Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa
File: FQLPrxlwDlC6UDKvHaIGltKDEA0.roa (raw, json)
Hash identifier: LZP1TbAiIdx8kw5OoiNfq/SgFuMI7pOj6A3uc/VcH9g=
Subject key identifier: 15:02:CF:AF:19:70:0E:50:BA:50:32:AF:1D:A2:06:96:D2:83:10:0D
Certificate issuer: /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial: 0185723A30A36CCEE08A85028737A686DE6C
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49558
IP address blocks: 195.20.137.0/24 maxlen: 24
194.4.164.0/22 maxlen: 22
91.228.64.0/22 maxlen: 22
45.128.224.0/22 maxlen: 22
91.213.39.0/24 maxlen: 24
2a0d:8540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:30:a3:6c:ce:e0:8a:85:02:87:37:a6:86:de:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1502cfaf19700e50ba5032af1da20696d283100d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f5:6e:43:e4:43:95:cb:df:cd:12:0c:0c:65:
2f:3b:f0:a3:80:c6:e4:71:d9:02:86:f4:3b:42:ec:
13:a9:18:74:7e:90:1a:ef:f1:be:f6:34:e9:ee:a1:
40:13:15:49:ae:69:5c:04:9a:70:28:2b:ee:7d:89:
9f:56:9a:8a:f3:05:79:ff:5d:20:2d:45:6d:bb:c7:
22:06:e4:f9:94:e4:ac:fa:77:9b:0f:19:33:35:1a:
35:83:8d:1f:7b:77:62:8e:2a:d2:cc:36:c5:62:76:
8f:98:4d:58:4b:07:73:92:67:36:88:aa:40:62:38:
97:72:aa:0e:32:73:13:a1:ad:f9:38:02:8b:79:1e:
e0:ba:fc:f8:fd:0d:ae:6a:d8:9a:8b:3a:60:a6:84:
29:49:0d:ff:3c:2d:1d:88:09:0a:c1:fc:e2:8a:a1:
9c:7f:d5:b4:66:56:3e:a6:68:4b:ba:ea:b2:59:c1:
ea:ba:7d:b7:33:7e:be:ba:fe:c0:96:aa:4b:58:35:
10:53:1b:ff:34:c3:7b:1c:d2:ec:6e:8f:79:67:26:
7d:ad:25:26:33:e3:dc:78:48:84:54:65:9d:04:1d:
b3:b5:8c:36:3a:ac:cf:b8:7e:87:71:55:8f:63:fc:
ce:87:5e:51:60:67:29:c1:c8:d0:8f:6d:94:ae:e1:
49:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:02:CF:AF:19:70:0E:50:BA:50:32:AF:1D:A2:06:96:D2:83:10:0D
X509v3 Authority Key Identifier:
keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/FQLPrxlwDlC6UDKvHaIGltKDEA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.224.0/22
91.213.39.0/24
91.228.64.0/22
194.4.164.0/22
195.20.137.0/24
IPv6:
2a0d:8540::/29
Signature Algorithm: sha256WithRSAEncryption
48:ec:cf:ca:c9:8d:d1:ff:ca:39:1c:f3:46:4e:47:92:aa:d3:
67:55:9b:03:68:0c:b8:dd:0a:bc:81:02:a8:22:97:25:c0:7d:
4a:c7:b3:6b:37:81:db:0c:72:36:67:3d:44:44:1a:29:37:33:
53:89:65:ba:fc:80:94:79:a6:ce:77:3b:8d:76:5f:59:42:d0:
ff:55:b5:c0:75:05:74:ab:c2:cd:65:6c:b6:90:10:47:b2:68:
72:13:72:09:9f:85:0e:32:ba:ca:24:9a:5e:58:ac:e2:a3:ff:
08:35:b1:d6:52:ed:65:fe:01:ef:b4:39:3f:c6:49:85:87:c0:
f3:bc:ac:84:d2:c9:cd:8a:be:8b:05:7d:ae:2d:df:ed:23:97:
19:12:ed:83:e2:c9:42:8b:bf:5f:38:17:fb:66:68:23:05:8c:
0f:6a:5a:1d:b4:57:43:b6:69:32:04:e8:d8:af:85:5a:28:15:
6d:33:1c:4e:19:d3:fa:7e:af:4d:b8:49:83:45:b8:a6:3d:25:
83:f9:b3:aa:25:04:cf:42:f1:0e:76:19:8d:ce:71:ee:d1:ef:
3f:19:88:a0:f3:cd:9b:e6:af:d3:f9:56:3e:31:8a:66:82:14:
ff:61:d2:c1:42:b6:5e:b0:b9:0e:99:56:44:cb:48:07:1e:41:
25:9e:bf:3d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVyOjCjbM7gioUChzemht5sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTAyY2ZhZjE5NzAwZTUwYmE1MDMyYWYxZGEyMDY5NmQyODMxMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifVuQ+RDlcvfzRIMDGUvO/CjgMbk
cdkChvQ7QuwTqRh0fpAa7/G+9jTp7qFAExVJrmlcBJpwKCvufYmfVpqK8wV5/10g
LUVtu8ciBuT5lOSs+nebDxkzNRo1g40fe3dijirSzDbFYnaPmE1YSwdzkmc2iKpA
YjiXcqoOMnMToa35OAKLeR7guvz4/Q2uatiaizpgpoQpSQ3/PC0diAkKwfziiqGc
f9W0ZlY+pmhLuuqyWcHqun23M36+uv7AlqpLWDUQUxv/NMN7HNLsbo95ZyZ9rSUm
M+PceEiEVGWdBB2ztYw2OqzPuH6HcVWPY/zOh15RYGcpwcjQj22UruFJQQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBUCz68ZcA5QulAyrx2iBpbSgxANMB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvRlFMUHJ4bHdEbEM2VURLdkhhSUdsdEtERUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYDgAwQA
W9UnAwQCW+RAAwQCwgSkAwQAwxSJMA0EAgACMAcDBQMqDYVAMA0GCSqGSIb3DQEB
CwUAA4IBAQBI7M/KyY3R/8o5HPNGTkeSqtNnVZsDaAy43Qq8gQKoIpclwH1Kx7Nr
N4HbDHI2Zz1ERBopNzNTiWW6/ICUeabOdzuNdl9ZQtD/VbXAdQV0q8LNZWy2kBBH
smhyE3IJn4UOMrrKJJpeWKzio/8INbHWUu1l/gHvtDk/xkmFh8DzvKyE0snNir6L
BX2uLd/tI5cZEu2D4slCi79fOBf7ZmgjBYwPalodtFdDtmkyBOjYr4VaKBVtMxxO
GdP6fq9NuEmDRbimPSWD+bOqJQTPQvEOdhmNznHu0e8/GYig882b5q/T+VY+MYpm
ghT/YdLBQrZesLkOmVZEy0gHHkElnr89
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:56 2023 by rpki-client on console-ams.rpki-client.org