Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_fzPmPydXp7w7KtUqWFWBMEREJE.roa
File: _fzPmPydXp7w7KtUqWFWBMEREJE.roa (raw, json)
Hash identifier: fQJL0NjyWlogSFK+F/hYH4kU83vUpoCPznZDSiC3/AM=
Subject key identifier: FD:FC:CF:98:FC:9D:5E:9E:F0:EC:AB:54:A9:61:56:04:C1:11:10:91
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018B616E89DA9F04CC53EC9BFC725FDF370F
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_fzPmPydXp7w7KtUqWFWBMEREJE.roa
Signing time: Tue 24 Oct 2023 11:25:15 +0000
ROA not before: Tue 24 Oct 2023 11:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13194
IP address blocks: 85.254.71.0/24 maxlen: 24
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.74.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.159.0/24 maxlen: 24
85.254.161.0/24 maxlen: 24
85.254.168.0/24 maxlen: 24
85.254.169.0/24 maxlen: 24
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
80.81.61.0/24 maxlen: 24
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.92.0/23 maxlen: 23
85.254.95.0/24 maxlen: 24
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
159.148.73.0/24 maxlen: 24
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
159.148.249.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:6e:89:da:9f:04:cc:53:ec:9b:fc:72:5f:df:37:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 24 11:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fdfccf98fc9d5e9ef0ecab54a9615604c1111091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:60:84:12:8e:5d:10:61:a0:5f:8b:72:c1:b4:
d1:59:eb:51:75:ad:15:ca:89:26:c3:0b:9e:3f:f7:
01:cd:b1:fb:6e:2e:00:37:35:f4:83:44:ac:73:0f:
75:17:6e:4b:f1:35:df:de:ca:4c:62:1d:f3:99:c4:
bf:fd:b7:0e:ee:3c:c3:e5:8e:be:37:8d:e5:f2:45:
c4:89:4c:59:c1:54:93:69:a0:5d:81:32:2e:08:d5:
d8:ee:46:2c:d4:0b:dc:3c:75:0c:e2:8b:9a:c5:ee:
f9:28:90:24:17:4e:a3:3a:07:6a:68:ab:42:ad:08:
24:6e:af:61:28:f4:74:4c:9a:2e:c7:4c:bf:d9:61:
2b:49:b2:c5:54:1e:00:42:85:e8:d9:f5:d2:be:e5:
6e:53:8e:69:5a:4d:33:00:31:df:79:5f:de:eb:97:
99:51:a4:9a:ad:9c:71:bc:70:22:0f:a2:a0:9f:74:
3f:67:14:6b:c5:6f:87:95:a4:7d:80:57:7c:b4:53:
3d:5f:7e:c2:ce:5c:f3:6b:cc:0d:7e:a7:42:9b:82:
df:66:cc:48:99:d5:2a:cf:18:74:1d:55:93:ec:0e:
64:1b:e9:19:ea:27:c0:a0:ba:db:db:7c:01:fe:27:
ab:d2:23:96:1c:c2:f5:f2:fa:58:a4:88:b1:5c:c8:
eb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:FC:CF:98:FC:9D:5E:9E:F0:EC:AB:54:A9:61:56:04:C1:11:10:91
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/_fzPmPydXp7w7KtUqWFWBMEREJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.61.0/24
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.102.255
