Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FKO09amZcbl_3vsTWH9Yh2_lskE.roa
File: FKO09amZcbl_3vsTWH9Yh2_lskE.roa (raw, json)
Hash identifier: MwdG8gSqCOzCG0gPDVY/qr68nFdfr9wuGX1EZhd8vuU=
Subject key identifier: 14:A3:B4:F5:A9:99:71:B9:7F:DE:FB:13:58:7F:58:87:6F:E5:B2:41
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BDD7D5A2ECC0A18971611341B87E67A7E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FKO09amZcbl_3vsTWH9Yh2_lskE.roa
Signing time: Fri 17 Nov 2023 13:34:21 +0000
ROA not before: Fri 17 Nov 2023 13:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207279
IP address blocks: 94.156.8.0/24 maxlen: 24
194.169.172.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
2.59.253.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
194.180.38.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
185.222.161.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
45.84.91.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
92.119.198.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.88.91.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:7d:5a:2e:cc:0a:18:97:16:11:34:1b:87:e6:7a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 17 13:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14a3b4f5a99971b97fdefb13587f58876fe5b241
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:19:87:25:0f:a2:93:ad:ba:5a:5a:ea:3e:fd:
96:08:ae:d0:c5:56:20:92:37:c8:9b:01:b7:52:c3:
d7:b2:e9:5d:ca:5a:00:06:ca:42:25:4c:7b:c3:c3:
72:3f:e1:2b:ee:e3:65:66:97:0d:83:08:08:c3:64:
bb:97:e7:0a:de:73:83:35:80:5b:86:9c:1d:0f:b4:
0f:27:7b:b3:52:2c:b4:41:f7:a9:d0:b1:c2:0e:a9:
b6:64:7e:37:2a:4a:ac:27:62:f4:aa:5c:fb:ea:af:
4e:3e:f7:d7:57:a9:d6:da:ca:43:cc:dd:df:3d:72:
1b:b6:84:ac:36:d1:01:0b:ca:c7:2a:33:97:f8:fc:
80:e3:ec:00:0f:40:da:60:6b:f7:a0:94:e7:cf:1b:
6d:3f:78:86:ea:f6:05:92:31:3d:b6:62:1a:d1:4c:
29:fa:ce:65:9a:51:4a:cf:f5:23:8a:33:d5:48:0c:
76:cc:ce:ce:dc:da:64:75:a7:54:03:be:37:71:33:
7d:4c:f0:bf:56:7b:17:a7:78:cf:51:96:40:ba:79:
23:01:06:94:31:27:48:72:31:d8:90:91:09:3a:d3:
71:56:aa:e4:7e:fc:55:78:d9:a0:26:c3:d8:74:e1:
0b:c5:a0:77:b0:15:3d:ae:4b:2c:81:d3:52:58:d4:
45:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A3:B4:F5:A9:99:71:B9:7F:DE:FB:13:58:7F:58:87:6F:E5:B2:41
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FKO09amZcbl_3vsTWH9Yh2_lskE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
45.84.91.0/24
45.88.64.0/24
45.88.91.0/24
92.119.198.0/24
92.249.50.0/24
94.154.162.0/24
94.156.8.0/24
109.206.239.0/24
178.215.225.0/24
178.215.227.0/24
178.215.236.0/24
185.222.160.0-185.222.162.255
185.226.172.0/24
