Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/FXifICzh0SN4ff-y3sKvVlTDDgw.roa
File: FXifICzh0SN4ff-y3sKvVlTDDgw.roa (raw, json)
Hash identifier: cbw9IAMnnndM/t4JqhAxaKZHascs5dsw66KrdM3Fvbw=
Subject key identifier: 15:78:9F:20:2C:E1:D1:23:78:7D:FF:B2:DE:C2:AF:56:54:C3:0E:0C
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 018BE9FA5F4E331BAF8853E8AB2CB99E1789
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/FXifICzh0SN4ff-y3sKvVlTDDgw.roa
Signing time: Sun 19 Nov 2023 23:46:21 +0000
ROA not before: Sun 19 Nov 2023 23:46:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42369
IP address blocks: 94.176.160.0/24 maxlen: 24
185.235.147.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
94.176.160.0/23 maxlen: 23
91.250.253.0/24 maxlen: 24
194.33.191.0/24 maxlen: 24
188.240.51.0/24 maxlen: 24
2a10:8b40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e9:fa:5f:4e:33:1b:af:88:53:e8:ab:2c:b9:9e:17:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Nov 19 23:46:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15789f202ce1d123787dffb2dec2af5654c30e0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3a:68:29:66:69:cd:93:fb:67:76:dd:f9:7e:
93:f4:30:e2:2c:a6:65:23:1a:f7:d2:f9:da:b2:7a:
e1:0c:5d:4d:86:b6:47:27:40:af:67:13:a8:7b:a4:
d7:80:34:61:93:6c:73:08:d7:6c:ca:64:bc:ec:af:
27:42:2a:61:d2:11:79:f9:4a:5b:8e:3f:9a:10:85:
1b:ed:f1:9a:db:3b:65:52:a3:09:c1:60:89:1f:1c:
87:b6:df:5b:00:ed:55:38:4b:bc:45:08:f8:65:1e:
35:79:06:1e:ff:4e:db:6a:83:02:3f:bd:25:96:92:
c1:66:46:be:54:00:47:40:07:37:0f:5c:7f:56:0d:
30:f3:11:4d:ff:20:0b:8e:70:db:6c:89:12:81:42:
8b:62:70:d2:80:33:8d:65:18:9c:55:27:7c:c0:76:
9f:3e:52:9a:28:cb:df:5f:94:dd:8e:5d:25:a1:8d:
68:b5:ad:b5:f4:6a:da:13:ff:f1:98:38:8e:ee:9f:
9f:38:6a:c4:6f:50:ee:22:54:ee:c3:25:7c:83:18:
70:3d:f8:7e:8e:17:63:06:fd:38:95:aa:64:f5:23:
92:ac:16:27:c2:fd:cc:69:93:e6:9b:cd:07:52:63:
54:fe:62:d3:7e:85:29:e9:87:8e:fe:b4:7f:2f:89:
cf:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:78:9F:20:2C:E1:D1:23:78:7D:FF:B2:DE:C2:AF:56:54:C3:0E:0C
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/FXifICzh0SN4ff-y3sKvVlTDDgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.250.253.0/24
94.176.160.0/23
185.235.147.0/24
188.240.51.0/24
194.33.191.0/24
IPv6:
2a10:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
7d:d9:b9:db:5f:ed:6b:78:1c:a1:75:35:70:61:ad:e5:da:ad:
a0:e2:e9:06:0c:e5:2b:74:55:3a:88:9d:af:c9:f8:86:a1:7e:
5c:21:4d:1a:3f:bd:fa:3c:6b:1d:06:f9:2d:42:2b:cb:f4:b2:
22:2b:82:83:fe:17:8b:be:ba:bd:6a:12:91:68:5c:66:17:ab:
27:bc:77:aa:03:74:e5:4a:9e:d4:4a:e6:cd:53:5c:91:18:ef:
c1:4d:b2:e8:34:b5:09:2e:ec:26:56:7d:13:ce:19:05:1c:b8:
c0:aa:bd:53:cb:d1:ba:b2:ba:91:90:65:4a:3e:26:c7:ab:f1:
b4:d4:01:cb:3e:86:96:24:db:54:c0:d6:89:5b:46:a2:ba:74:
67:28:d8:f9:1d:be:8d:4b:30:fe:fa:3d:2b:29:07:fe:e8:97:
3e:85:5e:d6:f5:40:92:36:6e:a7:20:93:e8:ab:b5:c2:83:a3:
ae:64:43:e8:2f:e1:2a:89:03:f2:31:86:05:6d:ed:d7:9b:57:
72:5f:16:28:4e:26:cd:2a:a5:a9:5a:2c:e2:68:9f:2d:05:ae:
47:6f:7b:36:ac:25:bd:df:d6:ab:5e:7e:d5:45:9f:cc:84:5f:
6b:aa:9c:b0:e6:9c:ea:16:53:c1:e1:37:07:85:46:2b:6e:15:
ca:e4:e9:12
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYvp+l9OMxuviFPoqyy5nheJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjMxMTE5MjM0NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTc4OWYyMDJjZTFkMTIzNzg3ZGZmYjJkZWMyYWY1NjU0YzMwZTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtjpoKWZpzZP7Z3bd+X6T9DDiLKZl
Ixr30vnasnrhDF1NhrZHJ0CvZxOoe6TXgDRhk2xzCNdsymS87K8nQiph0hF5+Upb
jj+aEIUb7fGa2ztlUqMJwWCJHxyHtt9bAO1VOEu8RQj4ZR41eQYe/07baoMCP70l
lpLBZka+VABHQAc3D1x/Vg0w8xFN/yALjnDbbIkSgUKLYnDSgDONZRicVSd8wHaf
PlKaKMvfX5Tdjl0loY1ota219GraE//xmDiO7p+fOGrEb1DuIlTuwyV8gxhwPfh+
jhdjBv04lapk9SOSrBYnwv3MaZPmm80HUmNU/mLTfoUp6YeO/rR/L4nPdwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBV4nyAs4dEjeH3/st7Cr1ZUww4MMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xL0ZYaWZJQ3poMFNONGZmLXkzc0t2VmxURERndy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRgYIKwYBBQUHAQcBAf8ENzA1MCQEAgABMB4DBABb+v0D
BAFesKADBAC565MDBAC88DMDBADCIb8wDQQCAAIwBwMFACoQi0AwDQYJKoZIhvcN
AQELBQADggEBAH3Zudtf7Wt4HKF1NXBhreXaraDi6QYM5St0VTqIna/J+Iahflwh
TRo/vfo8ax0G+S1CK8v0siIrgoP+F4u+ur1qEpFoXGYXqye8d6oDdOVKntRK5s1T
XJEY78FNsug0tQku7CZWfRPOGQUcuMCqvVPL0bqyupGQZUo+Jser8bTUAcs+hpYk
21TA1olbRqK6dGco2Pkdvo1LMP76PSspB/7olz6FXtb1QJI2bqcgk+irtcKDo65k
Q+gv4SqJA/IxhgVt7debV3JfFihOJs0qpalaLOJony0FrkdvezasJb3f1qteftVF
n8yEX2uqnLDmnOoWU8HhNweFRituFcrk6RI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:32:42 2024 by rpki-client on console-ams.rpki-client.org