Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FgrOn-hhOf_uMPoIRWswKYUftXw.roa
File: FgrOn-hhOf_uMPoIRWswKYUftXw.roa (raw, json)
Hash identifier: o2w16Y2TK2WcJxHHIZ/lQ3KVGCR+RpAdhz9T185AWl8=
Subject key identifier: 16:0A:CE:9F:E8:61:39:FF:EE:30:FA:08:45:6B:30:29:85:1F:B5:7C
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 01893CE86621442A95B8BEEAB3237911C2D5
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FgrOn-hhOf_uMPoIRWswKYUftXw.roa
Signing time: Sun 09 Jul 2023 23:06:50 +0000
ROA not before: Sun 09 Jul 2023 23:06:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 78.144.0.0/13 maxlen: 24
213.208.64.0/18 maxlen: 24
193.218.99.0/24 maxlen: 24
217.68.128.0/20 maxlen: 24
212.159.128.0/18 maxlen: 24
81.178.0.0/15 maxlen: 24
92.0.0.0/11 maxlen: 24
195.112.0.0/18 maxlen: 24
84.43.0.0/17 maxlen: 24
62.24.128.0/17 maxlen: 24
212.139.0.0/16 maxlen: 24
89.240.0.0/14 maxlen: 24
80.40.0.0/13 maxlen: 24
88.104.0.0/13 maxlen: 24
212.1.128.0/19 maxlen: 24
81.170.0.0/17 maxlen: 24
91.146.112.0/21 maxlen: 24
82.133.0.0/17 maxlen: 24
145.255.240.0/21 maxlen: 24
87.242.128.0/17 maxlen: 24
185.173.116.0/22 maxlen: 24
185.112.212.0/22 maxlen: 24
217.8.0.0/19 maxlen: 24
81.1.64.0/18 maxlen: 24
83.67.0.0/16 maxlen: 24
2.96.0.0/13 maxlen: 24
84.12.0.0/16 maxlen: 24
212.74.96.0/19 maxlen: 24
194.247.224.0/19 maxlen: 24
79.76.0.0/14 maxlen: 24
185.175.144.0/22 maxlen: 24
62.3.192.0/18 maxlen: 24
212.67.96.0/19 maxlen: 24
185.173.120.0/22 maxlen: 24
185.175.48.0/22 maxlen: 24
81.6.192.0/18 maxlen: 24
194.106.32.0/19 maxlen: 24
89.168.128.0/17 maxlen: 24
81.86.0.0/16 maxlen: 24
62.241.160.0/19 maxlen: 24
195.149.0.0/18 maxlen: 24
185.24.12.0/22 maxlen: 24
213.78.0.0/16 maxlen: 24
195.137.0.0/17 maxlen: 24
79.73.0.0/16 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3c:e8:66:21:44:2a:95:b8:be:ea:b3:23:79:11:c2:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Jul 9 23:06:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=160ace9fe86139ffee30fa08456b3029851fb57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:81:8e:5e:05:47:9d:4d:3c:61:94:b8:8e:e3:
d5:a8:0e:0e:e9:ee:b0:9c:93:d4:9e:df:cb:b7:5a:
40:04:1e:d4:9a:a7:f7:c9:9d:ea:8f:66:f5:b3:60:
cd:42:1a:cf:17:6e:c9:a3:9f:62:0e:3c:ef:97:d3:
cb:bb:e7:6f:bb:ad:80:d2:f1:5e:71:ce:6d:26:eb:
30:1a:61:d3:c5:6f:c2:91:c9:78:10:3a:4d:46:49:
63:95:05:91:5f:67:f9:98:9b:bc:80:ed:8b:a2:ee:
b7:e0:df:a5:31:72:08:39:b3:be:e3:c0:90:96:3e:
c5:f9:e9:25:cc:ee:20:5d:6c:e2:5d:0e:e9:2c:22:
93:d3:74:ef:f9:ac:8a:05:a2:25:6e:79:06:65:13:
73:18:45:c4:f8:f6:25:d5:ec:54:e4:50:36:be:eb:
3b:15:58:a5:69:94:01:de:b8:50:a5:e4:20:5a:ca:
57:da:22:ba:43:60:61:1c:46:a1:97:66:ed:75:f9:
15:4e:cf:49:0c:13:04:54:60:0e:81:ed:94:86:e3:
20:cb:50:74:b1:86:37:5d:c6:47:43:70:1a:4c:f3:
dc:22:9b:78:af:56:a0:86:87:e6:43:47:e2:d8:7f:
fb:35:0e:a0:9a:92:c7:13:98:d4:08:92:f4:42:46:
1d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0A:CE:9F:E8:61:39:FF:EE:30:FA:08:45:6B:30:29:85:1F:B5:7C
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/FgrOn-hhOf_uMPoIRWswKYUftXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.96.0.0/13
62.3.192.0/18
62.24.128.0/17
