Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/FFa_1NOS3qtF1em_wIrH-eojrCc.roa
File: FFa_1NOS3qtF1em_wIrH-eojrCc.roa (raw, json)
Hash identifier: fjStmhaE8/cEaRgKC8cB1Rn5Iro3tbLmZhO98CuShc8=
Subject key identifier: 14:56:BF:D4:D3:92:DE:AB:45:D5:E9:BF:C0:8A:C7:F9:EA:23:AC:27
Certificate issuer: /CN=25a89539520004270d34253bdc16d87784156e1a
Certificate serial: 01859BDE5C540C28F5F3D85DBC7F09A79679
Authority key identifier: 25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/FFa_1NOS3qtF1em_wIrH-eojrCc.roa
Signing time: Tue 10 Jan 2023 13:28:39 +0000
ROA not before: Tue 10 Jan 2023 13:28:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208058
IP address blocks: 212.48.98.0/24 maxlen: 24
212.48.99.0/24 maxlen: 24
212.53.174.0/24 maxlen: 24
212.53.195.0/24 maxlen: 24
212.53.196.0/24 maxlen: 24
212.53.194.0/24 maxlen: 24
212.53.204.0/24 maxlen: 24
212.48.106.0/24 maxlen: 24
212.53.139.0/24 maxlen: 24
212.53.143.0/24 maxlen: 24
212.53.141.0/24 maxlen: 24
212.53.152.0/24 maxlen: 24
212.53.146.0/24 maxlen: 24
212.53.154.0/24 maxlen: 24
212.53.164.0/24 maxlen: 24
212.53.162.0/24 maxlen: 24
212.53.163.0/24 maxlen: 24
212.53.161.0/24 maxlen: 24
212.53.172.0/24 maxlen: 24
212.72.172.0/24 maxlen: 24
212.72.174.0/24 maxlen: 24
212.72.179.0/24 maxlen: 24
212.72.190.0/24 maxlen: 24
212.72.191.0/24 maxlen: 24
2a00:1f78:f001::/48 maxlen: 48
2a00:1f78:fffc::/48 maxlen: 48
2a00:1f78:fffd::/48 maxlen: 48
2a00:1f78:fffb::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 22 Aug 2023 14:15:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9b:de:5c:54:0c:28:f5:f3:d8:5d:bc:7f:09:a7:96:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25a89539520004270d34253bdc16d87784156e1a
Validity
Not Before: Jan 10 13:28:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1456bfd4d392deab45d5e9bfc08ac7f9ea23ac27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2c:a1:f5:28:92:5b:1c:78:d3:8e:10:13:59:
e0:50:02:de:fb:93:74:db:6f:73:13:27:a0:b5:31:
15:b4:6b:7f:5d:53:c5:af:21:b4:b4:ab:08:1b:b2:
1a:71:cf:58:91:d9:14:b2:f3:06:f6:0a:87:70:50:
1a:66:5d:f0:5b:cc:3d:b5:5d:9a:d4:f3:fe:97:f3:
d9:3e:8f:ff:47:53:51:45:bf:6d:b1:f9:88:4b:1b:
69:74:d1:65:0b:e5:f5:ce:87:3f:a9:22:29:bb:9f:
b0:d1:e0:3f:74:7f:80:83:ae:f7:e3:72:b0:aa:a6:
61:bb:7d:58:d8:6d:4d:81:d3:28:67:28:37:33:5e:
a7:a3:2d:4f:f5:35:5a:ef:13:41:df:c6:64:93:37:
6c:38:ab:a2:95:f2:8a:b0:82:b5:cf:c6:b1:09:28:
dd:28:08:73:93:18:82:ff:58:56:ab:b9:ee:06:55:
b1:98:03:8b:91:f1:b6:bb:e3:97:30:d3:89:8c:c6:
24:c5:e8:ae:f6:0b:8d:28:e7:7f:b1:56:79:06:08:
0f:b8:10:4f:71:cb:39:81:a2:7c:bd:ef:ad:95:6f:
c8:66:6c:c0:50:03:f3:0c:37:c3:22:dd:ec:28:2e:
eb:dd:0e:a4:b5:00:61:0d:84:5d:49:86:ed:20:ad:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:56:BF:D4:D3:92:DE:AB:45:D5:E9:BF:C0:8A:C7:F9:EA:23:AC:27
X509v3 Authority Key Identifier:
keyid:25:A8:95:39:52:00:04:27:0D:34:25:3B:DC:16:D8:77:84:15:6E:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JaiVOVIABCcNNCU73BbYd4QVbho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/FFa_1NOS3qtF1em_wIrH-eojrCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/bc15ec-6b0d-4734-a088-d00526b91605/1/JaiVOVIABCcNNCU73BbYd4QVbho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.48.98.0/23
