Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FNNeeGRcrwk-Bg0tilCvjzqdHKU.roa
File: FNNeeGRcrwk-Bg0tilCvjzqdHKU.roa (raw, json)
Hash identifier: BCGZUhsFC9F05k+SKeQ++A03Xc7gbl3YqPw/yUQQnZg=
Subject key identifier: 14:D3:5E:78:64:5C:AF:09:3E:06:0D:2D:8A:50:AF:8F:3A:9D:1C:A5
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 018DF9BA3C7536FBAF0993FC42D61CBEBC65
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FNNeeGRcrwk-Bg0tilCvjzqdHKU.roa
Signing time: Fri 01 Mar 2024 11:15:48 +0000
ROA not before: Fri 01 Mar 2024 11:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34471
IP address blocks: 2.59.108.0/22 maxlen: 24
31.25.176.0/21 maxlen: 24
37.122.219.0/24 maxlen: 24
46.28.160.0/21 maxlen: 24
89.40.84.0/22 maxlen: 24
91.242.148.0/22 maxlen: 24
109.235.16.0/21 maxlen: 24
176.56.64.0/19 maxlen: 24
185.4.32.0/22 maxlen: 24
185.5.84.0/22 maxlen: 24
185.10.248.0/22 maxlen: 24
185.70.152.0/22 maxlen: 24
185.83.132.0/22 maxlen: 24
185.153.16.0/22 maxlen: 24
185.176.104.0/22 maxlen: 24
185.205.253.0/24 maxlen: 24
185.205.254.0/24 maxlen: 24
185.223.216.0/22 maxlen: 24
185.228.124.0/22 maxlen: 24
185.239.160.0/22 maxlen: 24
193.246.154.0/23 maxlen: 24
193.246.156.0/23 maxlen: 24
194.156.72.0/22 maxlen: 24
2a02:5dc0::/32 maxlen: 32
2a02:5fc0::/32 maxlen: 48
2a03:440::/32 maxlen: 32
2a05:9b00::/29 maxlen: 29
2a05:a800::/29 maxlen: 29
2a06:3c00::/29 maxlen: 29
2a09:eac0::/29 maxlen: 29
2a0a:1280::/29 maxlen: 29
2a0b:c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 11:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:ba:3c:75:36:fb:af:09:93:fc:42:d6:1c:be:bc:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Mar 1 11:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14d35e78645caf093e060d2d8a50af8f3a9d1ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1a:18:f3:ec:68:77:e2:9f:87:ed:bc:99:02:
e9:ce:7d:0a:ca:dc:9f:1a:11:d0:5a:b1:2c:91:81:
e3:6f:b4:48:a1:a8:eb:5e:ee:ef:33:78:4c:a8:86:
2a:61:63:c3:d8:b7:43:e3:6a:a0:bc:31:e8:8a:1f:
53:60:5c:4c:e8:21:68:d0:4f:19:7f:81:b9:70:38:
5f:6a:0e:2c:e0:b3:da:b5:88:fc:25:f1:77:7b:6d:
e1:91:47:6b:fa:0c:00:05:3f:64:11:d9:6d:0b:54:
81:d7:9e:da:a8:b8:cc:3f:6e:e0:65:25:b6:84:c3:
e8:c2:b8:0c:70:df:f1:0c:d5:9c:30:04:c8:fb:94:
83:94:1a:78:3b:51:ed:1a:30:6a:b7:8a:65:c8:bb:
ff:1a:15:e1:a3:ec:38:d9:89:30:89:15:ab:af:94:
d0:45:12:27:d8:00:c2:49:c9:d6:9f:4f:81:50:31:
c6:3e:18:91:3a:9b:69:4a:f1:03:af:ff:8b:02:09:
b6:85:06:31:11:7c:3e:00:c2:80:30:dc:85:3e:d9:
12:00:70:38:9c:a4:d6:1b:19:0a:66:f8:78:3c:fe:
57:20:fe:63:77:78:3f:fa:f8:3a:b1:74:1f:8e:5d:
f5:3f:21:5e:16:bd:8f:24:f2:aa:27:21:b1:de:9f:
f6:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D3:5E:78:64:5C:AF:09:3E:06:0D:2D:8A:50:AF:8F:3A:9D:1C:A5
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/FNNeeGRcrwk-Bg0tilCvjzqdHKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.108.0/22
31.25.176.0/21
37.122.219.0/24
