Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/FjH8lMHdjr3rdYCwl77UE5_i660.roa
File: FjH8lMHdjr3rdYCwl77UE5_i660.roa (raw, json)
Hash identifier: hFKQ/w7jmLqogd1Aw6nnk+vESl8JtNoR2OqMNtpnp8k=
Subject key identifier: 16:31:FC:94:C1:DD:8E:BD:EB:75:80:B0:97:BE:D4:13:9F:E2:EB:AD
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 018CC9BCD39B6B451A1D48F0089F09D97A27
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/FjH8lMHdjr3rdYCwl77UE5_i660.roa
Signing time: Tue 02 Jan 2024 10:34:04 +0000
ROA not before: Tue 02 Jan 2024 10:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58322
IP address blocks: 109.61.4.0/24 maxlen: 24
109.61.4.0/23 maxlen: 23
109.61.4.0/22 maxlen: 22
109.61.5.0/24 maxlen: 24
109.61.6.0/23 maxlen: 23
109.61.6.0/24 maxlen: 24
109.61.7.0/24 maxlen: 24
91.106.34.0/24 maxlen: 24
91.106.34.0/23 maxlen: 23
91.106.35.0/24 maxlen: 24
91.106.32.0/23 maxlen: 23
91.106.32.0/24 maxlen: 24
91.106.33.0/24 maxlen: 24
91.106.32.0/22 maxlen: 22
91.106.44.0/24 maxlen: 24
91.106.40.0/22 maxlen: 22
91.106.40.0/21 maxlen: 21
91.106.41.0/24 maxlen: 24
91.106.42.0/23 maxlen: 23
91.106.42.0/24 maxlen: 24
91.106.43.0/24 maxlen: 24
91.106.44.0/23 maxlen: 23
91.106.44.0/22 maxlen: 22
91.106.40.0/23 maxlen: 23
91.106.40.0/24 maxlen: 24
91.106.45.0/24 maxlen: 24
91.106.46.0/23 maxlen: 23
91.106.46.0/24 maxlen: 24
91.106.47.0/24 maxlen: 24
91.106.48.0/24 maxlen: 24
91.106.49.0/24 maxlen: 24
91.106.50.0/24 maxlen: 24
91.106.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Mar 2024 09:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d3:9b:6b:45:1a:1d:48:f0:08:9f:09:d9:7a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: Jan 2 10:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1631fc94c1dd8ebdeb7580b097bed4139fe2ebad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fa:87:2b:a6:08:c2:17:3b:27:85:95:d3:e6:
89:26:67:e0:f9:11:7f:3d:db:29:4e:a4:c2:7a:28:
34:75:0c:34:c1:37:40:a2:41:e8:bc:22:30:a0:3b:
c7:00:82:a4:cf:24:1b:14:0c:2d:66:e2:42:ed:a6:
6c:ec:0e:24:94:b4:94:fe:ce:f2:82:2a:4b:6f:68:
5a:72:4f:58:39:64:76:61:d4:f6:e8:87:ac:15:ca:
42:57:e8:cc:93:b9:ad:f8:1a:e2:e6:fa:05:fb:4a:
50:4e:23:87:d1:06:fd:af:fb:aa:65:4b:e8:70:d2:
53:87:b9:9f:9b:42:7c:dc:21:a1:dc:fa:90:16:e4:
a3:e5:22:99:2a:7c:64:8d:e0:51:f0:7d:18:64:0d:
31:1c:28:22:9e:5d:81:b4:34:f6:c4:35:0d:d6:19:
b8:fb:43:82:40:84:f8:ed:94:6e:1e:56:50:c4:ff:
e5:30:9c:c2:6f:65:62:62:ac:60:a4:09:40:c1:0f:
b7:08:12:3c:d1:3b:ec:78:d0:e8:7b:15:e9:c5:e5:
fc:f0:3e:b4:cc:0f:ac:57:25:8d:fb:4e:58:96:6e:
db:ec:c0:e5:77:95:ce:01:41:68:91:b1:bc:a9:c0:
