Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/fhUeMF6RZRLW6Bn6OSlCJuLHLh8.roa
File: fhUeMF6RZRLW6Bn6OSlCJuLHLh8.roa (raw, json)
Hash identifier: sCgcrx5ZwNK5xSTqZuzyUUtWM+tLTMQxy9iq9Rjz6mI=
Subject key identifier: 7E:15:1E:30:5E:91:65:12:D6:E8:19:FA:39:29:42:26:E2:C7:2E:1F
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01856C1CA01550A8648B792C7548A1ACB7E3
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/fhUeMF6RZRLW6Bn6OSlCJuLHLh8.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201341
IP address blocks: 37.156.6.0/24 maxlen: 24
188.240.69.0/24 maxlen: 24
85.204.245.0/24 maxlen: 24
85.204.251.0/24 maxlen: 24
89.36.142.0/24 maxlen: 24
188.208.102.0/24 maxlen: 24
188.215.34.0/24 maxlen: 24
89.37.234.0/24 maxlen: 24
176.223.67.0/24 maxlen: 24
89.34.172.0/24 maxlen: 24
89.36.225.0/24 maxlen: 24
188.213.218.0/24 maxlen: 24
188.240.211.0/24 maxlen: 24
86.107.102.0/24 maxlen: 24
89.33.118.0/24 maxlen: 24
89.33.117.0/24 maxlen: 24
46.102.251.0/24 maxlen: 24
94.177.22.0/24 maxlen: 24
37.153.134.0/24 maxlen: 24
89.35.126.0/24 maxlen: 24
185.77.165.0/24 maxlen: 24
185.77.164.0/24 maxlen: 24
185.77.166.0/24 maxlen: 24
185.77.167.0/24 maxlen: 24
86.105.13.0/24 maxlen: 24
89.39.122.0/24 maxlen: 24
188.211.26.0/24 maxlen: 24
86.105.7.0/24 maxlen: 24
2a05:6300::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a0:15:50:a8:64:8b:79:2c:75:48:a1:ac:b7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e151e305e916512d6e819fa39294226e2c72e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:3e:26:94:f8:72:2a:19:5d:3c:54:7c:0b:a0:
44:77:49:2b:23:82:c9:f4:ac:a8:d6:f7:e8:0d:d6:
0e:d3:2d:75:bd:45:9b:eb:ac:f8:27:b7:47:52:74:
84:e7:08:eb:a1:cb:cf:d4:d2:1b:ec:36:db:ce:31:
4c:7f:18:71:f7:17:8d:d3:72:63:4a:35:fe:5f:ba:
90:e4:63:f7:29:30:34:80:e0:7b:1f:16:d3:52:45:
27:76:a9:c0:a5:c6:9d:1b:36:cb:8c:49:ff:1e:3a:
fa:d7:6a:df:86:ec:62:76:d5:b1:ed:f4:79:f4:10:
ff:c9:7a:96:cf:c5:91:72:d4:91:19:2b:51:15:d7:
3e:b1:fe:4a:77:a2:87:08:9d:db:ff:c5:ef:33:2f:
8e:c9:8d:56:02:1d:b7:e5:b0:65:43:a9:b6:cb:37:
77:b0:b1:c3:c8:0c:4e:21:d2:6c:53:48:a3:a0:7f:
b4:77:89:31:b1:58:31:30:90:00:a4:45:f6:60:22:
1a:ae:d3:5e:05:46:48:4f:28:98:ec:de:05:44:60:
d7:71:73:7d:13:ad:cd:78:cd:3f:2a:5a:75:0b:62:
b5:b1:71:8c:70:55:2f:5f:5c:c3:e8:03:c6:80:97:
ab:68:e1:40:e2:4e:34:85:a5:dc:ae:c9:04:93:a9:
cf:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:15:1E:30:5E:91:65:12:D6:E8:19:FA:39:29:42:26:E2:C7:2E:1F
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/fhUeMF6RZRLW6Bn6OSlCJuLHLh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.134.0/24
37.156.6.0/24
46.102.251.0/24
85.204.245.0/24
85.204.251.0/24
86.105.7.0/24