85.254.104.0-85.254.119.255
85.254.124.0/23
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.159.0/24
85.254.161.0/24
85.254.168.0-85.254.170.255
85.254.176.0/23
159.148.73.0/24
159.148.249.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:1b:bb:42:0a:ca:1c:16:df:9d:69:58:98:38:e5:33:9c:b0:
6d:fb:a2:b5:22:ba:f2:69:ed:ec:b8:25:ad:01:8a:e4:2a:49:
9e:92:45:1b:01:1a:36:0a:f4:c3:f0:0b:6d:80:21:71:9e:2f:
7a:75:d3:28:be:89:3a:e1:12:33:bc:fa:08:e7:21:aa:62:3d:
71:52:9d:09:34:eb:95:79:db:6c:b5:a0:3a:ba:ef:f3:d6:48:
7d:f2:83:7d:65:fd:76:28:b2:48:f3:69:b2:4b:15:c8:4a:6c:
0d:0b:ba:c2:4c:a0:ea:a6:6e:eb:d9:2a:11:ba:32:7e:33:e1:
bf:c8:73:e7:97:32:14:7a:ab:f7:71:54:bd:d5:8d:ef:76:9a:
71:78:7a:27:2e:43:7e:ce:c3:80:86:cc:89:e3:c3:e1:37:ee:
32:c4:75:5a:53:fa:58:81:8b:65:d3:45:bf:15:33:68:c6:45:
92:f3:d6:82:5c:69:bb:7c:6f:8b:5e:c2:76:33:57:82:25:a2:
6e:db:a8:1f:e3:62:9d:ee:99:26:96:38:53:e7:4f:58:bb:f5:
52:53:ff:bc:6a:99:3b:36:64:f0:74:4c:0e:3a:ad:e2:5d:65:
e5:ef:14:1c:b1:21:39:5b:c5:38:25:17:1a:b7:5e:99:5c:bc:
11:15:df:c3
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYthbonanwTMU+yb/HJf3zcPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMxMDI0MTEyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGZjY2Y5OGZjOWQ1ZTllZjBlY2FiNTRhOTYxNTYwNGMxMTExMDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2CEEo5dEGGgX4tywbTRWetRda0V
yokmwwueP/cBzbH7bi4ANzX0g0Sscw91F25L8TXf3spMYh3zmcS//bcO7jzD5Y6+
N43l8kXEiUxZwVSTaaBdgTIuCNXY7kYs1AvcPHUM4ouaxe75KJAkF06jOgdqaKtC
rQgkbq9hKPR0TJoux0y/2WErSbLFVB4AQoXo2fXSvuVuU45pWk0zADHfeV/e65eZ
UaSarZxxvHAiD6Kgn3Q/ZxRrxW+HlaR9gFd8tFM9X37Czlzza8wNfqdCm4LfZsxI
mdUqzxh0HVWT7A5kG+kZ6ifAoLrb23wB/ier0iOWHML18vpYpIixXMjrJQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFP38z5j8nV6e8OyrVKlhVgTBERCRMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvX2Z6UG1QeWRYcDd3N0t0VXFXRldCTUVSRUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABQ
UT0DBABV/kcwDAMEAFX+SQMEAVX+VDAMAwQCVf5cAwQAVf5mMAwDBANV/mgDBANV
/nADBAFV/nwDBABV/o0DBABV/pUwDAMEAFX+lwMEAlX+mAMEAFX+nwMEAFX+oTAM
AwQDVf6oAwQAVf6qAwQBVf6wAwQAn5RJAwQAn5T5MA0GCSqGSIb3DQEBCwUAA4IB
AQAdG7tCCsocFt+daViYOOUznLBt+6K1Irryae3suCWtAYrkKkmekkUbARo2CvTD
8AttgCFxni96ddMovok64RIzvPoI5yGqYj1xUp0JNOuVedtstaA6uu/z1kh98oN9
Zf12KLJI82mySxXISmwNC7rCTKDqpm7r2SoRujJ+M+G/yHPnlzIUeqv3cVS91Y3v
dppxeHonLkN+zsOAhsyJ48PhN+4yxHVaU/pYgYtl00W/FTNoxkWS89aCXGm7fG+L
XsJ2M1eCJaJu26gf42Kd7pkmljhT509Yu/VSU/+8apk7NmTwdEwOOq3iXWXl7xQc
sSE5W8U4JRcat16ZXLwRFd/D
-----END CERTIFICATE-----
Generated at Tue Dec 5 12:08:46 2023 by rpki-client on console-ams.rpki-client.org