Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/fLZNCJ9AXdEkAc2yhMdg3yY5Tdc.roa
File: fLZNCJ9AXdEkAc2yhMdg3yY5Tdc.roa (raw, json)
Hash identifier: jN/Og6r/Mb9QTECL0dMpXgQzl3K5flZbODcvC4Oz9mA=
Subject key identifier: 7C:B6:4D:08:9F:40:5D:D1:24:01:CD:B2:84:C7:60:DF:26:39:4D:D7
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018AA2CEB51FB9D46350CAA7F5B570C9AFA5
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/fLZNCJ9AXdEkAc2yhMdg3yY5Tdc.roa
Signing time: Sun 17 Sep 2023 11:02:50 +0000
ROA not before: Sun 17 Sep 2023 11:02:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29802
IP address blocks: 45.15.143.0/24 maxlen: 24
5.253.38.0/24 maxlen: 24
45.92.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Dec 2023 15:08:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a2:ce:b5:1f:b9:d4:63:50:ca:a7:f5:b5:70:c9:af:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 17 11:02:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cb64d089f405dd12401cdb284c760df26394dd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:df:5b:32:1b:ab:ce:ed:31:02:cf:2e:a5:38:
75:8b:8d:47:5e:c6:6c:cf:7e:22:4d:67:57:95:af:
c7:85:be:e0:8d:3f:0b:4b:4e:9b:95:a6:fe:e2:66:
51:60:a3:44:31:bc:c7:41:7c:ab:95:27:be:ef:71:
0b:d8:5a:53:b4:84:07:66:bc:5e:65:98:f7:c6:4c:
78:83:2c:27:3c:a5:8e:76:66:9f:f1:89:a8:9d:31:
80:ea:1a:8a:1e:c5:91:3d:be:f5:8f:25:83:3b:97:
ff:fb:38:b5:27:3b:2c:c4:40:f5:4a:74:43:ba:02:
d2:8c:5a:77:80:f9:08:60:d3:ed:ca:74:9b:ac:fd:
39:28:c7:17:48:16:37:b4:a9:f7:f2:48:a7:00:41:
a5:0f:fc:17:58:ac:dc:e8:8c:51:16:2e:a1:18:2d:
97:48:31:4f:aa:d8:4c:42:95:6b:b6:43:fc:72:5e:
98:ff:21:db:ac:a7:af:84:f5:cd:e8:85:56:e4:15:
7e:5b:6c:be:a5:c5:c3:22:b2:d0:c9:a4:b0:66:fd:
08:74:4a:46:22:46:e0:8e:b5:de:7a:b6:ec:5f:e4:
4b:09:d5:ca:e2:90:25:a1:1f:3e:61:9b:20:d7:1d:
8c:e6:5e:53:d6:a5:a7:23:8d:18:89:d3:09:2c:d9:
63:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B6:4D:08:9F:40:5D:D1:24:01:CD:B2:84:C7:60:DF:26:39:4D:D7
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/fLZNCJ9AXdEkAc2yhMdg3yY5Tdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.38.0/24
45.15.143.0/24
45.92.195.0/24
Signature Algorithm: sha256WithRSAEncryption
78:1a:61:22:4c:2b:e1:82:d8:94:f9:52:64:8b:13:e4:82:6f:
61:a7:a8:ff:24:3b:07:c1:b7:f9:eb:29:94:cd:51:c8:cf:20:
64:c4:2c:64:24:08:76:de:b2:42:fc:e5:1d:c7:77:e1:17:45:
c1:9e:73:8e:e2:bf:03:3f:07:dd:4b:e7:00:02:dd:e6:f8:4d:
e9:bb:a5:99:4d:ec:ef:13:10:0c:ae:8e:c3:5b:59:4c:20:dc:
42:3f:a3:eb:27:35:fb:e0:70:2f:a4:d4:bf:b0:1e:d0:9a:54:
0e:da:0a:14:ed:f5:c0:34:49:3c:5c:14:f9:94:d9:8c:50:57:
f4:6b:38:46:6e:d9:3d:8b:97:be:29:4a:57:96:34:64:52:97:
23:85:15:1f:9e:9f:8e:7b:74:6b:43:00:23:aa:b7:8a:ce:0e:
16:f9:16:d1:56:9c:ca:f3:84:0a:20:33:81:17:6f:99:f0:a1:
c8:8c:d2:15:a8:19:9d:3d:66:18:90:43:58:c0:83:e7:35:3a:
ec:29:76:a4:8e:60:e0:07:e9:54:1b:90:61:db:e4:6f:64:9f:
85:b5:2e:b2:25:2d:ff:16:a1:dd:b5:ed:34:58:e8:bc:e7:3f:
97:63:c6:19:63:f3:b4:1d:bf:58:32:78:cb:0e:dd:ea:fe:8f:
c7:2c:67:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqizrUfudRjUMqn9bVwya+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTE3MTEwMjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2I2NGQwODlmNDA1ZGQxMjQwMWNkYjI4NGM3NjBkZjI2Mzk0ZGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd9bMhurzu0xAs8upTh1i41HXsZs
z34iTWdXla/Hhb7gjT8LS06blab+4mZRYKNEMbzHQXyrlSe+73EL2FpTtIQHZrxe
ZZj3xkx4gywnPKWOdmaf8YmonTGA6hqKHsWRPb71jyWDO5f/+zi1JzssxED1SnRD
ugLSjFp3gPkIYNPtynSbrP05KMcXSBY3tKn38kinAEGlD/wXWKzc6IxRFi6hGC2X
SDFPqthMQpVrtkP8cl6Y/yHbrKevhPXN6IVW5BV+W2y+pcXDIrLQyaSwZv0IdEpG
IkbgjrXeerbsX+RLCdXK4pAloR8+YZsg1x2M5l5T1qWnI40YidMJLNljgwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHy2TQifQF3RJAHNsoTHYN8mOU3XMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZkxaTkNKOUFYZEVrQWMyeWhNZGczeVk1VGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABf0mAwQA
LQ+PAwQALVzDMA0GCSqGSIb3DQEBCwUAA4IBAQB4GmEiTCvhgtiU+VJkixPkgm9h
p6j/JDsHwbf56ymUzVHIzyBkxCxkJAh23rJC/OUdx3fhF0XBnnOO4r8DPwfdS+cA
At3m+E3pu6WZTezvExAMro7DW1lMINxCP6PrJzX74HAvpNS/sB7QmlQO2goU7fXA
NEk8XBT5lNmMUFf0azhGbtk9i5e+KUpXljRkUpcjhRUfnp+Oe3RrQwAjqreKzg4W
+RbRVpzK84QKIDOBF2+Z8KHIjNIVqBmdPWYYkENYwIPnNTrsKXakjmDgB+lUG5Bh
2+RvZJ+FtS6yJS3/FqHdte00WOi85z+XY8YZY/O0Hb9YMnjLDt3q/o/HLGfL
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:20 2024 by rpki-client on console-ams.rpki-client.org