Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/F5-yJcBKiPxVReCctWbckNHVg30.roa
File: F5-yJcBKiPxVReCctWbckNHVg30.roa (raw, json)
Hash identifier: hnf2lROTHuvmh/yA2nPB45eoCfvF/CHqL9zTie+q74g=
Subject key identifier: 17:9F:B2:25:C0:4A:88:FC:55:45:E0:9C:B5:66:DC:90:D1:D5:83:7D
Certificate issuer: /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial: 0185728C8E37783C7779D273E3D6776D0549
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/F5-yJcBKiPxVReCctWbckNHVg30.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42568
IP address blocks: 89.36.152.0/23 maxlen: 23
93.114.140.0/24 maxlen: 24
89.33.202.0/23 maxlen: 23
89.45.160.0/23 maxlen: 23
89.33.10.0/24 maxlen: 24
89.33.11.0/24 maxlen: 24
188.213.200.0/23 maxlen: 23
89.42.234.0/24 maxlen: 24
89.42.235.0/24 maxlen: 24
89.41.174.0/23 maxlen: 23
31.14.222.0/23 maxlen: 23
89.42.176.0/23 maxlen: 23
89.45.64.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8e:37:78:3c:77:79:d2:73:e3:d6:77:6d:05:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=179fb225c04a88fc5545e09cb566dc90d1d5837d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:91:07:f6:72:75:24:57:d4:0a:61:23:bd:
04:35:81:f7:9f:de:5a:d4:0f:9a:d8:6e:5a:7e:92:
39:dc:34:38:63:92:73:ef:33:4a:8e:70:fc:d8:50:
4f:d2:c5:87:be:5c:09:12:c5:1e:1a:8c:85:85:e6:
a6:0a:f2:15:21:3e:e3:f9:92:ea:85:1c:49:b1:19:
c7:03:47:e2:9f:46:5a:ce:b0:09:dd:ef:a1:1d:67:
d3:2d:be:30:ec:d3:26:2a:22:26:ec:23:50:09:d0:
b5:6b:09:b4:2e:f1:cb:fa:7e:07:6f:75:20:fe:b4:
99:ec:c4:1f:da:43:2b:ec:cf:4e:49:e8:1e:8e:ef:
52:ac:16:4b:3f:c4:aa:c4:a1:d3:49:29:44:f5:d8:
e5:e8:bc:8c:6e:90:45:0c:8d:9a:fb:40:55:63:96:
b0:49:c1:fd:03:dd:31:d4:4f:e3:04:bb:f6:c9:18:
99:12:01:e5:4f:3a:8b:10:a6:ef:21:60:48:a6:bd:
02:9a:34:1a:cf:87:ed:6e:73:bf:e0:c7:95:00:a2:
63:67:e8:dd:2e:3d:b6:4f:c2:ef:d0:9d:c1:4a:15:
f6:0e:63:f7:7f:4a:4a:4e:d2:09:d2:2e:ec:eb:4a:
fb:fb:c0:7c:bf:0e:ab:9a:c3:7c:56:6d:d5:ef:54:
63:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9F:B2:25:C0:4A:88:FC:55:45:E0:9C:B5:66:DC:90:D1:D5:83:7D
X509v3 Authority Key Identifier:
keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/F5-yJcBKiPxVReCctWbckNHVg30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.222.0/23
89.33.10.0/23
89.33.202.0/23
89.36.152.0/23
89.41.174.0/23
89.42.176.0/23
89.42.234.0/23
89.45.64.0/23
89.45.160.0/23
93.114.140.0/24
188.213.200.0/23
Signature Algorithm: sha256WithRSAEncryption
