Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/FrFsapDukbOTNd2mH96fiXODk9c.roa
File: FrFsapDukbOTNd2mH96fiXODk9c.roa (raw, json)
Hash identifier: u65mx+G6FuuTZzZjWkJYdSvPrICSPTK5aH9PfWX2pzQ=
Subject key identifier: 16:B1:6C:6A:90:EE:91:B3:93:35:DD:A6:1F:DE:9F:89:73:83:93:D7
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018CC4246FB439D25BFD450E94B2B8FD63FB
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/FrFsapDukbOTNd2mH96fiXODk9c.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31034
IP address blocks: 185.58.116.0/22 maxlen: 24
94.177.192.0/18 maxlen: 24
89.46.104.0/21 maxlen: 24
95.110.128.0/17 maxlen: 24
31.14.128.0/20 maxlen: 24
31.11.32.0/21 maxlen: 24
77.81.224.0/20 maxlen: 24
46.37.0.0/19 maxlen: 24
89.46.192.0/21 maxlen: 24
62.149.128.0/17 maxlen: 24
188.213.160.0/20 maxlen: 24
176.107.144.0/21 maxlen: 24
80.73.224.0/21 maxlen: 24
89.36.208.0/22 maxlen: 24
217.198.128.0/20 maxlen: 24
5.249.128.0/19 maxlen: 24
195.231.0.0/17 maxlen: 24
217.61.0.0/18 maxlen: 24
89.46.64.0/20 maxlen: 24
94.177.160.0/19 maxlen: 24
185.56.8.0/22 maxlen: 24
80.211.0.0/16 maxlen: 24
209.227.224.0/20 maxlen: 24
195.231.64.0/20 maxlen: 24
82.192.128.0/19 maxlen: 24
194.182.110.0/23 maxlen: 24
217.61.56.0/21 maxlen: 24
195.231.80.0/21 maxlen: 24
209.227.240.0/20 maxlen: 24
195.231.88.0/21 maxlen: 24
2a00:6d40::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 25 Jan 2024 09:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:6f:b4:39:d2:5b:fd:45:0e:94:b2:b8:fd:63:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=16b16c6a90ee91b39335dda61fde9f89738393d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:92:39:9b:d5:e1:13:db:a5:54:59:57:45:
49:e8:08:b0:68:c5:a0:e0:b5:1f:e4:64:d3:4f:43:
50:d8:b5:e1:3a:d4:d8:59:45:7b:ec:4a:f3:8d:3c:
78:81:99:70:5f:46:de:c1:89:b4:3d:d6:f7:55:c9:
dc:47:f4:de:f8:4e:c5:6d:c8:26:7b:30:24:67:15:
63:e8:4b:ef:56:31:e6:38:4c:17:78:e6:4c:6d:16:
c3:3e:43:3c:da:e1:f0:ce:ce:65:93:d5:77:56:30:
31:24:16:42:1a:56:d5:8c:c4:d3:4d:6e:06:b1:04:
20:17:da:7d:03:0e:bc:0f:ab:3b:66:44:f3:79:3c:
46:42:8b:0f:cf:6c:8f:46:80:a7:c7:31:a3:98:14:
a7:30:47:3a:cc:db:4f:02:5c:5e:25:70:36:2c:ac:
f5:6d:1b:2b:46:b6:bb:43:37:97:1e:11:19:97:48:
dd:83:82:6d:f2:4d:61:02:ed:7b:a2:76:a6:37:20:
9e:2a:c0:7e:0b:2e:95:01:07:b5:16:fe:5b:e8:7e:
af:25:23:56:ca:b1:ef:9d:a8:a9:dd:bf:d6:31:88:
1c:0b:6a:e6:a9:c8:f4:bd:b5:c1:65:b7:ba:09:e2:
4b:ce:63:ca:71:d3:3e:42:3b:62:8b:19:37:db:ab:
fc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:B1:6C:6A:90:EE:91:B3:93:35:DD:A6:1F:DE:9F:89:73:83:93:D7
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/FrFsapDukbOTNd2mH96fiXODk9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.128.0/19
31.11.32.0/21
31.14.128.0/20
46.37.0.0/19
