Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FomfXkJMBOBD7FjowafhJOGEO28.roa
File: FomfXkJMBOBD7FjowafhJOGEO28.roa (raw, json)
Hash identifier: GBOiI0A5dXFYKY7lBHRNKwT71IxZp8ZF47sa6DvyHUI=
Subject key identifier: 16:89:9F:5E:42:4C:04:E0:43:EC:58:E8:C1:A7:E1:24:E1:84:3B:6F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F62EEA0B74AE1179C02D0837D80564303
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FomfXkJMBOBD7FjowafhJOGEO28.roa
Signing time: Fri 10 May 2024 14:35:56 +0000
ROA not before: Fri 10 May 2024 14:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 45.87.20.0/24 maxlen: 24
45.140.214.0/24 maxlen: 24
45.142.204.0/24 maxlen: 24
45.142.206.0/24 maxlen: 24
45.144.156.0/24 maxlen: 24
45.144.158.0/24 maxlen: 24
45.145.249.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.149.1.0/24 maxlen: 24
45.150.93.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
89.251.0.0/24 maxlen: 24
89.251.2.0/24 maxlen: 24
136.144.25.0/24 maxlen: 24
2a07:e343::/32 maxlen: 32
2a0f:e381::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 01 Jun 2024 07:15:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:62:ee:a0:b7:4a:e1:17:9c:02:d0:83:7d:80:56:43:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: May 10 14:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16899f5e424c04e043ec58e8c1a7e124e1843b6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c5:a0:75:aa:38:7e:a6:bc:cc:06:22:c7:14:
5d:1f:b3:1a:bb:90:bd:84:7a:47:a2:7b:73:99:82:
a4:0e:a2:50:74:1d:c3:66:35:e7:6a:18:cb:bf:6f:
14:1e:58:04:de:e7:b6:5c:96:2c:f8:b0:27:8d:f3:
30:e5:e8:8e:32:00:e4:8d:60:b3:a8:68:9e:85:73:
41:d9:8d:52:ff:38:9a:f8:0e:6e:57:9c:88:30:27:
cc:fe:4f:91:d3:32:6a:e6:c5:05:84:af:65:47:29:
9e:5b:f5:13:90:36:ea:7b:85:e0:2b:fa:25:a1:93:
b6:1c:98:8f:65:a1:a5:63:14:6f:21:0b:73:91:2c:
28:c1:dc:d5:41:4e:53:59:01:12:73:a7:61:2f:5f:
8f:29:52:b3:3d:f5:39:89:a7:33:ec:92:74:d9:79:
50:d4:a3:af:19:89:8a:c7:d1:d8:59:69:99:a2:3d:
61:65:69:9c:ff:d7:81:83:c6:eb:b3:d9:97:bf:e0:
f7:0b:04:92:6d:a5:f6:85:3e:58:6d:c9:bc:da:84:
c7:95:48:95:10:88:b2:e4:29:47:98:b8:52:f5:56:
fe:56:7e:c5:96:fb:a7:02:51:39:4d:4d:ca:c3:74:
6e:04:17:66:79:95:fe:f5:bc:32:85:a6:4e:aa:e9:
46:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:89:9F:5E:42:4C:04:E0:43:EC:58:E8:C1:A7:E1:24:E1:84:3B:6F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/FomfXkJMBOBD7FjowafhJOGEO28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.20.0/24
45.140.214.0/24
45.142.204.0/24
45.142.206.0/24
45.144.156.0/24
45.144.158.0/24
