:76:8f:ce:
5d:11:3c:19:b5:d5:fb:0c:b5:03:df:30:54:ab:4f:aa:a1:05:
97:86:43:d4:ab:f5:d3:54:13:ad:6c:0d:47:f2:cb:47:40:e6:
c3:24:33:f6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvFKwidyivySgvZoa2o7UBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjk3OGY1N2FlZTE2NjBjZjY2ZjEwYjE4ODY2MTU2NTNkMTQ1ZDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjq5IIknm8yR9WKyhdZ9SvLFlSFw
TiRIhLALeWlzl9KM2D8ysRZkfqiZODhbeKythtRaMQ36YK2sEVNk7QNi6e5UdDg4
IVh9GO7qR5uGZ25Fb9B/5NjU5oFwTzf6xcwuvV3osbMfABIY2bVGKzJa98DoUNXE
pe4DwYLxqLWVwmrgZ9cCOxKvVlyXySqnacVz6D/yIfHizklIEIbNSX3raCz81EGI
xCLDrsr5krbgBZ6ZbOFxOxGUPx/BKyca+K4j+C0caz77BhNAnUZGbNxGoM/wg0VQ
HQS4YXbVpyOlvw8Lo6ASBECAoCJLW49TwizcDa8npsgWWXwrQZsgbE2PKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBaXj1eu4WYM9m8QsYhmFWU9FF0JMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvRnBlUFY2N2haZ3oyYnhDeGlHWVZaVDBVWFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCvL8UAwQC
vL8cMA0GCSqGSIb3DQEBCwUAA4IBAQAXWWKZVb6OGcQbQpz6ssYZ/3RRrt4CLf1r
fXxU8BzrEfN48jGefY7XdXN6/hg7lLxDyhbjCHd9W3cLks5MQGXkk3hJ58StfEFV
Wfz1DBMJPVmfhYBR/8cUWs8WVASsAOoBIL6uY5bUjMPIHg2kdZn0Xy71fag02efu
eEtnYe4iE+Sx0f/sfGBG2JXjWVt3dqsqtmqfmU+o25Nbznotqj8DcLYTY/f7MVvd
s9MJJs2/dAgUVGx3LAqTtnSo3+CRriDPQPK9L30IywmQbj7hha/g90EnL9x2j85d
ETwZtdX7DLUD3zBUq0+qoQWXhkPUq/XTVBOtbA1H8stHQObDJDP2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:53 2024 by rpki-client on console-ams.rpki-client.org