Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/fLhTpFxt4BPxAT5gE4oRSBWdtdw.roa
File: fLhTpFxt4BPxAT5gE4oRSBWdtdw.roa (raw, json)
Hash identifier: HPRvGa+xUen+SLhiEPIixKpIVYQdVtbcOWccnV4lvq8=
Subject key identifier: 7C:B8:53:A4:5C:6D:E0:13:F1:01:3E:60:13:8A:11:48:15:9D:B5:DC
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018881BF69EFA9E48CCE01B6F9CF2F85BC33
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/fLhTpFxt4BPxAT5gE4oRSBWdtdw.roa
Signing time: Sat 03 Jun 2023 14:53:05 +0000
ROA not before: Sat 03 Jun 2023 14:53:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211183
IP address blocks: 79.133.183.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 09:16:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:bf:69:ef:a9:e4:8c:ce:01:b6:f9:cf:2f:85:bc:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Jun 3 14:53:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cb853a45c6de013f1013e60138a1148159db5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:30:23:40:30:c8:f0:82:9d:21:1a:f1:47:76:
92:b7:3a:99:28:60:0f:1d:aa:2c:72:1f:e9:15:a0:
18:c6:92:ca:6b:6e:38:5d:62:38:82:35:e5:f6:8c:
7c:da:f0:5a:93:c8:94:bf:aa:31:6c:c7:dc:ef:30:
78:ea:5e:99:dc:07:2a:37:cc:c0:5c:b3:c5:1b:7c:
20:dc:f3:23:ac:d2:e2:5f:68:f5:f2:12:c4:9d:bd:
c8:3f:99:2c:e5:ee:8e:e6:65:e2:47:3b:07:34:c1:
d8:f4:d2:8c:45:d8:ce:e3:5f:40:ae:e6:6e:06:53:
9e:8e:44:c1:69:e9:38:28:5c:1b:51:d7:ec:fe:d8:
7a:7c:8c:a4:21:fc:2e:66:35:57:5a:5e:6c:12:1b:
55:11:5f:1b:5d:03:69:89:ba:ea:6d:36:37:37:44:
a0:3c:57:d6:25:5d:5b:49:50:28:56:98:b3:7c:2c:
97:b7:22:12:b6:1f:c0:7c:7b:f3:71:ca:93:47:92:
b3:ef:fc:b7:fa:6d:d9:37:58:43:36:42:36:1e:d0:
a9:c3:22:fd:59:19:50:29:9b:bf:1a:d9:ac:97:79:
3e:a6:79:5e:5b:ab:32:6f:5b:44:ff:64:d4:31:e5:
71:58:86:6e:1d:b3:72:2a:42:9a:f1:fd:f4:67:aa:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B8:53:A4:5C:6D:E0:13:F1:01:3E:60:13:8A:11:48:15:9D:B5:DC
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/fLhTpFxt4BPxAT5gE4oRSBWdtdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.181.0-79.133.183.255
91.200.84.0/24
185.240.103.0/24
185.244.51.0/24
193.187.96.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:ff:e7:fd:32:35:0a:5b:d0:14:6d:14:a7:6b:41:29:2b:e2:
d1:c3:84:06:8e:ac:f0:e5:05:06:49:3b:61:f5:cd:0c:91:59:
63:35:e7:a0:ee:89:75:81:f1:fc:64:1c:d2:c0:5d:6e:08:6c:
f5:a3:51:32:28:31:ef:b5:d0:64:50:73:7f:c1:32:19:47:2f:
a6:99:ea:a8:66:1e:c5:41:3d:0e:95:a2:68:ff:3f:58:2a:ff:
36:60:c3:39:24:14:a6:cd:94:67:1f:e6:84:29:31:48:e1:5f:
60:9d:c1:6f:8e:a5:51:1a:8a:8b:92:4d:30:f0:fb:a2:58:2a:
fa:e9:58:7e:de:2e:02:a0:55:f0:24:4e:4e:bf:63:9f:c7:4d:
9b:db:03:98:89:66:5c:ec:ef:0d:7a:c7:c5:96:d7:67:ff:7a:
1f:0b:7d:a0:29:cb:bf:cf:71:eb:eb:f6:9d:a7:88:1d:93:d0:
35:cc:c4:6b:7d:c5:6b:db:0e:d8:2f:d9:bd:d2:37:6b:62:e3:
62:28:7d:4c:2a:72:da:f0:76:ce:5f:05:10:ab:d1:91:70:a3:
61:db:2a:24:2b:72:59:9e:56:1d:b1:8e:fa:19:bd:2b:c3:d5:
0f:8e:05:d5:eb:d7:d0:d0:3d:a4:7c:9e:7b:9a:a3:92:1c:72:
c6:da:e1:2d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYiBv2nvqeSMzgG2+c8vhbwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjMwNjAzMTQ1MzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I4NTNhNDVjNmRlMDEzZjEwMTNlNjAxMzhhMTE0ODE1OWRiNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDAjQDDI8IKdIRrxR3aStzqZKGAP
Haosch/pFaAYxpLKa244XWI4gjXl9ox82vBak8iUv6oxbMfc7zB46l6Z3AcqN8zA
XLPFG3wg3PMjrNLiX2j18hLEnb3IP5ks5e6O5mXiRzsHNMHY9NKMRdjO419AruZu
BlOejkTBaek4KFwbUdfs/th6fIykIfwuZjVXWl5sEhtVEV8bXQNpibrqbTY3N0Sg
PFfWJV1bSVAoVpizfCyXtyISth/AfHvzccqTR5Kz7/y3+m3ZN1hDNkI2HtCpwyL9
WRlQKZu/Gtmsl3k+pnleW6syb1tE/2TUMeVxWIZuHbNyKkKa8f30Z6rxqwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHy4U6RcbeAT8QE+YBOKEUgVnbXcMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvZkxoVHBGeHQ0QlB4QVQ1Z0U0b1JTQldkdGR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABPhbUD
BANPhbADBABbyFQDBAC58GcDBAC59DMDBADBu2AwDQYJKoZIhvcNAQELBQADggEB
AJ7/5/0yNQpb0BRtFKdrQSkr4tHDhAaOrPDlBQZJO2H1zQyRWWM156DuiXWB8fxk
HNLAXW4IbPWjUTIoMe+10GRQc3/BMhlHL6aZ6qhmHsVBPQ6Vomj/P1gq/zZgwzkk
FKbNlGcf5oQpMUjhX2CdwW+OpVEaiouSTTDw+6JYKvrpWH7eLgKgVfAkTk6/Y5/H
TZvbA5iJZlzs7w16x8WW12f/eh8LfaApy7/Pcevr9p2niB2T0DXMxGt9xWvbDtgv
2b3SN2ti42IofUwqctrwds5fBRCr0ZFwo2HbKiQrclmeVh2xjvoZvSvD1Q+OBdXr
19DQPaR8nnuao5Iccsba4S0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:02 2024 by rpki-client on console-ams.rpki-client.org