Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FlJCpK38yQojMU4_MsJJluGPZ1s.roa
File: FlJCpK38yQojMU4_MsJJluGPZ1s.roa (raw, json)
Hash identifier: AZcVG3c4DsE6q1urRYPM5jcCIjx4a22EDSgdJim+HNg=
Subject key identifier: 16:52:42:A4:AD:FC:C9:0A:23:31:4E:3F:32:C2:49:96:E1:8F:67:5B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0186846AFE997751D75B8E1E246AB73D403C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FlJCpK38yQojMU4_MsJJluGPZ1s.roa
Signing time: Fri 24 Feb 2023 17:14:09 +0000
ROA not before: Fri 24 Feb 2023 17:14:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209811
IP address blocks: 94.232.96.0/22 maxlen: 22
93.120.8.0/23 maxlen: 23
91.232.227.0/24 maxlen: 24
91.224.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:84:6a:fe:99:77:51:d7:5b:8e:1e:24:6a:b7:3d:40:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 24 17:14:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=165242a4adfcc90a23314e3f32c24996e18f675b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c1:a0:e8:4a:04:a8:b0:be:01:da:04:ed:97:
5c:49:eb:23:5c:21:d4:ea:45:c8:56:05:90:80:93:
2f:30:e0:df:71:f1:bb:7b:47:c8:3c:09:81:6c:c6:
26:79:cd:f1:cf:e3:2a:49:ca:de:72:f6:54:5f:67:
96:0a:fe:87:57:24:cc:2f:23:64:66:cd:f7:4b:c2:
9d:f5:d1:80:71:5a:53:3b:4f:89:11:a9:7e:89:89:
e7:e2:de:71:8f:2c:e1:ce:a6:78:81:41:a4:47:b9:
f7:ba:5c:34:7d:36:fd:e0:2e:66:40:9d:23:92:0c:
1b:41:d4:47:43:9c:7a:27:55:4f:5f:e5:d3:98:ba:
04:56:69:ae:38:0a:c5:e9:00:87:fc:48:50:1f:b7:
ec:06:8b:66:7d:95:86:5c:a9:37:00:db:b2:fa:80:
39:23:8b:3e:68:9f:5a:7a:aa:5e:9e:64:d2:8c:f4:
66:31:ef:9c:0a:2c:a4:9d:e9:a9:1b:37:b6:2b:b4:
69:ee:2c:a4:42:71:e8:16:4a:70:cd:8f:ef:73:7d:
8e:15:6d:56:fa:a1:9a:2e:b8:00:cd:db:1b:8d:ab:
03:95:cc:98:55:1c:4f:19:ff:0a:a2:05:0c:a9:cb:
d0:fb:f4:70:30:2a:38:38:d3:4c:fb:20:6f:85:ad:
48:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:52:42:A4:AD:FC:C9:0A:23:31:4E:3F:32:C2:49:96:E1:8F:67:5B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/FlJCpK38yQojMU4_MsJJluGPZ1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.41.0/24
91.232.227.0/24
93.120.8.0/23
94.232.96.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:65:57:bc:b5:e1:31:78:c7:b0:95:9e:bc:e6:09:1a:f2:19:
ce:1a:5d:e3:0a:e7:7a:a0:38:45:24:e4:f3:ff:b7:4a:a2:b9:
78:be:e4:07:52:ce:98:3d:c0:25:b0:4c:c2:fe:75:71:6f:e4:
e0:8f:79:82:33:b0:f4:48:2d:c2:71:3b:92:eb:81:5b:ce:5d:
88:63:32:12:4f:c0:51:4b:52:fa:1a:4a:89:d2:73:35:93:27:
33:6d:e5:d1:37:62:af:ed:af:49:d7:a7:af:c1:6c:a2:18:35:
9d:b1:e4:02:4c:ee:3c:4c:6c:d4:25:9c:ac:fd:2f:73:fe:31:
e5:51:c8:c1:8a:b6:cc:3a:5f:b8:4e:4e:28:bd:5f:dc:a4:f5:
14:86:c3:51:e8:2d:65:e2:63:52:9f:f0:74:68:fd:58:61:f2:
43:1b:5d:06:8c:68:0f:f1:fe:cc:d5:d5:96:78:c9:7b:64:22:
8d:5e:50:a6:66:e6:8c:fd:fc:74:38:25:af:89:e9:e6:f3:5c:
b3:4c:b3:35:8b:e8:f6:f7:38:c4:c0:7c:83:2b:8d:14:7f:1b:
89:8a:20:50:6a:a4:fb:81:ad:2c:2f:ed:4a:ae:21:bf:76:ff:
05:ef:75:30:fd:d9:d5:d4:5c:eb:79:c7:d1:a0:e2:b9:a9:53:
0a:54:bb:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYaEav6Zd1HXW44eJGq3PUA8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwMjI0MTcxNDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUyNDJhNGFkZmNjOTBhMjMzMTRlM2YzMmMyNDk5NmUxOGY2NzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMGg6EoEqLC+AdoE7ZdcSesjXCHU
6kXIVgWQgJMvMODfcfG7e0fIPAmBbMYmec3xz+MqScrecvZUX2eWCv6HVyTMLyNk
Zs33S8Kd9dGAcVpTO0+JEal+iYnn4t5xjyzhzqZ4gUGkR7n3ulw0fTb94C5mQJ0j
kgwbQdRHQ5x6J1VPX+XTmLoEVmmuOArF6QCH/EhQH7fsBotmfZWGXKk3ANuy+oA5
I4s+aJ9aeqpenmTSjPRmMe+cCiyknempGze2K7Rp7iykQnHoFkpwzY/vc32OFW1W
+qGaLrgAzdsbjasDlcyYVRxPGf8KogUMqcvQ+/RwMCo4ONNM+yBvha1IowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBZSQqSt/MkKIzFOPzLCSZbhj2dbMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvRmxKQ3BLMzh5UW9qTVU0X01zSkpsdUdQWjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+ApAwQA
W+jjAwQBXXgIAwQCXuhgMA0GCSqGSIb3DQEBCwUAA4IBAQB+ZVe8teExeMewlZ68
5gka8hnOGl3jCud6oDhFJOTz/7dKorl4vuQHUs6YPcAlsEzC/nVxb+Tgj3mCM7D0
SC3CcTuS64Fbzl2IYzIST8BRS1L6GkqJ0nM1kyczbeXRN2Kv7a9J16evwWyiGDWd
seQCTO48TGzUJZys/S9z/jHlUcjBirbMOl+4Tk4ovV/cpPUUhsNR6C1l4mNSn/B0
aP1YYfJDG10GjGgP8f7M1dWWeMl7ZCKNXlCmZuaM/fx0OCWvienm81yzTLM1i+j2
9zjEwHyDK40UfxuJiiBQaqT7ga0sL+1KriG/dv8F73Uw/dnV1FzrecfRoOK5qVMK
VLvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org