212.48.106.0/24
212.53.139.0/24
212.53.141.0/24
212.53.143.0/24
212.53.146.0/24
212.53.152.0/24
212.53.154.0/24
212.53.161.0-212.53.164.255
212.53.172.0/24
212.53.174.0/24
212.53.194.0-212.53.196.255
212.53.204.0/24
212.72.172.0/24
212.72.174.0/24
212.72.179.0/24
212.72.190.0/23
IPv6:
2a00:1f78:f001::/48
2a00:1f78:fffb::-2a00:1f78:fffd:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
61:3a:8e:82:a0:2f:c1:aa:f5:fc:e0:62:5e:62:0d:a1:64:e6:
94:3a:f0:6b:54:15:29:87:e9:37:98:f4:24:71:71:f5:14:b2:
c3:9f:35:6f:8d:71:13:93:9e:69:99:c6:ae:cb:af:d3:ef:4d:
84:df:7a:bf:ec:18:c1:26:a1:f4:07:cc:88:25:c0:ac:86:78:
6a:b6:cb:f0:9e:8f:ae:93:f3:59:e8:3c:eb:3b:11:a6:48:28:
2a:38:23:db:59:88:63:ad:2e:ea:c8:e7:ab:be:68:e1:4a:a1:
91:94:23:c0:a4:76:b1:0f:0c:9b:8b:1f:70:47:10:46:a9:6a:
95:7d:bf:53:18:1e:ab:c8:a7:2a:b1:e4:a2:fd:e6:21:e3:24:
6e:0a:fb:17:8f:94:66:f4:bb:59:1a:01:bd:bc:c5:81:93:55:
4e:57:7d:fd:08:c0:f5:6a:f4:9b:ce:d7:1a:a1:e1:1d:3f:62:
00:3d:4b:cd:4b:0d:cb:0a:ec:57:1e:cb:21:c2:8e:d8:2f:ca:
d9:06:a0:1d:1d:c5:ef:df:cc:2c:5b:8c:0d:09:1c:02:f0:88:
ca:3f:cd:63:c8:53:d5:e9:af:92:5a:65:ab:d9:e0:3a:12:76:
f6:11:62:51:79:0b:c7:4b:5f:95:ed:d5:70:77:47:bd:30:9b:
be:ac:b6:57
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAYWb3lxUDCj189hdvH8Jp5Z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YTg5NTM5NTIwMDA0MjcwZDM0MjUzYmRjMTZkODc3ODQx
NTZlMWEwHhcNMjMwMTEwMTMyODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU2YmZkNGQzOTJkZWFiNDVkNWU5YmZjMDhhYzdmOWVhMjNhYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCyh9SiSWxx4044QE1ngUALe+5N0
229zEyegtTEVtGt/XVPFryG0tKsIG7Iacc9YkdkUsvMG9gqHcFAaZl3wW8w9tV2a
1PP+l/PZPo//R1NRRb9tsfmISxtpdNFlC+X1zoc/qSIpu5+w0eA/dH+Ag67343Kw
qqZhu31Y2G1NgdMoZyg3M16noy1P9TVa7xNB38ZkkzdsOKuilfKKsIK1z8axCSjd
KAhzkxiC/1hWq7nuBlWxmAOLkfG2u+OXMNOJjMYkxeiu9guNKOd/sVZ5BggPuBBP
ccs5gaJ8ve+tlW/IZmzAUAPzDDfDIt3sKC7r3Q6ktQBhDYRdSYbtIK1zdQIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFBRWv9TTkt6rRdXpv8CKx/nqI6wnMB8GA1UdIwQY
MBaAFCWolTlSAAQnDTQlO9wW2HeEFW4aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgt
ZDAwNTI2YjkxNjA1LzEvRkZhXzFOT1MzcXRGMWVtX3dJckgtZW9qckNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iYzE1ZWMtNmIwZC00NzM0LWEwODgtZDAwNTI2YjkxNjA1
LzEvSmFpVk9WSUFCQ2NOTkNVNzNCYllkNFFWYmhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozB8BAIAATB2AwQB1DBi
AwQA1DBqAwQA1DWLAwQA1DWNAwQA1DWPAwQA1DWSAwQA1DWYAwQA1DWaMAwDBADU
NaEDBADUNaQDBADUNawDBADUNa4wDAMEAdQ1wgMEANQ1xAMEANQ1zAMEANRIrAME
ANRIrgMEANRIswMEAdRIvjAjBAIAAjAdAwcAKgAfePABMBIDBwAqAB94//sDBwEq
AB94//wwDQYJKoZIhvcNAQELBQADggEBAGE6joKgL8Gq9fzgYl5iDaFk5pQ68GtU
FSmH6TeY9CRxcfUUssOfNW+NcROTnmmZxq7Lr9PvTYTfer/sGMEmofQHzIglwKyG
eGq2y/Cej66T81noPOs7EaZIKCo4I9tZiGOtLurI56u+aOFKoZGUI8CkdrEPDJuL
H3BHEEapapV9v1MYHqvIpyqx5KL95iHjJG4K+xePlGb0u1kaAb28xYGTVU5Xff0I
wPVq9JvO1xqh4R0/YgA9S81LDcsK7FceyyHCjtgvytkGoB0dxe/fzCxbjA0JHALw
iMo/zWPIU9Xpr5JaZavZ4DoSdvYRYlF5C8dLX5Xt1XB3R70wm76stlc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:10 2024 by rpki-client on console-fra.rpki-client.org