Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/FFr2E7Ijgd-bqEfq57yal55oDRI.roa
File: FFr2E7Ijgd-bqEfq57yal55oDRI.roa (raw, json)
Hash identifier: ja7MdhAgl8N9lhCKrd27ksHVHf5iq65qYQp1HoB1Fpo=
Subject key identifier: 14:5A:F6:13:B2:23:81:DF:9B:A8:47:EA:E7:BC:9A:97:9E:68:0D:12
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 01856F300A19D17A36E72AA41FAAF19BE6C7
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/FFr2E7Ijgd-bqEfq57yal55oDRI.roa
Signing time: Sun 01 Jan 2023 21:14:57 +0000
ROA not before: Sun 01 Jan 2023 21:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24940
IP address blocks: 142.132.128.0/17 maxlen: 24
162.55.0.0/16 maxlen: 24
168.119.0.0/16 maxlen: 24
49.13.0.0/16 maxlen: 24
65.109.0.0/16 maxlen: 24
116.203.0.0/16 maxlen: 24
167.235.0.0/16 maxlen: 24
88.198.0.0/16 maxlen: 24
5.161.0.0/16 maxlen: 24
116.202.0.0/16 maxlen: 24
159.69.0.0/16 maxlen: 24
188.40.0.0/16 maxlen: 24
88.99.0.0/16 maxlen: 24
5.75.128.0/17 maxlen: 24
91.107.128.0/17 maxlen: 24
95.217.0.0/16 maxlen: 24
128.140.0.0/17 maxlen: 24
49.12.0.0/16 maxlen: 24
65.108.0.0/16 maxlen: 24
213.133.96.0/19 maxlen: 24
94.130.0.0/16 maxlen: 24
85.10.192.0/18 maxlen: 24
46.4.0.0/16 maxlen: 24
178.63.0.0/16 maxlen: 24
157.90.0.0/16 maxlen: 24
135.181.0.0/16 maxlen: 24
65.21.0.0/16 maxlen: 24
188.34.128.0/17 maxlen: 24
23.88.0.0/17 maxlen: 24
185.12.64.0/22 maxlen: 24
95.216.0.0/16 maxlen: 24
78.46.0.0/15 maxlen: 24
213.239.192.0/18 maxlen: 24
167.233.0.0/16 maxlen: 24
176.9.0.0/16 maxlen: 24
5.9.0.0/16 maxlen: 24
195.201.0.0/16 maxlen: 24
2a01:4f8::/32 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
2a01:4f9::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Feb 2023 11:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:0a:19:d1:7a:36:e7:2a:a4:1f:aa:f1:9b:e6:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jan 1 21:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=145af613b22381df9ba847eae7bc9a979e680d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:e8:f5:0e:bd:a5:35:65:7a:b3:cc:f4:bd:
ac:9d:ba:b4:90:bc:d5:34:b9:14:17:93:73:15:52:
7d:70:96:ad:82:2c:3d:60:7d:39:d2:e7:45:23:1b:
8f:7a:10:0a:f1:c2:23:85:81:58:20:dc:64:b7:1f:
63:20:9f:07:d1:aa:26:0e:9a:7a:10:76:79:b4:0d:
66:7a:27:eb:e8:3a:23:48:48:91:e2:d4:18:8f:4f:
c8:c1:36:69:04:e1:de:c9:82:55:07:0f:29:f5:94:
5a:c1:e2:f1:83:7d:7a:af:9d:75:56:a7:bc:1f:13:
13:b3:dc:54:09:05:e9:91:8f:c8:85:98:84:51:54:
25:73:7b:40:25:b0:51:eb:e7:89:2d:42:a6:61:cb:
a0:50:85:fd:78:3d:46:29:1d:e6:8b:6f:67:63:38:
44:9a:65:ec:f8:74:fe:ab:cf:3e:e4:80:bf:89:44:
5d:51:3e:a6:9c:50:f0:fb:7b:4c:76:77:63:0e:92:
8f:b1:ed:3c:db:f0:9e:74:bc:df:5b:f9:64:c0:f9:
65:48:8a:de:b1:a2:c2:2d:f6:19:5c:c0:e2:be:62:
27:ad:2a:b4:c6:89:8a:6a:b3:55:3f:1a:98:ef:07:
55:38:94:b4:14:86:d7:91:f1:09:c1:c9:69:f3:74:
31:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5A:F6:13:B2:23:81:DF:9B:A8:47:EA:E7:BC:9A:97:9E:68:0D:12
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/FFr2E7Ijgd-bqEfq57yal55oDRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.9.0.0/16
