Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/FzgE-fE9Us0XqDQ4GxClCOB8kv4.roa
File: FzgE-fE9Us0XqDQ4GxClCOB8kv4.roa (raw, json)
Hash identifier: fheoVWRjRFt4CSyc+lUQPNCpqUxfSsZGYLsbCsssvj8=
Subject key identifier: 17:38:04:F9:F1:3D:52:CD:17:A8:34:38:1B:10:A5:08:E0:7C:92:FE
Certificate issuer: /CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Certificate serial: 0185724C9902ABBE47C3FFF5FE2F89FFEF63
Authority key identifier: 98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/FzgE-fE9Us0XqDQ4GxClCOB8kv4.roa
Signing time: Mon 02 Jan 2023 11:45:00 +0000
ROA not before: Mon 02 Jan 2023 11:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8362
IP address blocks: 5.158.240.0/20 maxlen: 20
79.141.192.0/24 maxlen: 24
79.141.193.0/24 maxlen: 24
79.141.197.0/24 maxlen: 24
79.141.206.0/23 maxlen: 23
195.146.224.0/20 maxlen: 20
37.220.48.0/20 maxlen: 20
46.162.128.0/18 maxlen: 18
195.146.240.0/20 maxlen: 20
62.64.32.0/19 maxlen: 19
2a01:8e80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:99:02:ab:be:47:c3:ff:f5:fe:2f:89:ff:ef:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9812e491aaa655b6324dbcc0cff00a8d63191076
Validity
Not Before: Jan 2 11:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=173804f9f13d52cd17a834381b10a508e07c92fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:85:2f:bd:1c:b0:f8:ea:0c:d6:d5:8a:e4:df:
df:f3:f7:0d:b8:6e:83:1e:1e:a3:2f:44:7c:65:3c:
4a:88:fb:67:c8:cb:9b:05:ce:61:de:00:69:fe:48:
e6:9f:87:e0:ad:a4:3b:e9:d4:45:47:4f:7e:ed:2a:
bb:23:52:a6:e9:5f:0d:c9:5b:b7:99:ce:a5:f4:d0:
4a:49:1b:71:28:db:e2:0e:e0:e0:53:75:2f:fe:fe:
2b:4e:9c:bb:93:cc:7d:a3:4c:ef:f4:0c:51:ec:66:
dd:24:a9:48:e1:93:be:82:af:75:dc:97:b2:ce:d5:
4e:da:82:88:9b:f4:44:0d:89:0e:33:11:39:eb:84:
01:33:2c:c1:2d:d2:43:db:f5:9c:cd:fe:54:e3:d3:
04:57:64:97:09:1c:26:09:84:8c:fb:47:82:1d:04:
88:d6:47:00:48:55:ff:24:d2:2d:2c:80:83:52:c9:
ad:31:e8:c4:6e:87:c9:2b:16:bd:60:4a:cb:be:af:
b6:4d:85:03:88:b3:ee:d5:23:ba:fb:74:ce:51:de:
72:a6:ea:66:de:e1:51:ad:82:22:d6:85:f9:e2:40:
f9:78:aa:27:0a:26:d6:fa:04:4e:d0:f4:4f:d4:34:
c1:00:ea:9c:e6:84:9d:bd:8d:a6:ff:52:a5:d7:f2:
95:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:38:04:F9:F1:3D:52:CD:17:A8:34:38:1B:10:A5:08:E0:7C:92:FE
X509v3 Authority Key Identifier:
keyid:98:12:E4:91:AA:A6:55:B6:32:4D:BC:C0:CF:F0:0A:8D:63:19:10:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBLkkaqmVbYyTbzAz_AKjWMZEHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/FzgE-fE9Us0XqDQ4GxClCOB8kv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/0e7ed3-48cb-4afe-8d15-dffe17f3db54/1/mBLkkaqmVbYyTbzAz_AKjWMZEHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.240.0/20
