Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/FASM3W2FufVNFzns7QeiiDm4uH0.roa
File: FASM3W2FufVNFzns7QeiiDm4uH0.roa (raw, json)
Hash identifier: SX2LBVVPrYJh+pbXaglHGdkr2RHnxXHRluTFM3HvEx4=
Subject key identifier: 14:04:8C:DD:6D:85:B9:F5:4D:17:39:EC:ED:07:A2:88:39:B8:B8:7D
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 0188B53B508CC5B222CE691468AE2DABCC45
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/FASM3W2FufVNFzns7QeiiDm4uH0.roa
Signing time: Tue 13 Jun 2023 14:49:03 +0000
ROA not before: Tue 13 Jun 2023 14:49:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 45.150.64.0/24 maxlen: 32
45.150.67.0/24 maxlen: 32
45.150.65.0/24 maxlen: 32
5.181.22.0/24 maxlen: 24
5.181.21.0/24 maxlen: 24
185.234.247.0/24 maxlen: 32
5.181.20.0/24 maxlen: 24
5.181.23.0/24 maxlen: 24
45.144.29.0/24 maxlen: 32
45.144.28.0/24 maxlen: 32
45.144.31.0/24 maxlen: 32
45.144.30.0/24 maxlen: 32
45.140.147.0/24 maxlen: 32
45.140.146.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 13 Jun 2023 14:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b5:3b:50:8c:c5:b2:22:ce:69:14:68:ae:2d:ab:cc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jun 13 14:49:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14048cdd6d85b9f54d1739eced07a28839b8b87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:24:bf:56:08:b3:f3:ed:b1:6f:ff:4f:3b:69:
71:6e:3e:bb:4f:ac:3f:07:a7:80:de:44:84:e6:cc:
1c:be:9c:99:f1:ca:a6:3c:6e:86:42:a8:92:3d:a6:
ce:a9:05:72:99:5d:8c:51:ba:f3:fd:1f:d6:af:1d:
2b:1a:24:e0:1f:9b:80:db:68:cc:8f:79:0f:1b:34:
aa:6c:0f:f7:a0:ae:0f:e9:e4:43:b0:34:e1:ef:df:
45:38:4d:29:2b:92:65:ad:f8:81:ef:45:a1:3e:b6:
8e:6a:73:02:45:40:41:06:8e:7d:96:f4:a1:b5:c1:
96:a3:94:bb:dd:ef:31:d4:23:36:0c:09:78:d1:97:
3a:04:23:ce:88:ff:d1:39:f7:0f:39:30:d9:3f:88:
ab:a6:0c:47:d7:dd:5b:3b:ee:9d:de:44:61:e2:a7:
3c:fb:35:4d:45:f7:fb:c0:58:3b:70:a4:97:25:ef:
fb:43:f5:a3:b3:be:a1:5b:d5:77:92:6c:77:f6:e1:
90:14:e6:4d:7a:ab:a7:81:19:be:18:8a:36:8a:fd:
99:41:85:be:25:7f:1f:32:dd:89:32:d5:2a:0e:eb:
5b:ce:e9:e5:84:a2:95:a8:d1:1e:4c:b8:1a:1e:a2:
18:8c:6c:0b:2e:cf:24:29:81:3a:d2:1d:33:cd:a3:
1d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:04:8C:DD:6D:85:B9:F5:4D:17:39:EC:ED:07:A2:88:39:B8:B8:7D
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/FASM3W2FufVNFzns7QeiiDm4uH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0/22
45.140.146.0/23
45.144.28.0/22
45.150.64.0/23
45.150.67.0/24
185.234.247.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:57:23:dd:74:85:fd:37:d3:53:d7:6c:4d:92:d0:46:61:55:
63:da:87:a3:7f:63:0f:10:7b:6a:88:15:09:27:56:1f:67:e3:
fd:c8:08:a2:ac:48:3d:d3:94:81:81:65:3b:82:94:d7:55:2e:
55:ed:21:8c:d5:a2:b0:04:c2:d8:f8:cd:ab:d8:f5:3b:14:ee:
38:ab:35:a2:26:27:49:06:aa:39:50:4c:ea:0f:b8:fe:8e:ed:
13:9a:be:b5:6b:e2:6c:c6:53:af:96:38:f4:79:52:77:97:dd:
a8:6d:06:4d:d3:92:57:d4:d8:d7:f9:76:09:2b:e0:18:6b:b7:
11:1a:36:d9:8e:0e:20:5d:c5:fe:3a:83:ce:cd:12:36:b7:91:
c2:6a:03:a3:02:9a:b9:c1:53:eb:ae:5b:92:ba:05:db:1a:13:
c8:38:08:cc:f6:f8:a5:65:e4:3b:c3:2d:85:a1:85:d8:e9:c5:
12:d4:de:2d:8a:63:88:b1:8c:6d:e7:a9:f3:bf:9a:26:a8:be:
7a:a4:47:1a:73:77:02:cd:ce:2c:28:e7:20:80:7a:ba:48:2e:
34:9f:94:3a:47:ec:8b:11:35:b8:88:dd:8b:99:5b:3d:49:d7:
f7:fa:53:16:1b:f0:ea:ff:2d:ce:5e:fa:4e:47:3f:88:3e:f9:
21:d7:61:18
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYi1O1CMxbIizmkUaK4tq8xFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjMwNjEzMTQ0OTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDA0OGNkZDZkODViOWY1NGQxNzM5ZWNlZDA3YTI4ODM5YjhiODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCS/Vgiz8+2xb/9PO2lxbj67T6w/
B6eA3kSE5swcvpyZ8cqmPG6GQqiSPabOqQVymV2MUbrz/R/Wrx0rGiTgH5uA22jM
j3kPGzSqbA/3oK4P6eRDsDTh799FOE0pK5JlrfiB70WhPraOanMCRUBBBo59lvSh
tcGWo5S73e8x1CM2DAl40Zc6BCPOiP/ROfcPOTDZP4irpgxH191bO+6d3kRh4qc8
+zVNRff7wFg7cKSXJe/7Q/Wjs76hW9V3kmx39uGQFOZNequngRm+GIo2iv2ZQYW+
JX8fMt2JMtUqDutbzunlhKKVqNEeTLgaHqIYjGwLLs8kKYE60h0zzaMdlQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBQEjN1thbn1TRc57O0Hoog5uLh9MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvRkFTTTNXMkZ1ZlZORnpuczdRZWlpRG00dUgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBbUUAwQB
LYySAwQCLZAcAwQBLZZAAwQALZZDAwQAuer3MA0GCSqGSIb3DQEBCwUAA4IBAQAb
VyPddIX9N9NT12xNktBGYVVj2oejf2MPEHtqiBUJJ1YfZ+P9yAiirEg905SBgWU7
gpTXVS5V7SGM1aKwBMLY+M2r2PU7FO44qzWiJidJBqo5UEzqD7j+ju0Tmr61a+Js
xlOvljj0eVJ3l92obQZN05JX1NjX+XYJK+AYa7cRGjbZjg4gXcX+OoPOzRI2t5HC
agOjApq5wVPrrluSugXbGhPIOAjM9vilZeQ7wy2FoYXY6cUS1N4timOIsYxt56nz
v5omqL56pEcac3cCzc4sKOcggHq6SC40n5Q6R+yLETW4iN2LmVs9Sdf3+lMWG/Dq
/y3OXvpORz+IPvkh12EY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:31 2024 by rpki-client on console-ams.rpki-client.org