Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fc_CXrfskgnlajhqNdj2cULxzI0.roa
File: fc_CXrfskgnlajhqNdj2cULxzI0.roa (raw, json)
Hash identifier: O6MlIrbGt8wTF5bpcLcZpmBNqGr/g6kEDZze0ScOPAU=
Subject key identifier: 7D:CF:C2:5E:B7:EC:92:09:E5:6A:38:6A:35:D8:F6:71:42:F1:CC:8D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B7F0770FF90ED74C23A6068C25D882A1B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fc_CXrfskgnlajhqNdj2cULxzI0.roa
Signing time: Mon 30 Oct 2023 05:21:15 +0000
ROA not before: Mon 30 Oct 2023 05:21:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
212.192.4.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.133.14.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
194.58.42.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.27.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
185.72.11.0/24 maxlen: 24
194.87.76.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7f:07:70:ff:90:ed:74:c2:3a:60:68:c2:5d:88:2a:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 30 05:21:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dcfc25eb7ec9209e56a386a35d8f67142f1cc8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bf:44:72:ca:67:77:e1:93:9b:ea:46:27:de:
68:3c:5f:34:2d:bc:48:f5:2c:eb:69:0a:46:c4:87:
c7:6d:6c:34:bc:bc:c5:2c:6a:6c:a6:f0:d8:9e:2a:
99:2b:8f:4f:9b:0b:91:91:52:27:e1:7f:aa:d3:3c:
a1:4b:84:63:5f:c7:af:e9:eb:c4:e4:f3:c8:d5:52:
d4:12:7b:b9:5b:60:07:3f:9e:d5:45:d5:60:35:a0:
53:4e:b1:5c:e5:35:bc:5c:57:bd:34:22:75:e4:43:
35:15:ca:a1:25:4b:6a:71:f6:60:42:7b:f9:9c:f7:
0c:b7:aa:df:e0:d5:65:d8:e6:ba:60:9d:aa:d7:31:
07:a7:c0:53:ae:af:ed:28:cb:73:fb:f7:d5:8d:1f:
31:96:15:54:42:b1:0f:a6:b5:e8:ec:f6:3f:10:f9:
44:b9:52:11:9c:0c:40:99:5f:42:dc:b7:1d:26:17:
8e:f3:50:6e:90:09:24:f0:fe:71:d6:ad:1c:d8:e4:
5f:f1:ab:61:20:ed:b0:6b:59:6c:bc:f2:42:2f:ec:
a0:e3:7a:ac:2e:c8:67:82:ac:a0:b9:2a:32:af:d9:
50:53:bc:14:09:42:30:79:d0:d3:17:ed:86:12:c8:
9a:01:25:2b:27:72:05:c3:c8:6f:9b:c5:c7:85:f0:
c7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:CF:C2:5E:B7:EC:92:09:E5:6A:38:6A:35:D8:F6:71:42:F1:CC:8D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/fc_CXrfskgnlajhqNdj2cULxzI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
192.124.180.0/24
193.124.17.0/24
193.124.90.0/24
194.58.42.0/24
194.87.76.0/24
194.87.81.0/24
194.87.136.0/24
194.87.172.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.133.14.0/23
195.133.25.0/24
195.133.27.0/24
195.133.35.0/24
212.192.4.0/24
212.192.8.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
86:fa:4b:78:c3:d5:3d:1a:cf:d6:e9:80:27:13:fa:7e:03:ff:
16:cb:16:0e:c6:4c:db:7c:5f:25:fd:a4:50:dc:33:89:c7:05:
a6:8f:be:76:9e:52:d9:98:7b:6b:a1:ac:d2:44:5e:42:24:e8:
29:54:54:b7:9f:2f:18:ea:10:a6:2b:97:70:c9:76:29:42:b0:
29:4c:a0:b7:e0:c6:5b:72:4d:e8:30:d5:6a:05:c7:49:78:35:
e6:68:8a:64:b6:3a:d2:d8:0c:47:be:bd:bf:ec:43:bc:18:c7:
97:d5:0a:62:80:d6:30:e3:d2:d3:fb:58:58:14:d6:79:3a:3f:
22:41:08:3e:c9:c0:dc:ad:3b:7f:ee:d0:61:1c:a7:87:34:aa:
95:f2:d2:92:8e:db:16:92:35:46:50:b3:48:ef:9a:1c:07:7d:
fc:f3:bf:86:86:0f:29:40:c6:78:f7:bf:a5:c0:ea:07:a9:10:
4c:6f:87:95:4e:e7:7b:78:dc:54:45:da:77:af:ed:ae:02:07:
92:ad:5d:46:1a:b8:81:44:db:49:b0:88:3e:90:28:9d:a1:87:
d0:b8:4d:71:66:e4:56:10:85:be:b5:f7:db:7b:96:4f:13:e2:
3b:7d:05:32:a7:e2:68:41:e2:18:db:6f:a4:f0:0d:0b:6f:44:
8b:8c:a2:c6
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYt/B3D/kO10wjpgaMJdiCobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDMwMDUyMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGNmYzI1ZWI3ZWM5MjA5ZTU2YTM4NmEzNWQ4ZjY3MTQyZjFjYzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr9Ecspnd+GTm+pGJ95oPF80LbxI
9SzraQpGxIfHbWw0vLzFLGpspvDYniqZK49PmwuRkVIn4X+q0zyhS4RjX8ev6evE
5PPI1VLUEnu5W2AHP57VRdVgNaBTTrFc5TW8XFe9NCJ15EM1FcqhJUtqcfZgQnv5
nPcMt6rf4NVl2Oa6YJ2q1zEHp8BTrq/tKMtz+/fVjR8xlhVUQrEPprXo7PY/EPlE
uVIRnAxAmV9C3LcdJheO81BukAkk8P5x1q0c2ORf8athIO2wa1lsvPJCL+yg43qs
LshngqyguSoyr9lQU7wUCUIwedDTF+2GEsiaASUrJ3IFw8hvm8XHhfDHjwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFH3Pwl637JIJ5Wo4ajXY9nFC8cyNMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvZmNfQ1hyZnNrZ25sYWpocU5kajJjVUx4ekkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEALlICwME
AMB8tAMEAMF8EQMEAMF8WgMEAMI6KgMEAMJXTAMEAMJXUQMEAMJXiAMEAMJXrAME
AMJX0AMEAMJX4gMEAMJX5wMEAcOFDgMEAMOFGQMEAMOFGwMEAMOFIwMEANTABAME
ANTACAMEANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAhvpLeMPVPRrP1umAJxP6fgP/
FssWDsZM23xfJf2kUNwziccFpo++dp5S2Zh7a6Gs0kReQiToKVRUt58vGOoQpiuX
cMl2KUKwKUygt+DGW3JN6DDVagXHSXg15miKZLY60tgMR769v+xDvBjHl9UKYoDW
MOPS0/tYWBTWeTo/IkEIPsnA3K07f+7QYRynhzSqlfLSko7bFpI1RlCzSO+aHAd9
/PO/hoYPKUDGePe/pcDqB6kQTG+HlU7ne3jcVEXad6/trgIHkq1dRhq4gUTbSbCI
PpAonaGH0LhNcWbkVhCFvrX323uWTxPiO30FMqfiaEHiGNtvpPANC29Ei4yixg==
-----END CERTIFICATE-----
Generated at Thu Nov 2 09:56:00 2023 by rpki-client on console-fra.rpki-client.org