Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fviUXy_wJvkiWKyR8VN7lahv0cE.roa
File: fviUXy_wJvkiWKyR8VN7lahv0cE.roa (raw, json)
Hash identifier: bSx2QUgS9jDFbQFYDLrZt+JdPpnvrXk/9No0DljL1Pw=
Subject key identifier: 7E:F8:94:5F:2F:F0:26:F9:22:58:AC:91:F1:53:7B:95:A8:6F:D1:C1
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018CCA29D3AA9F6F9416BA77731548648F39
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fviUXy_wJvkiWKyR8VN7lahv0cE.roa
Signing time: Tue 02 Jan 2024 12:33:07 +0000
ROA not before: Tue 02 Jan 2024 12:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52000
IP address blocks: 213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
83.171.224.0/24 maxlen: 24
83.171.226.0/24 maxlen: 24
83.171.227.0/24 maxlen: 24
141.98.87.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Feb 2024 21:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d3:aa:9f:6f:94:16:ba:77:73:15:48:64:8f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 2 12:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ef8945f2ff026f92258ac91f1537b95a86fd1c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:0e:96:8a:c3:8f:c4:2f:24:2f:f9:b5:cd:
57:4f:ab:1e:a3:bd:90:da:15:58:0d:18:3d:3a:53:
d2:85:f9:ee:16:68:14:7c:de:d3:e9:b9:54:8a:44:
88:46:c9:b4:02:26:4f:44:e5:37:65:63:c9:5a:dc:
5a:41:f6:15:01:cb:7a:fa:50:ef:35:38:1c:18:b5:
97:4f:87:e6:62:fb:58:05:4f:28:d8:5b:30:da:10:
b9:39:ee:e6:aa:e0:b2:b2:b5:0b:4d:ad:fc:e3:d8:
10:a9:9f:b5:07:7d:53:b2:19:79:16:c7:7c:30:c8:
ce:f5:6e:89:04:79:3f:af:8a:9a:ee:8d:eb:39:d1:
d7:b8:80:6a:0b:b0:1c:b2:0b:f7:4f:95:b4:3f:b2:
d7:cc:d7:c0:53:3d:ce:3b:4d:96:17:a6:11:ab:e5:
87:e8:77:cf:60:57:25:74:b3:e6:3b:e6:90:3a:2b:
df:af:1d:9e:1e:00:81:ef:cf:28:cb:8a:c7:7f:84:
b2:2f:de:88:65:c7:b3:ea:6a:08:1a:48:1c:a0:02:
61:bf:32:26:51:c8:16:1d:6c:4d:ff:6f:b0:6e:55:
b7:6e:7d:3f:89:b4:1e:82:42:e2:98:1f:26:82:2f:
4c:3c:9c:1f:ec:b8:8a:67:6c:f3:88:93:42:fb:e3:
37:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F8:94:5F:2F:F0:26:F9:22:58:AC:91:F1:53:7B:95:A8:6F:D1:C1
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/fviUXy_wJvkiWKyR8VN7lahv0cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
83.171.224.0/24
83.171.226.0/23
141.98.87.0/24
185.68.184.0/24
185.68.246.0/23
185.88.36.0/24
185.89.42.0/23
194.104.10.0/24
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
22:e3:79:c2:52:13:96:2c:fa:e7:a7:30:03:0f:a8:07:45:b9:
aa:19:1b:a5:26:05:fc:9f:4f:7f:50:c9:42:f4:b9:0d:36:99:
e1:d1:86:2a:ec:d0:27:c5:c4:44:64:91:07:10:fc:eb:72:32:
16:e4:96:93:19:f0:4f:2f:ec:70:49:ae:a1:6f:74:fe:88:d8:
22:13:77:4b:a8:60:26:fc:25:1f:5a:03:05:9d:3d:61:b7:36:
02:9f:c0:f8:cf:3e:22:87:fd:3f:f0:d0:de:09:33:be:cf:29:
6c:09:e1:a9:05:d7:a9:ab:52:d7:63:69:1b:5b:24:a9:a7:8e:
60:32:29:0b:5d:f8:2c:4e:6f:21:b0:a2:17:00:a6:ec:90:50:
05:52:c7:aa:e8:d4:db:92:8c:8d:e0:8f:3f:6f:e9:8b:1f:79:
26:42:45:d0:b8:2c:59:c6:f7:30:72:c1:31:cd:94:08:4a:be:
55:95:e5:83:46:b1:b1:38:58:c1:41:42:49:1c:e8:16:be:7d:
37:6a:54:f0:a3:0f:52:ab:75:7d:b7:4d:6b:6f:79:1e:a5:3d:
67:7c:0f:14:32:8e:d1:23:64:c4:5f:5c:69:fa:b7:13:11:13:
d2:56:9a:1f:d5:6c:93:9a:6e:e3:83:be:ce:10:28:cc:1f:37:
2d:f4:a6:af
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzKKdOqn2+UFrp3cxVIZI85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjQwMTAyMTIzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWY4OTQ1ZjJmZjAyNmY5MjI1OGFjOTFmMTUzN2I5NWE4NmZkMWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIcOlorDj8QvJC/5tc1XT6seo72Q
2hVYDRg9OlPShfnuFmgUfN7T6blUikSIRsm0AiZPROU3ZWPJWtxaQfYVAct6+lDv
NTgcGLWXT4fmYvtYBU8o2Fsw2hC5Oe7mquCysrULTa3849gQqZ+1B31Tshl5Fsd8
MMjO9W6JBHk/r4qa7o3rOdHXuIBqC7Acsgv3T5W0P7LXzNfAUz3OO02WF6YRq+WH
6HfPYFcldLPmO+aQOivfrx2eHgCB788oy4rHf4SyL96IZcez6moIGkgcoAJhvzIm
UcgWHWxN/2+wblW3bn0/ibQegkLimB8mgi9MPJwf7LiKZ2zziJNC++M3ywIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFH74lF8v8Cb5IliskfFTe5Wob9HBMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZnZpVVh5X3dKdmtpV0t5UjhWTjdsYWh2MGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQBBbWoAwQA
Bbf/AwQAU6vgAwQBU6viAwQAjWJXAwQAuUS4AwQBuUT2AwQAuVgkAwQBuVkqAwQA
wmgKAwQA1eh4AwQA1eh6MA0GCSqGSIb3DQEBCwUAA4IBAQAi43nCUhOWLPrnpzAD
D6gHRbmqGRulJgX8n09/UMlC9LkNNpnh0YYq7NAnxcREZJEHEPzrcjIW5JaTGfBP
L+xwSa6hb3T+iNgiE3dLqGAm/CUfWgMFnT1htzYCn8D4zz4ih/0/8NDeCTO+zyls
CeGpBdepq1LXY2kbWySpp45gMikLXfgsTm8hsKIXAKbskFAFUseq6NTbkoyN4I8/
b+mLH3kmQkXQuCxZxvcwcsExzZQISr5VleWDRrGxOFjBQUJJHOgWvn03alTwow9S
q3V9t01rb3kepT1nfA8UMo7RI2TEX1xp+rcTERPSVpof1WyTmm7jg77OECjMHzct
9Kav
-----END CERTIFICATE-----
Generated at Wed Feb 14 22:41:27 2024 by rpki-client on console-ams.rpki-client.org