193.25.217.0/24
193.37.40.0/24
193.37.42.0/24
193.37.44.0/24
193.222.97.0/24
193.222.99.0/24
194.31.205.0/24
194.48.248.0/24
194.55.187.0/24
194.55.225.0/24
194.169.172.0/24
194.180.38.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f0:03:99:32:ef:1c:b3:97:0a:3a:d9:57:e7:6f:e0:fd:ea:
3b:ff:2b:d1:e3:c6:65:36:2e:5b:15:e7:c3:b1:c6:3c:42:39:
ae:c6:c4:45:b1:e1:9e:c2:0e:e1:c4:bb:ff:3b:0e:4f:5d:7b:
c7:4c:21:5d:db:a6:37:44:63:64:e3:86:0b:23:c4:6f:9b:ca:
9d:29:3c:17:ba:df:f4:7b:a7:3c:a2:b8:2e:39:28:e8:fa:fb:
04:e7:44:45:b0:5b:3c:73:aa:7a:ce:b8:d0:e9:7a:f8:c6:01:
4b:c2:6b:15:91:7b:8f:ae:15:b0:73:6b:1d:45:74:a1:a5:19:
7d:7c:88:3d:c2:cb:c3:5a:cb:83:e2:1c:86:39:ce:4c:fc:75:
22:d4:7c:1f:74:e0:9f:5e:3d:35:70:49:40:af:f3:6b:c2:33:
10:f1:77:1e:dc:20:ce:62:f0:fa:ad:bf:29:84:ba:a0:eb:76:
cb:4b:03:d1:72:2f:0c:e8:68:cb:5f:f9:ea:01:61:47:f3:61:
ac:07:c7:dd:87:a0:44:57:2f:86:9d:95:37:a9:81:21:dc:07:
cf:b7:65:e7:80:14:ba:e1:64:31:a8:51:63:4f:cc:97:8a:54:
c9:f0:50:56:9e:17:ba:3e:c5:35:bc:2a:1a:43:5f:6f:30:05:
82:14:5a:f9
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAYvdfVouzAoYlxYRNBuH5np+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTE3MTMzNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGEzYjRmNWE5OTk3MWI5N2ZkZWZiMTM1ODdmNTg4NzZmZTViMjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhmHJQ+ik626WlrqPv2WCK7QxVYg
kjfImwG3UsPXsuldyloABspCJUx7w8NyP+Er7uNlZpcNgwgIw2S7l+cK3nODNYBb
hpwdD7QPJ3uzUiy0Qfep0LHCDqm2ZH43KkqsJ2L0qlz76q9OPvfXV6nW2spDzN3f
PXIbtoSsNtEBC8rHKjOX+PyA4+wAD0DaYGv3oJTnzxttP3iG6vYFkjE9tmIa0Uwp
+s5lmlFKz/UjijPVSAx2zM7O3NpkdadUA743cTN9TPC/VnsXp3jPUZZAunkjAQaU
MSdIcjHYkJEJOtNxVqrkfvxVeNmgJsPYdOELxaB3sBU9rkssgdNSWNRFtQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFBSjtPWpmXG5f977E1h/WIdv5bJBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRktPMDlhbVpjYmxfM3ZzVFdIOVloMl9sc2tFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
O/0DBAAtVFsDBAAtWEADBAAtWFsDBABcd8YDBABc+TIDBABemqIDBABenAgDBABt
zu8DBACy1+EDBACy1+MDBACy1+wwDAMEBbneoAMEALneogMEALnirAMEAMEZ2QME
AMElKAMEAMElKgMEAMElLAMEAMHeYQMEAMHeYwMEAMIfzQMEAMIw+AMEAMI3uwME
AMI34QMEAMKprAMEAMK0JjANBgkqhkiG9w0BAQsFAAOCAQEAMfADmTLvHLOXCjrZ
V+dv4P3qO/8r0ePGZTYuWxXnw7HGPEI5rsbERbHhnsIO4cS7/zsOT117x0whXdum
N0RjZOOGCyPEb5vKnSk8F7rf9HunPKK4Ljko6Pr7BOdERbBbPHOqes640Ol6+MYB
S8JrFZF7j64VsHNrHUV0oaUZfXyIPcLLw1rLg+IchjnOTPx1ItR8H3Tgn149NXBJ
QK/za8IzEPF3HtwgzmLw+q2/KYS6oOt2y0sD0XIvDOhoy1/56gFhR/NhrAfH3Yeg
RFcvhp2VN6mBIdwHz7dl54AUuuFkMahRY0/Ml4pUyfBQVp4Xuj7FNbwqGkNfbzAF
ghRa+Q==
-----END CERTIFICATE-----
Generated at Wed Nov 29 11:58:45 2023 by rpki-client on console-ams.rpki-client.org