Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/FVXzD7cEoij2JfG818BiOO8J8LI.roa
File: FVXzD7cEoij2JfG818BiOO8J8LI.roa (raw, json)
Hash identifier: c92YrTDZoXjdJzVVyKscy4g8CL+S1hmrr2EJyQvkzM8=
Subject key identifier: 15:55:F3:0F:B7:04:A2:28:F6:25:F1:BC:D7:C0:62:38:EF:09:F0:B2
Certificate issuer: /CN=490b21f79b9ea2f3d042374714867d12401995db
Certificate serial: 018CCA2B39502776544A6D7B96ACE6A82201
Authority key identifier: 49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/FVXzD7cEoij2JfG818BiOO8J8LI.roa
Signing time: Tue 02 Jan 2024 12:34:39 +0000
ROA not before: Tue 02 Jan 2024 12:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51043
IP address blocks: 5.22.136.0/21 maxlen: 24
185.173.67.0/24 maxlen: 24
185.59.180.0/22 maxlen: 24
178.23.128.0/21 maxlen: 24
83.98.32.0/19 maxlen: 19
159.242.64.0/18 maxlen: 24
148.253.160.0/19 maxlen: 24
2a00:ed40::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 13 Feb 2024 14:05:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:39:50:27:76:54:4a:6d:7b:96:ac:e6:a8:22:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=490b21f79b9ea2f3d042374714867d12401995db
Validity
Not Before: Jan 2 12:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1555f30fb704a228f625f1bcd7c06238ef09f0b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:80:0e:e1:10:15:ef:ae:39:56:20:9d:fd:0d:
12:de:36:ea:4b:68:90:2c:35:58:77:7c:4d:e4:0a:
a6:32:74:a4:e4:f8:2d:7d:34:04:c3:d5:ea:47:17:
88:73:17:ac:ff:cc:0a:c6:ed:fb:4b:9d:b4:4c:d5:
57:ca:a1:2b:5a:70:9e:3d:d4:71:6c:ae:e5:9e:d8:
4f:2c:01:7e:25:3c:00:87:81:26:6e:93:e8:77:14:
ba:c8:43:69:eb:f8:41:6c:28:99:52:5f:77:80:60:
c5:4f:3d:1b:6d:7a:a0:bb:6b:2e:5c:67:a9:65:22:
5f:cb:11:08:22:ec:47:ae:d4:76:34:b7:83:21:53:
36:3c:05:9a:e4:5a:03:85:8d:d2:ea:b3:fb:71:96:
f8:b7:e1:f2:67:01:4c:6b:00:46:5a:23:7e:97:07:
ed:b3:58:f2:ba:e9:fb:9d:b5:10:ac:41:88:4a:4b:
8f:f5:95:46:25:73:28:58:63:c3:bb:1d:f4:15:9a:
24:4f:84:14:e2:ee:75:71:ce:4f:e1:60:c1:a4:a4:
77:5d:79:69:6d:cf:eb:39:12:72:93:39:82:74:25:
43:e4:ec:a3:8c:b5:75:22:08:f8:94:2f:3e:fd:0e:
52:90:85:54:6e:bf:a6:56:0c:55:b2:02:23:9b:dd:
76:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:55:F3:0F:B7:04:A2:28:F6:25:F1:BC:D7:C0:62:38:EF:09:F0:B2
X509v3 Authority Key Identifier:
keyid:49:0B:21:F7:9B:9E:A2:F3:D0:42:37:47:14:86:7D:12:40:19:95:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SQsh95ueovPQQjdHFIZ9EkAZlds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/FVXzD7cEoij2JfG818BiOO8J8LI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/e10165-b4cd-4321-bf3c-480c32f400e1/1/SQsh95ueovPQQjdHFIZ9EkAZlds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.136.0/21
