Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/FQTx-xm5SpfbbxgBHVHPmtG1GLM.roa
File: FQTx-xm5SpfbbxgBHVHPmtG1GLM.roa (raw, json)
Hash identifier: p1cQI+6CFTG+taHUHbGwrwgSoqu1lVu9p+oblRGQ9lk=
Subject key identifier: 15:04:F1:FB:19:B9:4A:97:DB:6F:18:01:1D:51:CF:9A:D1:B5:18:B3
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01918ED1FCF3579033A5710E1AB09898657C
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/FQTx-xm5SpfbbxgBHVHPmtG1GLM.roa
Signing time: Mon 26 Aug 2024 13:13:31 +0000
ROA not before: Mon 26 Aug 2024 13:13:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62206
IP address blocks: 2.56.109.0/24 maxlen: 24
5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.144.212.0/24 maxlen: 24
45.151.3.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 29
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 29
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 28 Aug 2024 13:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:d1:fc:f3:57:90:33:a5:71:0e:1a:b0:98:98:65:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 26 13:13:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1504f1fb19b94a97db6f18011d51cf9ad1b518b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:00:18:bb:48:77:6a:1e:c5:87:ea:5e:52:8e:
c4:a7:09:22:af:f7:95:9e:5c:8d:e7:64:fc:a0:27:
8a:0d:08:b1:2d:5e:b1:53:95:49:9a:fe:c0:92:6d:
97:9d:58:55:e0:65:59:0b:74:55:5d:40:d5:40:1b:
8c:23:f9:03:14:b6:8d:ce:ce:27:45:28:e8:db:f0:
ef:d7:00:d7:b4:0c:93:18:30:83:5c:08:94:e1:ba:
04:0b:b4:b9:c6:ef:47:9d:94:c5:16:4c:b4:9d:4a:
98:38:c8:9f:99:26:a4:49:46:1e:43:6f:b5:74:68:
49:d5:6a:e7:c0:2a:b0:43:37:fb:2d:03:01:54:ab:
33:38:8a:39:27:40:f9:ae:71:fd:d0:ca:cc:9f:c9:
41:87:27:a8:c9:7e:40:91:d7:ab:8b:de:85:ec:6f:
42:58:40:93:62:49:60:ae:77:b4:19:c4:01:da:6b:
92:ca:f8:b6:3e:98:84:c3:d2:76:c6:cd:63:13:3d:
81:36:ba:16:80:d7:15:2b:ee:e7:6b:f0:90:58:d1:
b9:91:dd:4f:9f:a2:54:95:77:1e:89:e7:b7:ab:20:
2d:bd:1d:b2:ab:90:87:30:3a:a6:c5:49:7d:b6:32:
7b:23:86:7a:71:fe:56:46:b8:0c:62:75:bb:69:a9:
de:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:04:F1:FB:19:B9:4A:97:DB:6F:18:01:1D:51:CF:9A:D1:B5:18:B3
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/FQTx-xm5SpfbbxgBHVHPmtG1GLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.109.0/24
5.181.84.0/24
5.181.87.0/24
45.9.29.0-45.9.30.255
45.81.115.0/24
45.88.136.0/24
45.88.138.0/24
45.94.171.0/24
45.132.180.0/22
45.144.212.0/24
45.151.3.0/24
77.83.37.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.93.0-195.177.95.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