62.149.128.0/17
77.81.224.0/20
80.73.224.0/21
80.211.0.0/16
82.192.128.0/19
89.36.208.0/22
89.46.64.0/20
89.46.104.0/21
89.46.192.0/21
94.177.160.0-94.177.255.255
95.110.128.0/17
176.107.144.0/21
185.56.8.0/22
185.58.116.0/22
188.213.160.0/20
194.182.110.0/23
195.231.0.0/17
209.227.224.0/19
217.61.0.0/18
217.198.128.0/20
IPv6:
2a00:6d40::/29
Signature Algorithm: sha256WithRSAEncryption
10:af:b8:57:3d:8a:ef:1f:bd:65:e7:8f:4f:71:31:8c:ad:07:
f7:12:0a:6c:d7:d3:bd:e6:9f:f9:1c:e0:80:87:6f:28:82:1e:
ec:a1:68:ac:cf:be:aa:b0:45:72:df:87:48:57:2e:68:de:33:
33:38:46:43:e4:d3:b2:3a:47:7d:f7:44:66:c5:db:fb:f1:59:
3b:92:23:f6:6b:cb:90:01:8d:44:55:d4:15:2b:9a:21:f4:f5:
3d:89:1a:97:7c:77:79:f4:79:a1:bc:db:37:ba:38:1f:ba:c0:
98:80:4d:2c:8d:db:34:3b:fe:5d:bd:ff:80:bb:45:f7:d4:5b:
24:0d:fa:da:75:43:4b:3f:c3:4a:69:f8:86:af:72:1d:6d:5e:
98:c0:5a:c7:c5:19:b3:15:88:aa:b5:35:5d:d4:db:47:72:5e:
04:c9:6a:06:fd:eb:a5:f3:42:e7:da:26:de:a0:d4:35:1a:b6:
b4:a9:4d:a2:15:3e:74:43:df:0d:c5:97:64:fc:f6:a3:90:d1:
ac:c9:26:c9:b4:89:81:1d:61:3e:a8:18:9c:4c:e9:20:b1:82:
75:11:42:4a:d7:07:f8:8a:9d:3a:fc:17:71:f9:6a:66:5e:8e:
2a:ea:38:9b:b4:30:3b:14:e5:75:0f:52:25:56:d2:7c:72:41:
8a:02:42:f5
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgISAYzEJG+0OdJb/UUOlLK4/WP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmIxNmM2YTkwZWU5MWIzOTMzNWRkYTYxZmRlOWY4OTczODM5M2Q3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdCSOZvV4RPbpVRZV0VJ6AiwaMWg
4LUf5GTTT0NQ2LXhOtTYWUV77ErzjTx4gZlwX0bewYm0Pdb3VcncR/Te+E7Fbcgm
ezAkZxVj6EvvVjHmOEwXeOZMbRbDPkM82uHwzs5lk9V3VjAxJBZCGlbVjMTTTW4G
sQQgF9p9Aw68D6s7ZkTzeTxGQosPz2yPRoCnxzGjmBSnMEc6zNtPAlxeJXA2LKz1
bRsrRra7QzeXHhEZl0jdg4Jt8k1hAu17onamNyCeKsB+Cy6VAQe1Fv5b6H6vJSNW
yrHvnaip3b/WMYgcC2rmqcj0vbXBZbe6CeJLzmPKcdM+Qjtiixk326v8YwIDAQAB
o4ICrTCCAqkwHQYDVR0OBBYEFBaxbGqQ7pGzkzXdph/en4lzg5PXMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvRnJGc2FwRHVrYk9UTmQybUg5NmZpWE9EazljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHCBggrBgEFBQcBBwEB/wSBsjCBrzCBnQQCAAEwgZYDBAUF
+YADBAMfCyADBAQfDoADBAUuJQADBAc+lYADBARNUeADBANQSeADAwBQ0wMEBVLA
gAMEAlkk0AMEBFkuQAMEA1kuaAMEA1kuwDALAwQFXrGgAwMBXrADBAdfboADBAOw
a5ADBAK5OAgDBAK5OnQDBAS81aADBAHCtm4DBAfD5wADBAXR4+ADBAbZPQADBATZ
xoAwDQQCAAIwBwMFAyoAbUAwDQYJKoZIhvcNAQELBQADggEBABCvuFc9iu8fvWXn
j09xMYytB/cSCmzX073mn/kc4ICHbyiCHuyhaKzPvqqwRXLfh0hXLmjeMzM4RkPk
07I6R333RGbF2/vxWTuSI/Zry5ABjURV1BUrmiH09T2JGpd8d3n0eaG82ze6OB+6
wJiATSyN2zQ7/l29/4C7RffUWyQN+tp1Q0s/w0pp+Iavch1tXpjAWsfFGbMViKq1
NV3U20dyXgTJagb966XzQufaJt6g1DUatrSpTaIVPnRD3w3Fl2T89qOQ0azJJsm0
iYEdYT6oGJxM6SCxgnURQkrXB/iKnTr8F3H5amZejirqOJu0MDsU5XUPUiVW0nxy
QYoCQvU=
-----END CERTIFICATE-----
Generated at Thu Jan 25 11:57:13 2024 by rpki-client on console-fra.rpki-client.org