Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/F0BUMZsDPiTG0xJHLoswRahEoeQ.roa
File: F0BUMZsDPiTG0xJHLoswRahEoeQ.roa (raw, json)
Hash identifier: PG4ZoqGz+wTkR3Zmw0+7A5A87ylc2bDkk0OSSdJ4MTI=
Subject key identifier: 17:40:54:31:9B:03:3E:24:C6:D3:12:47:2E:8B:30:45:A8:44:A1:E4
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 0185E8D72A3AE101E0C7D0F5E6B2CD593862
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/F0BUMZsDPiTG0xJHLoswRahEoeQ.roa
Signing time: Wed 25 Jan 2023 12:11:33 +0000
ROA not before: Wed 25 Jan 2023 12:11:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.199.0/24 maxlen: 24
80.86.196.0/24 maxlen: 24
80.86.198.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.251.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.253.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
81.221.255.0/24 maxlen: 24
195.49.16.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
212.59.186.0/24 maxlen: 24
212.59.184.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.21.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
212.59.189.0/24 maxlen: 24
212.59.188.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
82.195.224.0/24 maxlen: 24
82.195.226.0/24 maxlen: 24
82.195.225.0/24 maxlen: 24
82.195.227.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 24 May 2023 09:20:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e8:d7:2a:3a:e1:01:e0:c7:d0:f5:e6:b2:cd:59:38:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 25 12:11:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=174054319b033e24c6d312472e8b3045a844a1e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d0:23:cd:64:dc:48:e1:06:81:c2:4a:21:58:
cc:47:ba:12:1e:b2:5a:14:6c:5b:3b:ca:5a:9f:c4:
19:e9:7b:53:47:17:69:b5:11:69:e1:99:14:ba:f8:
34:d1:dd:01:a8:35:28:37:63:de:5a:6c:09:a5:18:
ba:9a:04:46:3f:71:3c:09:ac:08:86:4d:cf:74:61:
f3:cd:10:61:ed:c2:30:fa:d8:9a:cf:f1:df:a1:02:
b0:0b:29:cb:20:8f:fe:f2:cc:cb:da:53:27:ca:2a:
ec:34:ad:c0:81:57:3a:d6:80:55:ed:fc:e2:38:f9:
1c:cb:76:d6:a4:b0:b1:8b:b8:b5:4d:18:12:fb:b6:
e1:89:1e:0a:e5:5d:26:27:75:c9:10:32:ff:c8:e8:
e6:ed:29:3e:71:5d:e9:ea:7d:8e:3f:0c:0f:a7:20:
ef:9b:40:a4:03:e9:53:24:4a:9f:b3:6c:2f:ef:16:
9e:8b:33:80:61:88:fe:d6:cd:9c:b2:3b:29:7b:9c:
bd:c0:38:72:35:1f:4b:b2:43:0d:25:ca:02:c3:d4:
6c:37:80:e1:64:83:d7:6b:ae:9e:fe:78:3a:8b:f7:
9f:91:8d:50:05:e4:3b:1a:6c:bd:a2:ff:4e:c4:3f:
7f:51:8d:9c:5d:9c:ac:e6:62:9a:fd:97:70:84:9e:
fd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:40:54:31:9B:03:3E:24:C6:D3:12:47:2E:8B:30:45:A8:44:A1:E4
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/F0BUMZsDPiTG0xJHLoswRahEoeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