67:94:1a:a8:17:aa:32:fc:1f:e5:38:31:38:5c:d6:1b:37:b2:
a4:23:fe:bb:20:8a:5c:c1:38:1e:43:4d:8c:ee:f5:0b:ab:8c:
be:6d:7b:55:a5:2a:ed:27:e2:80:0d:b4:80:57:64:9f:e9:31:
b7:8b:3c:95:df:8d:46:fb:79:1e:98:1c:01:bf:b2:fd:0a:dd:
e2:0e:a8:73:cf:59:41:35:6e:49:82:99:2d:23:0c:67:a5:dc:
2d:98:10:05:bc:72:b1:81:8d:a8:f0:f8:1e:d4:47:a2:bd:7d:
77:15:5e:31:9a:93:d9:90:f4:c7:14:ab:37:33:7a:83:26:5e:
cb:22:2c:8e:88:86:23:47:5b:b2:4e:a7:67:e0:65:b4:2e:29:
a2:1a:c7:cf:e3:0a:96:70:2f:ee:e1:30:bf:7f:9f:1c:6b:02:
71:94:df:e9:56:0f:cb:59:7a:6e:f7:e9:4a:26:d0:00:09:9f:
90:2c:e6:f9:e4:d4:c8:70:8b:d7:56:47:3b:77:26:bd:65:fe:
22:60:d5:60:12:06:a2:af:7f:72:79:3f:56:ef:c9:cd:54:b9:
bb:75:95:47:a3:28:4e:2c:b3:54:69:c6:e0:c7:15:4e:44:77:
9e:b2:cc:6a:14:3b:ef:37:cd:82:70:81:51:9c:88:69:d8:b6:
84:7c:95:3d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYVyjI43eDx3edJz49Z3bQVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNDZiNDI5ZjhjNDk2MTFmY2ZlYTFlZmExYTUxYjljMGVk
ZGI2ZTcwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzlmYjIyNWMwNGE4OGZjNTU0NWUwOWNiNTY2ZGM5MGQxZDU4MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUORB/ZydSRX1AphI70ENYH3n95a
1A+a2G5afpI53DQ4Y5Jz7zNKjnD82FBP0sWHvlwJEsUeGoyFheamCvIVIT7j+ZLq
hRxJsRnHA0fin0ZazrAJ3e+hHWfTLb4w7NMmKiIm7CNQCdC1awm0LvHL+n4Hb3Ug
/rSZ7MQf2kMr7M9OSegeju9SrBZLP8SqxKHTSSlE9djl6LyMbpBFDI2a+0BVY5aw
ScH9A90x1E/jBLv2yRiZEgHlTzqLEKbvIWBIpr0CmjQaz4ftbnO/4MeVAKJjZ+jd
Lj22T8Lv0J3BShX2DmP3f0pKTtIJ0i7s60r7+8B8vw6rmsN8Vm3V71Rj7QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFBefsiXASoj8VUXgnLVm3JDR1YN9MB8GA1UdIwQY
MBaAFAFGtCn4xJYR/P6h76GlG5wO3bbnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMt
ZWEyNmU3NDZhMGFkLzEvRjUteUpjQktpUHhWUmVDY3RXYmNrTkhWZzMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMtZWEyNmU3NDZhMGFk
LzEvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBHw7eAwQB
WSEKAwQBWSHKAwQBWSSYAwQBWSmuAwQBWSqwAwQBWSrqAwQBWS1AAwQBWS2gAwQA
XXKMAwQBvNXIMA0GCSqGSIb3DQEBCwUAA4IBAQBnlBqoF6oy/B/lODE4XNYbN7Kk
I/67IIpcwTgeQ02M7vULq4y+bXtVpSrtJ+KADbSAV2Sf6TG3izyV341G+3kemBwB
v7L9Ct3iDqhzz1lBNW5JgpktIwxnpdwtmBAFvHKxgY2o8Pge1EeivX13FV4xmpPZ
kPTHFKs3M3qDJl7LIiyOiIYjR1uyTqdn4GW0LimiGsfP4wqWcC/u4TC/f58cawJx
lN/pVg/LWXpu9+lKJtAACZ+QLOb55NTIcIvXVkc7dya9Zf4iYNVgEgair39yeT9W
78nNVLm7dZVHoyhOLLNUacbgxxVORHeessxqFDvvN82CcIFRnIhp2LaEfJU9
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:41 2024 by rpki-client on console-ams.rpki-client.org