37.220.48.0/20
46.162.128.0/18
62.64.32.0/19
79.141.192.0/23
79.141.197.0/24
79.141.206.0/23
195.146.224.0/19
IPv6:
2a01:8e80::/29
Signature Algorithm: sha256WithRSAEncryption
66:99:58:af:72:db:d1:ad:25:20:3b:e0:b5:83:c1:0c:89:d5:
de:34:03:3f:9c:17:c6:0a:69:b9:bd:cd:8b:9e:ee:51:3d:c4:
ce:0a:d5:2f:6b:9d:a5:72:06:04:c0:80:c7:92:dc:21:65:6a:
a7:c5:70:6a:03:2e:1c:9b:0f:86:2b:c9:81:8c:9c:8f:b5:cf:
dc:ac:4c:66:0c:e8:e2:fc:0d:45:55:b1:28:2f:d9:03:d3:cc:
3f:a1:87:34:48:d6:a9:7f:06:c8:11:6d:10:43:4a:9b:73:91:
8b:55:f8:7d:83:9d:80:5e:2c:bc:4b:84:b8:a9:8b:58:f0:a5:
dc:87:84:d5:20:2d:26:fa:26:91:5a:1a:44:ad:db:96:f5:44:
68:e7:11:73:8a:97:ce:ba:3c:8a:c8:9e:51:00:33:5b:3a:19:
d2:3c:19:5c:39:07:fa:1c:4b:2a:d5:df:ba:ec:05:6d:ee:d7:
71:5d:d8:dc:ad:3c:73:cf:d5:81:4f:1a:ee:0f:5d:9c:ac:48:
dd:f8:21:d3:34:fb:c8:12:f6:51:0a:95:30:6c:ea:66:8b:b9:
3e:0a:69:3b:36:0e:4c:a6:ea:10:ac:91:31:6f:d5:39:d6:b4:
ab:b1:f8:d4:ae:e0:f3:40:c3:a5:74:5c:cc:95:14:a6:59:c6:
d0:43:a3:0b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVyTJkCq75Hw//1/i+J/+9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTJlNDkxYWFhNjU1YjYzMjRkYmNjMGNmZjAwYThkNjMx
OTEwNzYwHhcNMjMwMTAyMTE0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM4MDRmOWYxM2Q1MmNkMTdhODM0MzgxYjEwYTUwOGUwN2M5MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIUvvRyw+OoM1tWK5N/f8/cNuG6D
Hh6jL0R8ZTxKiPtnyMubBc5h3gBp/kjmn4fgraQ76dRFR09+7Sq7I1Km6V8NyVu3
mc6l9NBKSRtxKNviDuDgU3Uv/v4rTpy7k8x9o0zv9AxR7GbdJKlI4ZO+gq913Jey
ztVO2oKIm/REDYkOMxE564QBMyzBLdJD2/Wczf5U49MEV2SXCRwmCYSM+0eCHQSI
1kcASFX/JNItLICDUsmtMejEbofJKxa9YErLvq+2TYUDiLPu1SO6+3TOUd5ypupm
3uFRrYIi1oX54kD5eKonCibW+gRO0PRP1DTBAOqc5oSdvY2m/1Kl1/KVxQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBc4BPnxPVLNF6g0OBsQpQjgfJL+MB8GA1UdIwQY
MBaAFJgS5JGqplW2Mk28wM/wCo1jGRB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUt
ZGZmZTE3ZjNkYjU0LzEvRnpnRS1mRTlVczBYcURRNEd4Q2xDT0I4a3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni8wZTdlZDMtNDhjYi00YWZlLThkMTUtZGZmZTE3ZjNkYjU0
LzEvbUJMa2thcW1WYll5VGJ6QXpfQUtqV01aRUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEBZ7wAwQE
JdwwAwQGLqKAAwQFPkAgAwQBT43AAwQAT43FAwQBT43OAwQFw5LgMA0EAgACMAcD
BQMqAY6AMA0GCSqGSIb3DQEBCwUAA4IBAQBmmVivctvRrSUgO+C1g8EMidXeNAM/
nBfGCmm5vc2Lnu5RPcTOCtUva52lcgYEwIDHktwhZWqnxXBqAy4cmw+GK8mBjJyP
tc/crExmDOji/A1FVbEoL9kD08w/oYc0SNapfwbIEW0QQ0qbc5GLVfh9g52AXiy8
S4S4qYtY8KXch4TVIC0m+iaRWhpErduW9URo5xFzipfOujyKyJ5RADNbOhnSPBlc
OQf6HEsq1d+67AVt7tdxXdjcrTxzz9WBTxruD12crEjd+CHTNPvIEvZRCpUwbOpm
i7k+Cmk7Ng5MpuoQrJExb9U51rSrsfjUruDzQMOldFzMlRSmWcbQQ6ML
Generated at Tue Jul 25 05:09:26 2023 by rpki-client on console-ams.rpki-client.org