Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/fwvWMnDfCEJNpe-zs2uAXiwc8yU.roa
File: fwvWMnDfCEJNpe-zs2uAXiwc8yU.roa (raw, json)
Hash identifier: 6pbKV/DPOXpNhFxp3rn0ABqJE0cNPiRfFSEzEEdUuio=
Subject key identifier: 7F:0B:D6:32:70:DF:08:42:4D:A5:EF:B3:B3:6B:80:5E:2C:1C:F3:25
Certificate issuer: /CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Certificate serial: 018570675139B4D46EC332D29D7D5BD61B70
Authority key identifier: 17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/fwvWMnDfCEJNpe-zs2uAXiwc8yU.roa
Signing time: Mon 02 Jan 2023 02:54:57 +0000
ROA not before: Mon 02 Jan 2023 02:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57888
IP address blocks: 5.149.78.0/23 maxlen: 23
217.9.20.0/22 maxlen: 22
5.149.80.0/22 maxlen: 22
5.149.80.0/21 maxlen: 21
5.149.84.0/22 maxlen: 22
5.149.92.0/22 maxlen: 22
85.235.84.0/22 maxlen: 22
194.99.16.0/22 maxlen: 22
194.53.156.0/22 maxlen: 22
5.149.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Mon 28 Aug 2023 10:24:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:51:39:b4:d4:6e:c3:32:d2:9d:7d:5b:d6:1b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1759436869089cd9c7e6d02028f24a2fe49b86d5
Validity
Not Before: Jan 2 02:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f0bd63270df08424da5efb3b36b805e2c1cf325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c6:5c:4f:6b:cc:b1:37:bf:2a:2a:7f:a6:ad:
6f:fe:90:d5:0c:4f:06:bb:9d:50:84:cd:b9:7a:f1:
e5:b2:0d:4f:a3:95:6b:89:ba:0b:92:a2:3a:c7:16:
2c:5c:24:af:2a:d4:9b:b8:71:54:6f:ec:cd:ba:f5:
35:26:74:3d:f0:0f:7a:77:20:e0:09:92:99:de:7e:
55:53:e6:62:44:8e:f8:e5:17:db:4b:cc:d9:c3:cb:
88:41:a7:66:83:06:71:fa:ae:9c:bd:ac:80:e0:02:
5f:02:13:48:5d:1f:07:e1:04:ed:c5:a4:01:4c:ab:
19:c3:9b:9c:bc:a0:f0:2c:61:f4:df:74:0c:7c:4a:
ca:c5:4e:f1:0c:b8:e2:c3:e7:c1:a5:93:4c:64:e7:
20:1a:c3:68:5f:14:9f:88:5d:61:43:02:23:da:7a:
09:63:81:85:97:bd:13:a7:d3:fe:22:94:b8:ab:52:
83:4b:b3:78:65:78:96:49:87:02:bd:0d:e0:8f:c3:
2e:cd:62:8d:f8:b3:ab:6c:41:b6:4c:bc:9d:7e:f2:
8a:15:df:09:dc:86:db:e4:65:16:7e:4b:c8:bf:45:
54:03:52:a3:bf:68:66:48:a1:41:9d:03:03:33:0b:
c0:8d:34:c8:d5:3e:cc:25:02:1f:c1:ae:a2:2d:46:
33:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:0B:D6:32:70:DF:08:42:4D:A5:EF:B3:B3:6B:80:5E:2C:1C:F3:25
X509v3 Authority Key Identifier:
keyid:17:59:43:68:69:08:9C:D9:C7:E6:D0:20:28:F2:4A:2F:E4:9B:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F1lDaGkInNnH5tAgKPJKL-SbhtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/fwvWMnDfCEJNpe-zs2uAXiwc8yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/7247d2-0a28-4e4a-aa0c-fef41dd876c0/1/F1lDaGkInNnH5tAgKPJKL-SbhtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.64.0-5.149.87.255