86.105.13.0/24
86.107.102.0/24
89.33.117.0-89.33.118.255
89.34.172.0/24
89.35.126.0/24
89.36.142.0/24
89.36.225.0/24
89.37.234.0/24
89.39.122.0/24
94.177.22.0/24
176.223.67.0/24
185.77.164.0/22
188.208.102.0/24
188.211.26.0/24
188.213.218.0/24
188.215.34.0/24
188.240.69.0/24
188.240.211.0/24
IPv6:
2a05:6300::/29
Signature Algorithm: sha256WithRSAEncryption
48:ef:a7:75:47:10:c7:c2:1d:92:2f:2b:1c:b0:45:4b:f2:f2:
a1:54:ea:6b:f9:79:9c:79:ed:52:4e:49:f2:07:24:ea:a3:3b:
3f:5d:d2:77:a4:fd:d6:ef:f5:c4:1a:07:e7:7c:5b:02:44:41:
56:92:67:66:9f:d8:0f:50:22:d2:8f:2c:75:fc:ae:e1:de:58:
fe:9e:00:30:d8:d9:e0:71:f1:e5:a9:c5:be:d0:35:48:3c:b5:
d3:2a:e0:d7:0f:4b:dd:9f:8b:b0:93:99:92:3d:ec:a8:41:d2:
14:d2:b0:f9:db:9d:c2:3e:40:3d:08:c5:d0:ba:67:65:b5:7b:
8e:93:49:9c:f0:1c:77:f8:49:8c:51:39:f4:47:40:53:ad:de:
38:33:0d:db:87:c0:96:4a:23:fb:16:ae:45:fa:c5:30:76:3b:
1f:64:f1:42:c9:ff:e0:31:08:4d:bc:90:b7:19:69:4d:0f:28:
f5:76:81:12:a5:49:77:31:dd:53:64:10:d8:c0:dc:29:20:e4:
68:51:4b:71:d8:a2:e7:85:95:70:69:46:bf:a2:84:cb:da:69:
e8:e5:63:14:de:a8:4e:b2:ad:e9:c2:4e:5b:2a:7a:d5:67:9b:
41:63:9a:a5:4c:08:15:e6:76:ee:76:5a:29:a0:c0:49:5d:c8:
cb:4d:de:17
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAYVsHKAVUKhki3ksdUihrLfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTE1MWUzMDVlOTE2NTEyZDZlODE5ZmEzOTI5NDIyNmUyYzcyZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArD4mlPhyKhldPFR8C6BEd0krI4LJ
9Kyo1vfoDdYO0y11vUWb66z4J7dHUnSE5wjrocvP1NIb7DbbzjFMfxhx9xeN03Jj
SjX+X7qQ5GP3KTA0gOB7HxbTUkUndqnApcadGzbLjEn/Hjr612rfhuxidtWx7fR5
9BD/yXqWz8WRctSRGStRFdc+sf5Kd6KHCJ3b/8XvMy+OyY1WAh235bBlQ6m2yzd3
sLHDyAxOIdJsU0ijoH+0d4kxsVgxMJAApEX2YCIartNeBUZITyiY7N4FRGDXcXN9
E63NeM0/Klp1C2K1sXGMcFUvX1zD6APGgJeraOFA4k40haXcrskEk6nPkwIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFH4VHjBekWUS1ugZ+jkpQibixy4fMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvZmhVZU1GNlJaUkxXNkJuNk9TbENKdUxITGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAl
mYYDBAAlnAYDBAAuZvsDBABVzPUDBABVzPsDBABWaQcDBABWaQ0DBABWa2YwDAME
AFkhdQMEAFkhdgMEAFkirAMEAFkjfgMEAFkkjgMEAFkk4QMEAFkl6gMEAFknegME
AF6xFgMEALDfQwMEArlNpAMEALzQZgMEALzTGgMEALzV2gMEALzXIgMEALzwRQME
ALzw0zANBAIAAjAHAwUDKgVjADANBgkqhkiG9w0BAQsFAAOCAQEASO+ndUcQx8Id
ki8rHLBFS/LyoVTqa/l5nHntUk5J8gck6qM7P13Sd6T91u/1xBoH53xbAkRBVpJn
Zp/YD1Ai0o8sdfyu4d5Y/p4AMNjZ4HHx5anFvtA1SDy10yrg1w9L3Z+LsJOZkj3s
qEHSFNKw+dudwj5APQjF0LpnZbV7jpNJnPAcd/hJjFE59EdAU63eODMN24fAlkoj
+xauRfrFMHY7H2TxQsn/4DEITbyQtxlpTQ8o9XaBEqVJdzHdU2QQ2MDcKSDkaFFL
cdii54WVcGlGv6KEy9pp6OVjFN6oTrKt6cJOWyp61WebQWOapUwIFeZ27nZaKaDA
SV3Iy03eFw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:04 2024 by rpki-client on console-ams.rpki-client.org