80.86.196.0/24
80.86.198.0/23
81.221.250.0-81.221.255.255
82.195.224.0/22
194.191.16.0-194.191.21.255
194.191.24.0-194.191.26.255
195.49.16.0/24
212.59.184.0/24
212.59.186.0/24
212.59.188.0/23
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
32:0c:fb:b5:7d:0e:98:d4:17:52:01:c3:5b:6d:1f:20:36:f5:
06:b3:a9:0f:98:b0:b6:3c:34:f5:fe:95:31:b2:13:1b:e3:d5:
dd:20:53:9d:c9:52:e0:c1:8c:e3:94:80:ca:c7:43:58:fc:4c:
f5:c9:d6:fa:37:54:e5:56:09:de:ec:85:7b:c0:e2:62:8d:89:
7d:dd:71:96:4d:3d:d0:24:6f:b2:4a:1d:26:f6:79:6e:63:ea:
4c:32:69:24:f8:ea:63:1a:2e:18:b8:75:86:dc:a4:8f:34:11:
fd:56:30:27:60:e4:c8:4e:c6:5f:cd:1b:19:84:bc:3c:30:de:
4a:3b:e5:ff:2d:42:3c:4b:64:6c:c7:34:9b:d5:4e:15:45:c9:
c0:ce:bd:4e:c9:c4:fe:f8:5c:ab:12:cb:6e:ca:78:c0:e6:0b:
21:95:dc:86:e8:a5:20:ba:41:33:92:cc:f6:0f:72:0f:5d:64:
53:2c:38:31:84:ce:02:64:6a:38:0f:4c:0c:53:53:54:94:d1:
de:2e:30:f4:0e:7f:f2:04:36:25:4e:32:af:34:ef:6d:38:ce:
55:75:25:ba:d3:cd:7b:18:87:8f:a5:f9:1d:9c:2a:d5:f7:51:
83:b6:0a:14:6c:d6:4f:12:0a:62:06:c7:c4:a4:8b:0d:a0:16:
d0:1e:79:8b
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYXo1yo64QHgx9D15rLNWThiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjMwMTI1MTIxMTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzQwNTQzMTliMDMzZTI0YzZkMzEyNDcyZThiMzA0NWE4NDRhMWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNAjzWTcSOEGgcJKIVjMR7oSHrJa
FGxbO8pan8QZ6XtTRxdptRFp4ZkUuvg00d0BqDUoN2PeWmwJpRi6mgRGP3E8CawI
hk3PdGHzzRBh7cIw+tiaz/HfoQKwCynLII/+8szL2lMnyirsNK3AgVc61oBV7fzi
OPkcy3bWpLCxi7i1TRgS+7bhiR4K5V0mJ3XJEDL/yOjm7Sk+cV3p6n2OPwwPpyDv
m0CkA+lTJEqfs2wv7xaeizOAYYj+1s2csjspe5y9wDhyNR9LskMNJcoCw9RsN4Dh
ZIPXa66e/ng6i/efkY1QBeQ7Gmy9ov9OxD9/UY2cXZys5mKa/ZdwhJ79aQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFBdAVDGbAz4kxtMSRy6LMEWoRKHkMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvRjBCVU1ac0RQaVRHMHhKSExvc3dSYWhFb2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwXwQCAAEwWQMEAVBWwAME
AFBWxAMEAVBWxjALAwQBUd36AwMBUdwDBAJSw+AwDAMEBMK/EAMEAcK/FDAMAwQD
wr8YAwQAwr8aAwQAwzEQAwQA1Du4AwQA1Du6AwQB1Du8MA8EAgACMAkDBwAqAQKo
IAEwDQYJKoZIhvcNAQELBQADggEBADIM+7V9DpjUF1IBw1ttHyA29QazqQ+YsLY8
NPX+lTGyExvj1d0gU53JUuDBjOOUgMrHQ1j8TPXJ1vo3VOVWCd7shXvA4mKNiX3d
cZZNPdAkb7JKHSb2eW5j6kwyaST46mMaLhi4dYbcpI80Ef1WMCdg5MhOxl/NGxmE
vDww3ko75f8tQjxLZGzHNJvVThVFycDOvU7JxP74XKsSy27KeMDmCyGV3IbopSC6
QTOSzPYPcg9dZFMsODGEzgJkajgPTAxTU1SU0d4uMPQOf/IENiVOMq807204zlV1
JbrTzXsYh4+l+R2cKtX3UYO2ChRs1k8SCmIGx8Skiw2gFtAeeYs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:03 2024 by rpki-client on console-fra.rpki-client.org