46.28.160.0/21
89.40.84.0/22
91.242.148.0/22
109.235.16.0/21
176.56.64.0/19
185.4.32.0/22
185.5.84.0/22
185.10.248.0/22
185.70.152.0/22
185.83.132.0/22
185.153.16.0/22
185.176.104.0/22
185.205.253.0-185.205.254.255
185.223.216.0/22
185.228.124.0/22
185.239.160.0/22
193.246.154.0-193.246.157.255
194.156.72.0/22
IPv6:
2a02:5dc0::/32
2a02:5fc0::/32
2a03:440::/32
2a05:9b00::/29
2a05:a800::/29
2a06:3c00::/29
2a09:eac0::/29
2a0a:1280::/29
2a0b:c40::/29
Signature Algorithm: sha256WithRSAEncryption
7e:f8:d2:31:87:fc:b0:3d:bc:72:b7:d9:68:16:61:46:24:fd:
52:bf:39:76:78:31:2f:1f:c4:b9:73:92:ae:96:11:5d:c1:85:
89:5a:1a:cd:44:18:b2:c0:18:2c:23:2d:98:a6:ef:19:af:11:
39:b9:f9:98:85:01:d7:28:e2:91:b4:f3:ea:b4:5c:e3:b6:0e:
bf:4b:b7:8c:f8:42:b5:c6:8d:a2:35:9e:dc:84:49:b5:18:43:
53:59:87:4b:2e:b2:25:5d:c9:4b:1f:99:a5:72:fe:93:ab:eb:
34:b4:10:0a:45:c7:49:c0:c4:e2:26:b9:2f:64:bc:97:b8:48:
bc:d8:2f:72:5b:b5:aa:91:ab:b3:fc:4e:2a:a5:06:bd:1e:af:
b4:cf:c0:4d:17:95:2f:d7:c5:6f:57:61:73:21:0b:ca:5c:a1:
14:c2:e6:04:34:7d:00:b5:df:c8:ae:6d:82:80:37:ce:72:8a:
fb:8f:28:e3:8a:12:c1:21:3a:d2:30:80:e4:65:61:d2:6e:bc:
e6:d8:75:ab:9f:40:53:81:fc:37:db:f1:30:71:3a:46:b5:f4:
60:2d:bf:42:f8:c6:db:ba:19:6e:8f:ad:5c:63:cd:28:29:60:
da:78:c5:d7:51:c8:ce:0c:fb:f9:81:20:4b:2b:69:26:f2:ee:
bb:97:8e:96
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAY35ujx1NvuvCZP8QtYcvrxlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjQwMzAxMTExNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGQzNWU3ODY0NWNhZjA5M2UwNjBkMmQ4YTUwYWY4ZjNhOWQxY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxoY8+xod+Kfh+28mQLpzn0Kytyf
GhHQWrEskYHjb7RIoajrXu7vM3hMqIYqYWPD2LdD42qgvDHoih9TYFxM6CFo0E8Z
f4G5cDhfag4s4LPatYj8JfF3e23hkUdr+gwABT9kEdltC1SB157aqLjMP27gZSW2
hMPowrgMcN/xDNWcMATI+5SDlBp4O1HtGjBqt4plyLv/GhXho+w42YkwiRWrr5TQ
RRIn2ADCScnWn0+BUDHGPhiROptpSvEDr/+LAgm2hQYxEXw+AMKAMNyFPtkSAHA4
nKTWGxkKZvh4PP5XIP5jd3g/+vg6sXQfjl31PyFeFr2PJPKqJyGx3p/2HQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFBTTXnhkXK8JPgYNLYpQr486nRylMB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvRk5OZWVHUmNyd2stQmcwdGlsQ3ZqenFkSEtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCBlQQCAAEwgY4DBAIC
O2wDBAMfGbADBAAletsDBAMuHKADBAJZKFQDBAJb8pQDBANt6xADBAWwOEADBAK5
BCADBAK5BVQDBAK5CvgDBAK5RpgDBAK5U4QDBAK5mRADBAK5sGgwDAMEALnN/QME
ALnN/gMEArnf2AMEArnkfAMEArnvoDAMAwQBwfaaAwQBwfacAwQCwpxIMEUEAgAC
MD8DBQAqAl3AAwUAKgJfwAMFACoDBEADBQMqBZsAAwUDKgWoAAMFAyoGPAADBQMq
CerAAwUDKgoSgAMFAyoLDEAwDQYJKoZIhvcNAQELBQADggEBAH740jGH/LA9vHK3
2WgWYUYk/VK/OXZ4MS8fxLlzkq6WEV3BhYlaGs1EGLLAGCwjLZim7xmvETm5+ZiF
Adco4pG08+q0XOO2Dr9Lt4z4QrXGjaI1ntyESbUYQ1NZh0susiVdyUsfmaVy/pOr
6zS0EApFx0nAxOImuS9kvJe4SLzYL3JbtaqRq7P8TiqlBr0er7TPwE0XlS/XxW9X
YXMhC8pcoRTC5gQ0fQC138iubYKAN85yivuPKOOKEsEhOtIwgORlYdJuvObYdauf
QFOB/Dfb8TBxOka19GAtv0L4xtu6GW6PrVxjzSgpYNp4xddRyM4M+/mBIEsraSby
7ruXjpY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org