5.149.92.0/22
85.235.84.0/22
194.53.156.0/22
194.99.16.0/22
217.9.20.0/22
Signature Algorithm: sha256WithRSAEncryption
30:f3:e6:40:bf:f3:fa:3c:6f:23:ab:db:83:96:45:77:84:da:
ae:0b:26:6f:5c:57:8e:38:99:c8:5a:11:13:7d:0c:40:68:d1:
cd:1f:a7:a1:f0:32:a2:a8:d7:f3:e4:19:bb:fa:1c:46:1e:1b:
01:96:68:66:a7:81:1d:44:fb:03:24:47:8b:0e:5f:8c:6f:bc:
ed:a4:1b:2c:e9:72:ea:71:1f:54:79:c1:97:cd:55:23:bf:50:
19:96:36:e0:df:2c:e3:c6:14:4d:0e:f6:a2:53:75:29:29:1a:
a8:1f:8d:64:20:ed:18:c0:05:29:ad:d6:3f:2f:6f:e5:c5:bd:
68:93:b3:fa:17:fe:ac:5f:ca:78:7c:78:b8:5a:29:be:59:ab:
b5:e8:c1:27:21:ea:40:ff:85:32:06:67:9b:13:08:be:f5:95:
ed:62:21:bb:ab:d9:28:4f:c3:0c:c3:6a:11:7a:9c:9b:30:86:
65:a6:a2:d2:3e:15:1e:b5:0d:4d:df:44:c1:79:2f:b7:d4:68:
28:ef:e1:a8:ff:8c:61:d5:7d:0e:95:2e:82:80:30:7b:ac:de:
30:a8:72:4b:04:31:a5:df:cc:1c:d5:84:82:c2:29:1c:58:b7:
65:b3:c4:46:bd:e3:69:43:0c:1d:cb:0b:7f:d5:39:88:18:a1:
77:37:97:c5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVwZ1E5tNRuwzLSnX1b1htwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NTk0MzY4NjkwODljZDljN2U2ZDAyMDI4ZjI0YTJmZTQ5
Yjg2ZDUwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjBiZDYzMjcwZGYwODQyNGRhNWVmYjNiMzZiODA1ZTJjMWNmMzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcZcT2vMsTe/Kip/pq1v/pDVDE8G
u51QhM25evHlsg1Po5VriboLkqI6xxYsXCSvKtSbuHFUb+zNuvU1JnQ98A96dyDg
CZKZ3n5VU+ZiRI745RfbS8zZw8uIQadmgwZx+q6cvayA4AJfAhNIXR8H4QTtxaQB
TKsZw5ucvKDwLGH033QMfErKxU7xDLjiw+fBpZNMZOcgGsNoXxSfiF1hQwIj2noJ
Y4GFl70Tp9P+IpS4q1KDS7N4ZXiWSYcCvQ3gj8MuzWKN+LOrbEG2TLydfvKKFd8J
3Ibb5GUWfkvIv0VUA1Kjv2hmSKFBnQMDMwvAjTTI1T7MJQIfwa6iLUYzuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFH8L1jJw3whCTaXvs7NrgF4sHPMlMB8GA1UdIwQY
MBaAFBdZQ2hpCJzZx+bQICjySi/km4bVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMt
ZmVmNDFkZDg3NmMwLzEvZnd2V01uRGZDRUpOcGUtenMydUFYaXdjOHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS83MjQ3ZDItMGEyOC00ZTRhLWFhMGMtZmVmNDFkZDg3NmMw
LzEvRjFsRGFHa0luTm5INXRBZ0tQSktMLVNiaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAYFlUAD
BAMFlVADBAIFlVwDBAJV61QDBALCNZwDBALCYxADBALZCRQwDQYJKoZIhvcNAQEL
BQADggEBADDz5kC/8/o8byOr24OWRXeE2q4LJm9cV444mchaERN9DEBo0c0fp6Hw
MqKo1/PkGbv6HEYeGwGWaGangR1E+wMkR4sOX4xvvO2kGyzpcupxH1R5wZfNVSO/
UBmWNuDfLOPGFE0O9qJTdSkpGqgfjWQg7RjABSmt1j8vb+XFvWiTs/oX/qxfynh8
eLhaKb5Zq7XowSch6kD/hTIGZ5sTCL71le1iIbur2ShPwwzDahF6nJswhmWmotI+
FR61DU3fRMF5L7fUaCjv4aj/jGHVfQ6VLoKAMHus3jCocksEMaXfzBzVhILCKRxY
t2WzxEa942lDDB3LC3/VOYgYoXc3l8U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:44 2024 by rpki-client on console-fra.rpki-client.org