Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa
File: FQaYf070uGczLbpxNOByF_xVKTc.roa (raw, json)
Hash identifier: U1Zo0P0W/J+BriI7nc9o7+vIMdRxGcrdVb1ClqTYTrY=
Subject key identifier: 15:06:98:7F:4E:F4:B8:67:33:2D:BA:71:34:E0:72:17:FC:55:29:37
Certificate issuer: /CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Certificate serial: 018570DE5C6CCEF84AB2FA65D26250EE5461
Authority key identifier: D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa
Signing time: Mon 02 Jan 2023 05:04:58 +0000
ROA not before: Mon 02 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208704
IP address blocks: 193.56.184.0/24 maxlen: 24
45.87.176.0/24 maxlen: 24
45.87.179.0/24 maxlen: 24
45.87.178.0/24 maxlen: 24
45.87.177.0/24 maxlen: 24
45.87.176.0/22 maxlen: 22
2a02:f2c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:5c:6c:ce:f8:4a:b2:fa:65:d2:62:50:ee:54:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Validity
Not Before: Jan 2 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1506987f4ef4b867332dba7134e07217fc552937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:20:d2:7b:01:ce:31:aa:80:eb:2c:fc:54:e5:
5d:c7:e5:91:d7:50:60:23:01:b2:ec:58:02:8d:43:
23:13:0f:1f:52:8d:0d:01:ef:f4:33:92:1b:1a:38:
9e:e4:20:e5:80:78:d4:ae:00:bc:cf:fa:b2:8a:b5:
dd:4d:47:76:c5:87:32:8e:e9:07:eb:1f:58:e0:86:
36:b2:57:86:46:37:41:9d:24:38:92:1f:f6:51:a2:
91:5a:fb:54:88:02:1c:21:65:c1:87:fe:0d:bd:cc:
58:2e:c1:5e:0b:80:2d:ae:15:e9:3f:b7:65:4d:3c:
8e:74:a6:99:22:ce:b1:7a:e4:b8:e9:56:76:b3:00:
a0:12:c2:59:35:01:49:db:3e:12:e7:5c:04:bf:28:
ab:4f:bd:fd:8d:bc:c7:3d:a8:1f:37:d3:29:1b:ab:
bd:15:c1:d9:f8:dd:6c:3a:05:b7:96:a3:3e:a2:7d:
76:ac:b0:5f:d9:48:f3:c0:1c:7f:7d:58:5d:38:70:
e3:8c:05:5d:4f:ee:fd:bf:3b:9f:0f:17:0e:ca:af:
02:f6:b7:a5:12:f3:f3:48:91:5b:e8:bf:a8:53:2d:
3e:f5:a3:4d:74:fe:89:29:b3:3f:4d:fa:9f:88:a0:
1c:16:c7:1b:d6:e9:0b:7c:1c:b6:d3:d7:ad:5b:9a:
a6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:06:98:7F:4E:F4:B8:67:33:2D:BA:71:34:E0:72:17:FC:55:29:37
X509v3 Authority Key Identifier:
keyid:D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/FQaYf070uGczLbpxNOByF_xVKTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.176.0/22
193.56.184.0/24
IPv6:
2a02:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:fc:14:30:d4:a3:e1:67:60:54:ad:77:e6:7b:6c:e3:0f:d8:
3a:3b:e3:da:97:4a:29:91:20:75:c3:b1:3f:a1:36:5e:ef:e2:
10:c6:5d:89:f6:e4:db:23:02:7e:14:64:9d:d5:59:0b:ae:80:
03:76:08:a6:ab:4a:81:2e:be:fb:42:a3:2d:fb:77:41:30:15:
c2:e8:91:fb:d6:a9:3a:81:44:52:22:d8:dd:22:ff:70:b1:fb:
f9:c4:cb:41:16:7a:22:4a:0d:e3:6e:8e:e1:b0:ab:88:e8:b7:
a5:2d:59:8c:43:af:60:a7:01:65:2a:d5:5a:65:17:1b:97:ef:
21:d0:60:f2:92:83:c1:95:b4:64:0e:49:e6:0a:5e:16:8e:4d:
43:68:17:32:6f:ab:8f:d9:93:29:3e:fa:15:e1:70:9a:fb:67:
31:3c:dd:95:96:0c:9a:22:fb:de:df:07:91:b2:df:5e:32:0d:
3c:d0:d2:15:e7:15:f6:0e:58:34:0c:e7:91:37:50:ee:7f:da:
5c:dc:32:21:e2:64:4d:e3:94:7b:c9:5e:7a:17:15:02:8a:cc:
62:a2:2e:10:79:ce:e9:da:bd:a4:85:7a:8e:0c:63:54:87:28:
cb:20:7b:b8:d7:35:f3:7d:da:48:5d:d7:06:32:16:a0:c9:8a:
5b:d4:5d:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVw3lxszvhKsvpl0mJQ7lRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZmZWU3ZTc2MmY5YTA2ZmUyZjQ3ZTdhMWU1MmQ5ZWJh
N2ZhZmQwHhcNMjMwMTAyMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA2OTg3ZjRlZjRiODY3MzMyZGJhNzEzNGUwNzIxN2ZjNTUyOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCDSewHOMaqA6yz8VOVdx+WR11Bg
IwGy7FgCjUMjEw8fUo0NAe/0M5IbGjie5CDlgHjUrgC8z/qyirXdTUd2xYcyjukH
6x9Y4IY2sleGRjdBnSQ4kh/2UaKRWvtUiAIcIWXBh/4NvcxYLsFeC4AtrhXpP7dl
TTyOdKaZIs6xeuS46VZ2swCgEsJZNQFJ2z4S51wEvyirT739jbzHPagfN9MpG6u9
FcHZ+N1sOgW3lqM+on12rLBf2UjzwBx/fVhdOHDjjAVdT+79vzufDxcOyq8C9rel
EvPzSJFb6L+oUy0+9aNNdP6JKbM/TfqfiKAcFscb1ukLfBy209etW5qm9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBUGmH9O9LhnMy26cTTgchf8VSk3MB8GA1UdIwQY
MBaAFNNP/ufnYvmgb+L0fnoeUtnrp/r9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzkt
ODdlMWYzODY2MzYyLzEvRlFhWWYwNzB1R2N6TGJweE5PQnlGX3hWS1RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzktODdlMWYzODY2MzYy
LzEvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVewAwQA
wTi4MA0EAgACMAcDBQMqAvLAMA0GCSqGSIb3DQEBCwUAA4IBAQBb/BQw1KPhZ2BU
rXfme2zjD9g6O+Pal0opkSB1w7E/oTZe7+IQxl2J9uTbIwJ+FGSd1VkLroADdgim
q0qBLr77QqMt+3dBMBXC6JH71qk6gURSItjdIv9wsfv5xMtBFnoiSg3jbo7hsKuI
6LelLVmMQ69gpwFlKtVaZRcbl+8h0GDykoPBlbRkDknmCl4Wjk1DaBcyb6uP2ZMp
PvoV4XCa+2cxPN2VlgyaIvve3weRst9eMg080NIV5xX2Dlg0DOeRN1Duf9pc3DIh
4mRN45R7yV56FxUCisxioi4Qec7p2r2khXqODGNUhyjLIHu41zXzfdpIXdcGMhag
yYpb1F0E
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:11:28 2024 by rpki-client on console-ams.rpki-client.org