Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/FD8wZestLfQM--P1W3riKkXoMj0.roa
File: FD8wZestLfQM--P1W3riKkXoMj0.roa (raw, json)
Hash identifier: GuQAncGHVaUlwdx21fFd3Pyg/0x8m6CbQGKjlWrz5tA=
Subject key identifier: 14:3F:30:65:EB:2D:2D:F4:0C:FB:E3:F5:5B:7A:E2:2A:45:E8:32:3D
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DC740BACBEEE6ADCC6EDCD6382D04C48B
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/FD8wZestLfQM--P1W3riKkXoMj0.roa
Signing time: Tue 20 Feb 2024 16:02:04 +0000
ROA not before: Tue 20 Feb 2024 16:02:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
31.222.248.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 17:41:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c7:40:ba:cb:ee:e6:ad:cc:6e:dc:d6:38:2d:04:c4:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 20 16:02:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=143f3065eb2d2df40cfbe3f55b7ae22a45e8323d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:32:fe:4e:aa:fb:af:fb:e5:3c:e7:3e:49:16:
fa:76:15:96:92:85:83:63:a8:19:a2:6c:04:40:28:
e7:54:f9:3b:08:3c:b5:9d:42:5a:ed:31:2c:c5:24:
12:8a:70:41:2c:ea:e2:34:cb:0f:03:2f:66:42:29:
ff:8d:5c:4c:cb:67:5b:8c:a8:37:77:4b:8c:d0:f1:
a4:9c:cb:06:f7:fb:6a:79:30:91:1f:d7:f3:c7:f8:
11:94:d8:e0:66:ae:d2:bb:0b:cd:54:a6:5e:ca:7f:
24:1a:70:a3:dd:46:41:cd:b5:6b:6e:57:10:1d:87:
09:68:75:fb:de:8d:cf:95:e2:fe:1b:16:09:3c:a8:
13:29:f8:fa:af:d6:3f:1b:d4:f5:19:18:4c:2c:de:
e2:1c:b7:a3:cc:d1:ca:61:57:fe:b0:de:0d:7c:e8:
4d:d5:59:66:6d:2f:15:de:1f:01:fd:2e:19:83:8f:
fb:e3:d9:33:e7:8d:36:da:ee:56:b5:1f:92:f4:5d:
f2:5a:df:d1:2e:c7:c7:45:73:e1:31:c6:35:2b:66:
f5:a8:30:bd:02:4c:0d:be:ad:89:e9:80:dd:e0:c6:
ae:a7:3f:3c:28:16:13:01:fa:8d:a1:b1:d2:72:b7:
d6:19:b7:f9:00:01:bb:fa:65:ad:a7:fb:87:07:73:
df:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3F:30:65:EB:2D:2D:F4:0C:FB:E3:F5:5B:7A:E2:2A:45:E8:32:3D
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/FD8wZestLfQM--P1W3riKkXoMj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
31.222.248.0/24
94.158.191.0/24
130.255.169.0/24
146.19.137.0/24
176.56.38.0/24
185.218.1.0/24
193.3.22.0/24
193.239.209.0/24
194.32.243.0/24
195.96.157.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
01:07:60:ed:ca:19:b6:cf:ad:54:cd:41:e2:30:62:e9:a8:41:
26:5e:83:66:49:6d:69:e0:93:52:2c:a7:66:22:c4:89:ce:f2:
30:a6:79:96:43:a8:c1:99:76:74:cd:3d:81:d3:b5:67:3a:f9:
67:f0:8a:ff:fa:c4:71:2d:38:ea:99:cd:44:2c:83:29:07:9d:
31:a0:7d:db:26:76:b0:8b:b9:3d:af:45:70:ab:30:1a:ed:cf:
05:ad:10:27:d6:b3:5f:08:5c:77:c8:35:5d:10:27:b9:54:f2:
cd:ab:79:c6:32:3e:a9:bc:53:64:11:2e:a1:a2:95:f3:e5:4e:
cc:5e:ba:9c:c9:ff:c7:22:40:05:0b:e5:d6:d1:fc:fc:b1:2c:
d2:cd:d0:ed:6b:f7:3a:a5:c1:49:b5:44:ba:05:a4:82:87:e2:
42:09:a2:75:10:a6:34:42:5c:2d:42:3b:fb:88:2e:a7:da:3d:
e3:0f:ee:02:ad:31:e7:5e:9e:a7:e9:d4:a0:4c:ef:44:65:4f:
90:75:f8:c2:9c:ce:1f:0b:57:8e:33:3c:2f:23:5f:be:61:05:
f8:a7:77:4a:e3:3a:eb:3b:89:19:32:0b:17:14:5e:7f:fc:bf:
4f:7a:c8:5c:e8:70:9d:ba:18:91:0b:31:9d:62:b0:3f:fa:d2:
c1:01:06:53
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY3HQLrL7uatzG7c1jgtBMSLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjIwMTYwMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNmMzA2NWViMmQyZGY0MGNmYmUzZjU1YjdhZTIyYTQ1ZTgzMjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDL+Tqr7r/vlPOc+SRb6dhWWkoWD
Y6gZomwEQCjnVPk7CDy1nUJa7TEsxSQSinBBLOriNMsPAy9mQin/jVxMy2dbjKg3
d0uM0PGknMsG9/tqeTCRH9fzx/gRlNjgZq7SuwvNVKZeyn8kGnCj3UZBzbVrblcQ
HYcJaHX73o3PleL+GxYJPKgTKfj6r9Y/G9T1GRhMLN7iHLejzNHKYVf+sN4NfOhN
1VlmbS8V3h8B/S4Zg4/749kz54022u5WtR+S9F3yWt/RLsfHRXPhMcY1K2b1qDC9
AkwNvq2J6YDd4Maupz88KBYTAfqNobHScrfWGbf5AAG7+mWtp/uHB3PfZQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBQ/MGXrLS30DPvj9Vt64ipF6DI9MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvRkQ4d1plc3RMZlFNLS1QMVczcmlLa1hvTWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBAjhwAwQA
BbeAAwQAH974AwQAXp6/AwQAgv+pAwQAkhOJAwQAsDgmAwQAudoBAwQAwQMWAwQA
we/RAwQAwiDzAwQAw2CdAwQA2XeCMA0GCSqGSIb3DQEBCwUAA4IBAQABB2Dtyhm2
z61UzUHiMGLpqEEmXoNmSW1p4JNSLKdmIsSJzvIwpnmWQ6jBmXZ0zT2B07VnOvln
8Ir/+sRxLTjqmc1ELIMpB50xoH3bJnawi7k9r0VwqzAa7c8FrRAn1rNfCFx3yDVd
ECe5VPLNq3nGMj6pvFNkES6hopXz5U7MXrqcyf/HIkAFC+XW0fz8sSzSzdDta/c6
pcFJtUS6BaSCh+JCCaJ1EKY0QlwtQjv7iC6n2j3jD+4CrTHnXp6n6dSgTO9EZU+Q
dfjCnM4fC1eOMzwvI1++YQX4p3dK4zrrO4kZMgsXFF5//L9Peshc6HCduhiRCzGd
YrA/+tLBAQZT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org