Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FLR7JTEKNvZ87wpbAIL58CDb69s.roa
File: FLR7JTEKNvZ87wpbAIL58CDb69s.roa (raw, json)
Hash identifier: FctS3ELFsjkQQHRmn8t8syvCYZ+0KEm2iBXyqxac+9k=
Subject key identifier: 14:B4:7B:25:31:0A:36:F6:7C:EF:0A:5B:00:82:F9:F0:20:DB:EB:DB
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01877B3D84B63AC8054ABB82C2FD92DD5926
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FLR7JTEKNvZ87wpbAIL58CDb69s.roa
Signing time: Thu 13 Apr 2023 15:30:41 +0000
ROA not before: Thu 13 Apr 2023 15:30:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60257
IP address blocks: 145.255.240.0/21 maxlen: 24
81.179.96.0/20 maxlen: 20
185.24.12.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Apr 2023 15:53:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7b:3d:84:b6:3a:c8:05:4a:bb:82:c2:fd:92:dd:59:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Apr 13 15:30:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14b47b25310a36f67cef0a5b0082f9f020dbebdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7d:f6:c8:a0:79:0f:79:fe:bd:e5:45:57:e8:
2c:57:87:04:e3:c8:54:f9:ae:35:23:28:e7:b1:1a:
5f:e8:4b:2d:f8:d8:82:b5:5a:02:18:24:e5:6d:57:
96:9b:ef:90:63:a2:e9:43:07:1b:f0:46:01:bf:94:
bf:e1:06:6f:80:b7:bc:51:9f:96:35:54:11:41:31:
97:7f:9b:ff:a9:cd:59:5a:65:ff:4c:1f:65:e1:50:
93:6b:fd:b1:f6:48:a5:4f:34:f0:bc:d3:fc:11:f2:
53:8e:a5:c4:82:2f:19:08:29:28:ec:7c:d8:fc:58:
8d:35:05:23:89:93:71:ff:6b:81:0c:9d:f4:f9:58:
6f:69:87:e2:94:2f:4b:06:a1:4d:e5:f2:9f:8a:17:
da:70:1b:42:b4:66:ff:6a:63:7d:a5:f1:dd:23:25:
90:9e:f0:de:a4:66:57:54:72:2e:61:df:31:30:0d:
5e:5f:b1:ef:64:14:be:8f:04:e1:a4:df:48:fd:8d:
d6:86:5e:2f:ba:0e:52:23:ec:cf:61:ad:ef:a4:11:
b9:5f:ee:c5:56:8e:fb:33:78:43:37:6c:80:23:6a:
e2:f4:a3:45:88:4c:a7:47:89:d9:48:31:3e:b5:95:
dc:1a:d4:58:5a:fd:d4:53:51:3f:f7:db:08:bd:59:
31:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B4:7B:25:31:0A:36:F6:7C:EF:0A:5B:00:82:F9:F0:20:DB:EB:DB
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FLR7JTEKNvZ87wpbAIL58CDb69s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.179.96.0/20
145.255.240.0/21
185.24.12.0/22
Signature Algorithm: sha256WithRSAEncryption
10:b0:88:ce:15:c6:13:12:da:79:5b:4a:23:6e:57:71:28:37:
4d:a3:85:78:4c:bb:3c:5f:70:90:df:f5:01:a1:47:42:be:92:
af:66:10:3c:12:21:ea:ad:0d:85:38:4b:a0:00:52:0f:79:1c:
b5:89:c0:15:d4:36:c9:43:99:9e:0f:cc:3d:eb:3d:73:c7:ba:
ec:fe:f0:91:b3:8a:6f:69:33:23:c7:a0:79:8a:83:38:b4:6f:
77:7e:8b:03:9a:f8:90:32:4e:28:ca:ba:87:2e:8d:e2:a3:09:
96:ac:1d:ec:75:29:20:97:33:90:e2:84:bd:d4:9d:ed:5a:71:
0d:05:b9:96:e9:35:e2:62:7a:9a:30:c9:01:0a:8e:86:6e:34:
0c:ec:40:6d:33:eb:75:68:05:a8:bd:c8:74:52:54:ec:31:7a:
ef:ec:92:bb:cb:00:0d:79:9f:73:f1:6c:ff:60:4a:5c:09:3f:
98:bd:2b:4a:6f:43:02:4f:4c:41:4b:35:c3:01:e6:47:2e:b6:
ed:20:a6:3e:c2:2e:a6:87:48:af:86:b0:76:07:40:64:6b:b3:
ba:29:cf:14:66:52:79:4d:a5:07:e4:80:06:b6:f5:7a:6e:df:
83:31:cf:94:1d:4f:3e:86:64:46:67:38:78:a2:39:84:58:aa:
f2:10:ac:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYd7PYS2OsgFSruCwv2S3VkmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwNDEzMTUzMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI0N2IyNTMxMGEzNmY2N2NlZjBhNWIwMDgyZjlmMDIwZGJlYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq332yKB5D3n+veVFV+gsV4cE48hU
+a41IyjnsRpf6Est+NiCtVoCGCTlbVeWm++QY6LpQwcb8EYBv5S/4QZvgLe8UZ+W
NVQRQTGXf5v/qc1ZWmX/TB9l4VCTa/2x9kilTzTwvNP8EfJTjqXEgi8ZCCko7HzY
/FiNNQUjiZNx/2uBDJ30+VhvaYfilC9LBqFN5fKfihfacBtCtGb/amN9pfHdIyWQ
nvDepGZXVHIuYd8xMA1eX7HvZBS+jwThpN9I/Y3Whl4vug5SI+zPYa3vpBG5X+7F
Vo77M3hDN2yAI2ri9KNFiEynR4nZSDE+tZXcGtRYWv3UU1E/99sIvVkxgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBS0eyUxCjb2fO8KWwCC+fAg2+vbMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvRkxSN0pURUtOdlo4N3dwYkFJTDU4Q0RiNjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUbNgAwQD
kf/wAwQCuRgMMA0GCSqGSIb3DQEBCwUAA4IBAQAQsIjOFcYTEtp5W0ojbldxKDdN
o4V4TLs8X3CQ3/UBoUdCvpKvZhA8EiHqrQ2FOEugAFIPeRy1icAV1DbJQ5meD8w9
6z1zx7rs/vCRs4pvaTMjx6B5ioM4tG93fosDmviQMk4oyrqHLo3iowmWrB3sdSkg
lzOQ4oS91J3tWnENBbmW6TXiYnqaMMkBCo6GbjQM7EBtM+t1aAWovch0UlTsMXrv
7JK7ywANeZ9z8Wz/YEpcCT+YvStKb0MCT0xBSzXDAeZHLrbtIKY+wi6mh0ivhrB2
B0Bka7O6Kc8UZlJ5TaUH5IAGtvV6bt+DMc+UHU8+hmRGZzh4ojmEWKryEKyk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:29 2024 by rpki-client on console-ams.rpki-client.org