Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/FMJKtmaPQ8u34_FC_XFzQb9i6c0.roa
File: FMJKtmaPQ8u34_FC_XFzQb9i6c0.roa (raw, json)
Hash identifier: uj7D+4lOsr5jHWw5g1rWSB1k6rp8DpTTyYdvJJvAfII=
Subject key identifier: 14:C2:4A:B6:66:8F:43:CB:B7:E3:F1:42:FD:71:73:41:BF:62:E9:CD
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 018829EACE6068E920A7BAE4E276403B67D9
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/FMJKtmaPQ8u34_FC_XFzQb9i6c0.roa
Signing time: Wed 17 May 2023 13:33:53 +0000
ROA not before: Wed 17 May 2023 13:33:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30857
IP address blocks: 86.111.192.0/24 maxlen: 24
86.111.192.0/22 maxlen: 22
86.111.196.0/24 maxlen: 24
86.111.193.0/24 maxlen: 24
86.111.197.0/24 maxlen: 24
86.111.194.0/24 maxlen: 24
86.111.195.0/24 maxlen: 24
2001:67c:130::/48 maxlen: 48
2001:67c:18c8::/47 maxlen: 47
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:ea:ce:60:68:e9:20:a7:ba:e4:e2:76:40:3b:67:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: May 17 13:33:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14c24ab6668f43cbb7e3f142fd717341bf62e9cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:66:99:df:90:e5:00:89:35:e1:ab:25:47:27:
68:3d:32:24:e4:9f:8d:de:3f:34:fa:e4:b6:d0:87:
c0:e4:7f:1b:c3:bb:1e:83:5b:78:3e:c1:40:ef:88:
ed:1d:3a:b2:cf:1a:35:b5:17:6f:eb:5e:6c:0c:68:
5a:b0:57:6a:41:22:e4:3c:08:bf:30:3d:dd:d2:1b:
bd:f8:03:2b:8a:7c:8f:49:ed:ff:0a:77:03:4a:82:
27:af:bd:3d:be:57:de:35:7d:a8:3c:ae:6a:1b:45:
46:f5:ea:96:7e:fe:9a:fe:ac:b0:f9:f9:79:f0:97:
f8:f1:e7:54:6b:a1:26:83:67:68:28:e3:24:60:77:
52:2a:c5:3c:9d:a4:f6:83:56:38:1c:83:67:4b:42:
77:14:44:be:fa:8e:e7:24:62:0b:1a:d1:18:95:04:
d1:9f:ff:c8:a0:6e:91:87:9b:d4:b5:49:f4:e4:de:
e9:17:56:df:c0:5c:89:7f:6d:ed:12:00:66:ff:71:
5b:24:cb:96:56:99:33:57:96:a5:63:8d:fb:f9:c7:
8d:d7:17:90:0e:f8:65:52:14:e2:ef:ef:5d:f9:69:
95:fb:ba:dc:aa:76:c6:be:96:2a:0e:70:58:5b:67:
f7:53:b2:1a:62:80:1e:bd:ee:fe:c4:78:2c:1e:f9:
61:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:C2:4A:B6:66:8F:43:CB:B7:E3:F1:42:FD:71:73:41:BF:62:E9:CD
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/FMJKtmaPQ8u34_FC_XFzQb9i6c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.192.0-86.111.197.255
IPv6:
2001:67c:130::/48
2001:67c:18c8::/47
Signature Algorithm: sha256WithRSAEncryption
05:61:38:15:09:08:1a:94:b4:81:ef:85:32:f5:65:81:af:64:
0e:b6:ba:35:76:6b:6d:be:ee:95:37:85:3e:88:1c:60:08:6c:
23:b5:c9:71:c1:6f:fd:ab:08:8c:6d:1a:07:be:5b:3c:ef:6c:
49:aa:7d:5e:33:3b:1c:9d:19:c8:b8:5e:7b:9b:06:53:5c:52:
82:6d:93:07:23:dd:41:7b:a8:22:93:02:f8:da:37:35:ce:3d:
23:cd:56:e8:50:eb:85:a4:ab:3f:b1:d3:67:3d:5d:72:91:37:
18:8c:b0:8c:0c:e4:da:e5:47:1a:82:d3:7d:fe:77:29:74:b1:
0c:46:83:5b:02:02:84:18:ee:75:bc:46:9e:48:2a:6e:fd:84:
ee:f1:77:eb:a0:fb:c3:99:0f:10:9a:ce:c8:46:92:c6:e5:ce:
a3:fd:87:93:1e:cc:84:6e:f9:e6:67:86:fe:a6:b4:6d:60:01:
f6:fa:47:e3:61:51:7b:06:63:7d:6a:e8:4e:8d:b2:52:9f:2b:
34:15:c1:28:22:e9:1c:48:e6:d9:28:d1:0c:e2:1a:74:68:9c:
8f:a2:33:08:96:89:d7:7f:e7:04:1d:c4:0f:e7:f8:e6:0a:67:
e2:d6:00:b8:38:d1:47:b3:31:c2:8e:f6:c5:a2:ad:c6:0b:d3:
1a:2b:17:a4
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYgp6s5gaOkgp7rk4nZAO2fZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjMwNTE3MTMzMzUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGMyNGFiNjY2OGY0M2NiYjdlM2YxNDJmZDcxNzM0MWJmNjJlOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWaZ35DlAIk14aslRydoPTIk5J+N
3j80+uS20IfA5H8bw7seg1t4PsFA74jtHTqyzxo1tRdv615sDGhasFdqQSLkPAi/
MD3d0hu9+AMrinyPSe3/CncDSoInr709vlfeNX2oPK5qG0VG9eqWfv6a/qyw+fl5
8Jf48edUa6Emg2doKOMkYHdSKsU8naT2g1Y4HINnS0J3FES++o7nJGILGtEYlQTR
n//IoG6Rh5vUtUn05N7pF1bfwFyJf23tEgBm/3FbJMuWVpkzV5alY437+ceN1xeQ
DvhlUhTi7+9d+WmV+7rcqnbGvpYqDnBYW2f3U7IaYoAeve7+xHgsHvlhRwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBTCSrZmj0PLt+PxQv1xc0G/YunNMB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvRk1KS3RtYVBROHUzNF9GQ19YRnpRYjlpNmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAZWb8AD
BAFWb8QwGAQCAAIwEgMHACABBnwBMAMHASABBnwYyDANBgkqhkiG9w0BAQsFAAOC
AQEABWE4FQkIGpS0ge+FMvVlga9kDra6NXZrbb7ulTeFPogcYAhsI7XJccFv/asI
jG0aB75bPO9sSap9XjM7HJ0ZyLhee5sGU1xSgm2TByPdQXuoIpMC+No3Nc49I81W
6FDrhaSrP7HTZz1dcpE3GIywjAzk2uVHGoLTff53KXSxDEaDWwIChBjudbxGnkgq
bv2E7vF366D7w5kPEJrOyEaSxuXOo/2Hkx7MhG755meG/qa0bWAB9vpH42FRewZj
fWroTo2yUp8rNBXBKCLpHEjm2SjRDOIadGicj6IzCJaJ13/nBB3ED+f45gpn4tYA
uDjRR7Mxwo72xaKtxgvTGisXpA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:37 2024 by rpki-client on console-fra.rpki-client.org