Signature Algorithm: sha256WithRSAEncryption
56:09:e0:2a:70:e2:a4:8b:5e:04:b8:7f:b0:70:ab:4b:eb:12:
f7:98:65:66:58:db:cf:25:11:56:24:28:3d:62:73:27:46:11:
47:2e:8b:a5:d3:f4:ac:7c:9d:ba:15:c6:eb:49:62:b9:e3:05:
b3:c6:41:fc:93:87:31:b2:16:bb:d5:1e:a7:58:aa:08:db:0e:
ee:2f:c9:b7:7e:56:bd:10:20:ba:d2:63:99:fd:14:17:a2:12:
dc:f3:d6:81:a7:99:98:29:5d:9d:41:49:99:69:6c:78:9c:98:
b9:0d:78:e3:0f:2b:ef:e5:b3:7a:f4:38:76:ec:20:e4:09:4e:
07:37:37:9e:2d:8c:81:ef:a8:ab:ac:0c:05:16:ee:a9:3e:b1:
d6:a3:ad:9c:99:94:f2:42:52:4a:4a:97:80:da:4a:d6:f9:00:
fe:18:af:79:ed:48:a6:51:16:c2:1a:f2:8a:66:c8:98:0f:17:
5c:dc:2b:69:b5:c2:f8:5d:e6:5c:20:6e:76:f8:0c:db:5c:8b:
70:b1:b9:93:b3:8f:73:ed:75:02:44:5f:74:b3:da:0e:84:2d:
56:96:6e:e5:45:1d:b6:d3:87:53:8d:24:cf:f0:76:c8:a9:8d:
cc:ec:48:5c:ad:d3:17:e1:6c:f5:05:79:ae:d7:b4:f9:0f:df:
05:52:dd:a0
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZGO0fzzV5AzpXEOGrCYmGV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwODI2MTMxMzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA0ZjFmYjE5Yjk0YTk3ZGI2ZjE4MDExZDUxY2Y5YWQxYjUxOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5QAYu0h3ah7Fh+peUo7Epwkir/eV
nlyN52T8oCeKDQixLV6xU5VJmv7Akm2XnVhV4GVZC3RVXUDVQBuMI/kDFLaNzs4n
RSjo2/Dv1wDXtAyTGDCDXAiU4boEC7S5xu9HnZTFFky0nUqYOMifmSakSUYeQ2+1
dGhJ1WrnwCqwQzf7LQMBVKszOIo5J0D5rnH90MrMn8lBhyeoyX5Akderi96F7G9C
WECTYklgrne0GcQB2muSyvi2PpiEw9J2xs1jEz2BNroWgNcVK+7na/CQWNG5kd1P
n6JUlXceiee3qyAtvR2yq5CHMDqmxUl9tjJ7I4Z6cf5WRrgMYnW7aaneEQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFBUE8fsZuUqX228YAR1Rz5rRtRizMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvRlFUeC14bTVTcGZiYnhnQkhWSFBtdEcxR0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgaEEAgABMIGaAwQA
AjhtAwQABbVUAwQABbVXMAwDBAAtCR0DBAAtCR4DBAAtUXMDBAAtWIgDBAAtWIoD
BAAtXqsDBAIthLQDBAAtkNQDBAAtlwMDBABNUyUDBACSE30DBAG5K/gDBAC5K/sD
BAG5yD4DBADBHvADBAHBHvIDBADBOSsDBADC8mADBAHC8mIwDAMEAMOxXQMEBcOx
QAMEAsPTvDBTBAIAAjBNAwUAKgFxIAMFAyoHkgADBQAqCQNAAwUAKgnEQAMFACoM
XUADBQMqDKWAAwUDKhDfwAMFACoQ+sADBQMqEQWAAwUAKhEWAAMFACoRKoAwDQYJ
KoZIhvcNAQELBQADggEBAFYJ4Cpw4qSLXgS4f7Bwq0vrEveYZWZY288lEVYkKD1i
cydGEUcui6XT9Kx8nboVxutJYrnjBbPGQfyThzGyFrvVHqdYqgjbDu4vybd+Vr0Q
ILrSY5n9FBeiEtzz1oGnmZgpXZ1BSZlpbHicmLkNeOMPK+/ls3r0OHbsIOQJTgc3
N54tjIHvqKusDAUW7qk+sdajrZyZlPJCUkpKl4DaStb5AP4Yr3ntSKZRFsIa8opm
yJgPF1zcK2m1wvhd5lwgbnb4DNtci3CxuZOzj3PtdQJEX3Sz2g6ELVaWbuVFHbbT
h1ONJM/wdsipjczsSFyt0xfhbPUFea7XtPkP3wVS3aA=
-----END CERTIFICATE-----
Generated at Wed Aug 28 16:05:30 2024 by rpki-client on console-fra.rpki-client.org