62.241.160.0/19
78.144.0.0/13
79.73.0.0/16
79.76.0.0/14
80.40.0.0/13
81.1.64.0/18
81.6.192.0/18
81.86.0.0/16
81.170.0.0/17
81.178.0.0/15
82.133.0.0/17
83.67.0.0/16
84.12.0.0/16
84.43.0.0/17
87.242.128.0/17
88.104.0.0/13
89.168.128.0/17
89.240.0.0/14
91.146.112.0/21
92.0.0.0/11
145.255.240.0/21
185.24.12.0/22
185.112.212.0/22
185.173.116.0-185.173.123.255
185.175.48.0/22
185.175.144.0/22
193.218.99.0/24
194.106.32.0/19
194.247.224.0/19
195.112.0.0/18
195.137.0.0/17
195.149.0.0/18
212.1.128.0/19
212.67.96.0/19
212.74.96.0/19
212.139.0.0/16
212.159.128.0/18
213.78.0.0/16
213.208.64.0/18
217.8.0.0/19
217.68.128.0/20
Signature Algorithm: sha256WithRSAEncryption
47:fa:bb:56:ce:a5:a2:f9:77:9a:18:a5:0b:23:6e:95:fb:ff:
57:7d:11:f0:04:23:5f:b5:99:01:11:8b:78:99:82:91:e0:e4:
04:ae:0f:1f:97:8d:df:db:ce:42:a7:85:c0:2d:44:8f:66:ab:
70:13:3c:f4:1f:93:d9:62:17:40:c7:0f:99:c3:d7:1d:6e:5c:
20:fe:d3:87:14:a1:45:4a:76:7c:a1:3f:76:76:54:c8:6e:06:
53:db:3a:8a:4b:af:89:ce:7c:46:94:25:6e:3a:c0:7d:0d:c1:
c5:56:7c:dd:63:68:3d:31:b7:59:ad:cc:1f:a9:f8:16:1b:52:
d8:d0:f2:df:b2:ff:03:7b:c6:ee:23:cd:8d:61:b7:4e:f5:ae:
a6:f9:8c:c4:66:e4:e6:cc:6a:15:42:84:96:d5:95:7a:60:c7:
ba:26:a5:18:07:49:27:f2:12:b9:c6:ed:b5:51:89:01:01:71:
f0:d7:d9:f7:12:ed:5b:97:91:09:8d:b7:13:4a:69:4b:6f:c4:
0f:4f:7d:68:78:af:27:3d:91:cc:a0:bf:31:a2:3e:a1:c8:65:
0d:4d:00:d4:31:ab:39:fb:ae:c9:00:49:75:34:45:62:8f:7b:
20:f5:05:e9:ab:89:fc:d1:80:62:d3:3d:d8:8c:d0:6e:80:8c:
6b:57:a9:51
-----BEGIN CERTIFICATE-----
MIIGAzCCBOugAwIBAgISAYk86GYhRCqVuL7qsyN5EcLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjMwNzA5MjMwNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjBhY2U5ZmU4NjEzOWZmZWUzMGZhMDg0NTZiMzAyOTg1MWZiNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYGOXgVHnU08YZS4juPVqA4O6e6w
nJPUnt/Lt1pABB7Umqf3yZ3qj2b1s2DNQhrPF27Jo59iDjzvl9PLu+dvu62A0vFe
cc5tJuswGmHTxW/Ckcl4EDpNRkljlQWRX2f5mJu8gO2Lou634N+lMXIIObO+48CQ
lj7F+eklzO4gXWziXQ7pLCKT03Tv+ayKBaIlbnkGZRNzGEXE+PYl1exU5FA2vus7
FVilaZQB3rhQpeQgWspX2iK6Q2BhHEahl2btdfkVTs9JDBMEVGAOge2UhuMgy1B0
sYY3XcZHQ3AaTPPcIpt4r1aghofmQ0fi2H/7NQ6gmpLHE5jUCJL0QkYdgQIDAQAB
o4IDDzCCAwswHQYDVR0OBBYEFBYKzp/oYTn/7jD6CEVrMCmFH7V8MB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvRmdyT24taGhPZl91TVBvSVJXc3dLWVVmdFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMDAwJgAwQGPgPAAwQHPhiAAwQFPvGgAwMDTpADAwBPSQMDAk9MAwMDUCgDBAZR
AUADBAZRBsADAwBRVgMEB1GqAAMDAVGyAwQHUoUAAwMAU0MDAwBUDAMEB1QrAAME
B1fygAMDA1hoAwQHWaiAAwMCWfADBANbknADAwVcAAMEA5H/8AMEArkYDAMEArlw
1DAMAwQCua10AwQCua14AwQCua8wAwQCua+QAwQAwdpjAwQFwmogAwQFwvfgAwQG
w3AAAwQHw4kAAwQGw5UAAwQF1AGAAwQF1ENgAwQF1EpgAwMA1IsDBAbUn4ADAwDV
TgMEBtXQQAMEBdkIAAMEBNlEgDANBgkqhkiG9w0BAQsFAAOCAQEAR/q7Vs6lovl3
mhilCyNulfv/V30R8AQjX7WZARGLeJmCkeDkBK4PH5eN39vOQqeFwC1Ej2arcBM8
9B+T2WIXQMcPmcPXHW5cIP7ThxShRUp2fKE/dnZUyG4GU9s6ikuvic58RpQlbjrA
fQ3BxVZ83WNoPTG3Wa3MH6n4FhtS2NDy37L/A3vG7iPNjWG3TvWupvmMxGbk5sxq
FUKEltWVemDHuialGAdJJ/ISucbttVGJAQFx8NfZ9xLtW5eRCY23E0ppS2/ED099
aHivJz2RzKC/MaI+ochlDU0A1DGrOfuuyQBJdTRFYo97IPUF6auJ/NGAYtM92IzQ
boCMa1epUQ==
-----END CERTIFICATE-----
Generated at Mon Jul 31 02:30:46 2023 by rpki-client on console-fra.rpki-client.org