83.98.32.0/19
148.253.160.0/19
159.242.64.0/18
178.23.128.0/21
185.59.180.0/22
185.173.67.0/24
IPv6:
2a00:ed40::/32
Signature Algorithm: sha256WithRSAEncryption
37:65:82:27:7d:ed:05:7e:87:1b:8c:ba:90:bd:3b:a6:50:ec:
59:f9:4f:3f:8f:ea:65:e7:92:5f:cc:4a:05:4b:4b:e9:82:0e:
a7:5e:a1:c8:b3:b8:4b:c2:00:0e:53:25:f9:e4:28:86:ed:c7:
6b:03:90:20:d6:7d:9a:f2:9c:df:e9:f8:0b:44:2e:a7:25:1c:
cf:fc:07:13:a3:da:35:7e:ad:bf:5b:ee:7a:37:4d:4a:ab:c1:
78:ab:34:5e:6b:62:bc:15:b1:cd:11:32:c8:b1:7e:d5:41:33:
64:15:5b:a8:3b:81:d5:cc:bc:18:2e:a6:89:6c:7c:4a:c4:23:
de:c4:b9:58:13:11:68:9a:14:0b:0b:e2:3d:fa:64:77:d0:93:
f7:34:c5:f1:92:05:85:69:d7:28:27:d3:a6:f2:66:23:2d:47:
10:9e:01:db:4f:70:98:cb:57:0a:cb:9b:bf:18:7f:3c:c6:5f:
ca:0f:09:3d:b2:9d:b0:62:01:0e:78:e2:44:bd:dd:3b:6e:43:
1d:4e:85:8e:60:be:93:e1:e5:5c:ec:f9:af:2b:d4:f0:0a:ad:
c6:2c:ab:f2:fb:94:ca:9c:5f:30:3a:08:41:5e:de:90:09:cf:
0b:c9:7b:eb:73:09:db:b5:59:87:a6:dd:e9:ed:b5:2f:05:b9:
2f:81:12:de
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzKKzlQJ3ZUSm17lqzmqCIBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MGIyMWY3OWI5ZWEyZjNkMDQyMzc0NzE0ODY3ZDEyNDAx
OTk1ZGIwHhcNMjQwMTAyMTIzNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTU1ZjMwZmI3MDRhMjI4ZjYyNWYxYmNkN2MwNjIzOGVmMDlmMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoAO4RAV7645ViCd/Q0S3jbqS2iQ
LDVYd3xN5AqmMnSk5PgtfTQEw9XqRxeIcxes/8wKxu37S520TNVXyqErWnCePdRx
bK7lnthPLAF+JTwAh4EmbpPodxS6yENp6/hBbCiZUl93gGDFTz0bbXqgu2suXGep
ZSJfyxEIIuxHrtR2NLeDIVM2PAWa5FoDhY3S6rP7cZb4t+HyZwFMawBGWiN+lwft
s1jyuun7nbUQrEGISkuP9ZVGJXMoWGPDux30FZokT4QU4u51cc5P4WDBpKR3XXlp
bc/rORJykzmCdCVD5OyjjLV1Igj4lC8+/Q5SkIVUbr+mVgxVsgIjm912HwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBVV8w+3BKIo9iXxvNfAYjjvCfCyMB8GA1UdIwQY
MBaAFEkLIfebnqLz0EI3RxSGfRJAGZXbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2Mt
NDgwYzMyZjQwMGUxLzEvRlZYekQ3Y0VvaWoySmZHODE4QmlPTzhKOExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9lMTAxNjUtYjRjZC00MzIxLWJmM2MtNDgwYzMyZjQwMGUx
LzEvU1FzaDk1dWVvdlBRUWpkSEZJWjlFa0FabGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRaIAwQF
U2IgAwQFlP2gAwQGn/JAAwQDsheAAwQCuTu0AwQAua1DMA0EAgACMAcDBQAqAO1A
MA0GCSqGSIb3DQEBCwUAA4IBAQA3ZYInfe0FfocbjLqQvTumUOxZ+U8/j+pl55Jf
zEoFS0vpgg6nXqHIs7hLwgAOUyX55CiG7cdrA5Ag1n2a8pzf6fgLRC6nJRzP/AcT
o9o1fq2/W+56N01Kq8F4qzRea2K8FbHNETLIsX7VQTNkFVuoO4HVzLwYLqaJbHxK
xCPexLlYExFomhQLC+I9+mR30JP3NMXxkgWFadcoJ9Om8mYjLUcQngHbT3CYy1cK
y5u/GH88xl/KDwk9sp2wYgEOeOJEvd07bkMdToWOYL6T4eVc7PmvK9TwCq3GLKvy
+5TKnF8wOghBXt6QCc8LyXvrcwnbtVmHpt3p7bUvBbkvgRLe
-----END CERTIFICATE-----
Generated at Tue Feb 13 17:34:58 2024 by rpki-client on console-fra.rpki-client.org