9c:9c:d8:ef:67:7a:4e:f4:35:2b:8f:9b:06:e8:48:
be:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:31:FC:94:C1:DD:8E:BD:EB:75:80:B0:97:BE:D4:13:9F:E2:EB:AD
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/FjH8lMHdjr3rdYCwl77UE5_i660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.32.0/22
91.106.40.0-91.106.51.255
109.61.4.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:5f:d3:23:ce:e6:66:5f:94:66:9c:72:33:d6:81:bd:7b:a0:
b2:86:65:f2:1f:b0:10:58:64:a4:82:81:91:71:91:d7:c3:dd:
1c:8c:e3:ca:f9:bf:a7:40:f9:74:de:bf:d0:c2:16:b2:44:5d:
b3:7f:35:25:c3:d1:18:c1:91:7a:83:3d:d3:09:c3:8d:5c:e5:
f5:83:d8:b6:1b:54:fc:7b:17:a9:fc:95:e8:0a:6e:29:e6:a1:
ad:47:cf:be:a0:35:cf:82:92:e2:2f:13:ea:ff:03:af:3b:8a:
46:88:2c:a4:66:fe:ad:95:41:7d:d7:95:bd:39:7e:39:af:ad:
6d:37:83:c5:f4:95:74:e3:05:34:6e:e8:ad:42:96:b0:e5:74:
8a:0e:5b:2c:29:d5:49:31:7d:0a:3d:d3:12:4a:ba:74:32:54:
0c:a1:7f:86:83:a2:97:bb:03:a3:fa:69:22:3e:1a:7b:4f:e3:
40:92:ff:c8:79:f6:17:5f:c6:2e:78:75:16:96:bd:4f:2d:21:
7e:a1:93:63:60:3c:34:da:15:e2:ff:df:99:a5:4f:b8:15:ad:
f1:8f:7e:2a:e0:36:a6:0c:7b:f8:8c:f4:e9:a8:90:6e:88:97:
5d:24:88:d4:51:2a:29:97:2b:31:98:91:da:3e:95:7a:7e:30:
37:ab:e3:8a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzJvNOba0UaHUjwCJ8J2XonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjQwMTAyMTAzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjMxZmM5NGMxZGQ4ZWJkZWI3NTgwYjA5N2JlZDQxMzlmZTJlYmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfqHK6YIwhc7J4WV0+aJJmfg+RF/
PdspTqTCeig0dQw0wTdAokHovCIwoDvHAIKkzyQbFAwtZuJC7aZs7A4klLSU/s7y
gipLb2hack9YOWR2YdT26IesFcpCV+jMk7mt+Bri5voF+0pQTiOH0Qb9r/uqZUvo
cNJTh7mfm0J83CGh3PqQFuSj5SKZKnxkjeBR8H0YZA0xHCginl2BtDT2xDUN1hm4
+0OCQIT47ZRuHlZQxP/lMJzCb2ViYqxgpAlAwQ+3CBI80TvseNDoexXpxeX88D60
zA+sVyWN+05Ylm7b7MDld5XOAUFokbG8qcCcnNjvZ3pO9DUrj5sG6Ei+5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBYx/JTB3Y6963WAsJe+1BOf4uutMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvRmpIOGxNSGRqcjNyZFlDd2w3N1VFNV9pNjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW2ogMAwD
BANbaigDBAJbajADBAJtPQQwDQYJKoZIhvcNAQELBQADggEBAExf0yPO5mZflGac
cjPWgb17oLKGZfIfsBBYZKSCgZFxkdfD3RyM48r5v6dA+XTev9DCFrJEXbN/NSXD
0RjBkXqDPdMJw41c5fWD2LYbVPx7F6n8legKbinmoa1Hz76gNc+CkuIvE+r/A687
ikaILKRm/q2VQX3Xlb05fjmvrW03g8X0lXTjBTRu6K1ClrDldIoOWywp1UkxfQo9
0xJKunQyVAyhf4aDope7A6P6aSI+GntP40CS/8h59hdfxi54dRaWvU8tIX6hk2Ng
PDTaFeL/35mlT7gVrfGPfirgNqYMe/iM9OmokG6Il10kiNRRKimXKzGYkdo+lXp+
MDer44o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:06 2024 by rpki-client on console-ams.rpki-client.org