5.75.128.0/17
5.161.0.0/16
23.88.0.0/17
46.4.0.0/16
49.12.0.0/15
65.21.0.0/16
65.108.0.0/15
78.46.0.0/15
85.10.192.0/18
88.99.0.0/16
88.198.0.0/16
91.107.128.0/17
94.130.0.0/16
95.216.0.0/15
116.202.0.0/15
128.140.0.0/17
135.181.0.0/16
142.132.128.0/17
157.90.0.0/16
159.69.0.0/16
162.55.0.0/16
167.233.0.0/16
167.235.0.0/16
168.119.0.0/16
176.9.0.0/16
178.63.0.0/16
185.12.64.0/22
188.34.128.0/17
188.40.0.0/16
195.201.0.0/16
213.133.96.0/19
213.239.192.0/18
IPv6:
2a01:4f8::/31
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
56:48:59:28:fd:71:03:1c:c9:a4:f4:0f:23:24:8c:1a:4c:90:
32:85:28:a9:d2:81:60:9c:8c:09:a2:21:1f:55:50:5b:b3:48:
97:90:74:44:6f:fe:2e:df:77:20:a4:3c:12:c0:a8:61:80:48:
11:2e:08:5e:a3:f1:54:25:0d:ef:2f:7c:5f:5e:d0:77:2a:a5:
76:45:c2:f0:4f:b4:f5:2e:65:95:61:3d:32:e0:b8:27:6e:51:
3c:14:e1:3d:4e:89:ba:6c:68:99:f0:77:84:13:48:f4:a6:08:
49:6a:7d:39:62:7f:66:1e:3c:b8:87:a5:07:5b:98:92:52:5a:
0f:b3:14:1a:03:75:5e:62:8a:23:5b:24:bd:9c:c9:e6:4c:68:
21:8c:3f:08:e2:f1:76:7f:42:5d:16:f5:a5:06:f9:ad:00:82:
b4:93:21:92:10:9c:49:b6:4a:9c:50:f6:ed:ac:85:22:87:5c:
60:67:f5:01:96:02:51:a9:b7:f4:0a:16:4e:19:6b:53:88:99:
5f:c8:44:b5:23:c7:0c:bb:53:a6:9f:30:1c:21:94:4b:eb:da:
a4:af:4e:8e:16:0e:af:c6:65:8d:be:5a:20:f6:5f:a4:68:d7:
6b:18:66:be:28:47:99:72:f0:6a:7d:3c:a0:6f:53:07:a8:5b:
fa:4d:8a:8b
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYVvMAoZ0Xo25yqkH6rxm+bHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjMwMTAxMjExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDVhZjYxM2IyMjM4MWRmOWJhODQ3ZWFlN2JjOWE5NzllNjgwZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9Do9Q69pTVlerPM9L2snbq0kLzV
NLkUF5NzFVJ9cJatgiw9YH050udFIxuPehAK8cIjhYFYINxktx9jIJ8H0aomDpp6
EHZ5tA1meifr6DojSEiR4tQYj0/IwTZpBOHeyYJVBw8p9ZRaweLxg316r511Vqe8
HxMTs9xUCQXpkY/IhZiEUVQlc3tAJbBR6+eJLUKmYcugUIX9eD1GKR3mi29nYzhE
mmXs+HT+q88+5IC/iURdUT6mnFDw+3tMdndjDpKPse082/CedLzfW/lkwPllSIre
saLCLfYZXMDivmInrSq0xomKarNVPxqY7wdVOJS0FIbXkfEJwclp83QxpwIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFBRa9hOyI4Hfm6hH6ue8mpeeaA0SMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvRkZyMkU3SWpnZC1icUVmcTU3eWFsNTVvRFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBtgQCAAEwga8DAwAF
CQMEBwVLgAMDAAWhAwQHF1gAAwMALgQDAwExDAMDAEEVAwMBQWwDAwFOLgMEBlUK
wAMDAFhjAwMAWMYDBAdba4ADAwBeggMDAV/YAwMBdMoDBAeAjAADAwCHtQMEB46E
gAMDAJ1aAwMAn0UDAwCiNwMDAKfpAwMAp+sDAwCodwMDALAJAwMAsj8DBAK5DEAD
BAe8IoADAwC8KAMDAMPJAwQF1YVgAwQG1e/AMBYEAgACMBADBQEqAQT4AwcAKgEE
//8BMA0GCSqGSIb3DQEBCwUAA4IBAQBWSFko/XEDHMmk9A8jJIwaTJAyhSip0oFg
nIwJoiEfVVBbs0iXkHREb/4u33cgpDwSwKhhgEgRLgheo/FUJQ3vL3xfXtB3KqV2
RcLwT7T1LmWVYT0y4LgnblE8FOE9Tom6bGiZ8HeEE0j0pghJan05Yn9mHjy4h6UH
W5iSUloPsxQaA3VeYoojWyS9nMnmTGghjD8I4vF2f0JdFvWlBvmtAIK0kyGSEJxJ
tkqcUPbtrIUih1xgZ/UBlgJRqbf0ChZOGWtTiJlfyES1I8cMu1OmnzAcIZRL69qk
r06OFg6vxmWNvlog9l+kaNdrGGa+KEeZcvBqfTygb1MHqFv6TYqL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:22 2024 by rpki-client on console-ams.rpki-client.org