45.145.249.0/24
45.146.53.0/24
45.148.25.0/24
45.149.1.0/24
45.150.93.0/24
45.154.137.0/24
45.157.112.0/24
89.251.0.0/24
89.251.2.0/24
136.144.25.0/24
IPv6:
2a07:e343::/32
2a0f:e381::/32
Signature Algorithm: sha256WithRSAEncryption
25:bc:d3:48:eb:4f:d3:6e:75:cc:a9:24:83:2d:06:80:19:de:
69:4c:7a:b2:88:e9:b4:ec:71:72:74:a9:14:58:ed:bd:06:34:
da:91:15:f7:9b:3b:f5:3c:2f:7f:fa:60:38:6b:8c:cc:a5:01:
0d:32:6b:d9:f3:b1:c0:1b:2d:42:b2:76:9e:1d:e0:15:01:ab:
f7:23:af:11:d7:b0:1f:d4:a1:88:1d:1a:bf:f5:6b:93:ae:5f:
47:bc:58:65:57:fb:5c:f1:13:00:20:f2:10:01:a2:65:36:09:
dd:b8:5c:17:cd:84:77:10:98:26:c7:7b:43:c5:49:51:01:96:
5c:2b:91:c5:a7:11:e2:49:cf:84:1d:ac:3a:4b:28:56:bc:7d:
e6:00:c8:57:4c:2b:1b:4b:67:99:8f:a6:cd:c5:44:92:f9:c1:
b1:f6:19:94:2e:da:cc:80:0d:3c:70:5d:18:20:5b:72:e9:ca:
c2:0e:2b:e2:74:91:12:ce:27:4f:b0:1c:7e:81:18:74:d9:c7:
4a:f5:cd:a2:1c:97:f1:be:3f:e1:32:5f:df:b1:d0:ab:95:19:
d8:80:db:99:27:cd:cd:a4:74:a4:d4:cb:ed:3e:8b:a1:7c:03:
63:ae:d4:8b:0c:3f:3a:4b:ba:1a:96:de:f7:a1:8a:67:3c:41:
32:9c:8f:02
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAY9i7qC3SuEXnALQg32AVkMDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNTEwMTQzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjg5OWY1ZTQyNGMwNGUwNDNlYzU4ZThjMWE3ZTEyNGUxODQzYjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsWgdao4fqa8zAYixxRdH7Mau5C9
hHpHontzmYKkDqJQdB3DZjXnahjLv28UHlgE3ue2XJYs+LAnjfMw5eiOMgDkjWCz
qGiehXNB2Y1S/zia+A5uV5yIMCfM/k+R0zJq5sUFhK9lRymeW/UTkDbqe4XgK/ol
oZO2HJiPZaGlYxRvIQtzkSwowdzVQU5TWQESc6dhL1+PKVKzPfU5iacz7JJ02XlQ
1KOvGYmKx9HYWWmZoj1hZWmc/9eBg8brs9mXv+D3CwSSbaX2hT5Ybcm82oTHlUiV
EIiy5ClHmLhS9Vb+Vn7FlvunAlE5TU3Kw3RuBBdmeZX+9bwyhaZOqulGYQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBaJn15CTATgQ+xY6MGn4SThhDtvMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvRm9tZlhrSk1CT0JEN0Zqb3dhZmhKT0dFTzI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAAtVxQD
BAAtjNYDBAAtjswDBAAtjs4DBAAtkJwDBAAtkJ4DBAAtkfkDBAAtkjUDBAAtlBkD
BAAtlQEDBAAtll0DBAAtmokDBAAtnXADBABZ+wADBABZ+wIDBACIkBkwFAQCAAIw
DgMFACoH40MDBQAqD+OBMA0GCSqGSIb3DQEBCwUAA4IBAQAlvNNI60/TbnXMqSSD
LQaAGd5pTHqyiOm07HFydKkUWO29BjTakRX3mzv1PC9/+mA4a4zMpQENMmvZ87HA
Gy1CsnaeHeAVAav3I68R17Af1KGIHRq/9WuTrl9HvFhlV/tc8RMAIPIQAaJlNgnd
uFwXzYR3EJgmx3tDxUlRAZZcK5HFpxHiSc+EHaw6SyhWvH3mAMhXTCsbS2eZj6bN
xUSS+cGx9hmULtrMgA08cF0YIFty6crCDividJESzidPsBx+gRh02cdK9c2iHJfx
vj/hMl/fsdCrlRnYgNuZJ83NpHSk1MvtPouhfANjrtSLDD86S7oalt73oYpnPEEy
nI8C
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:52 2024 by rpki-client on console-fra.rpki-client.org