Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/FluAG5TvW9ASTwKc1-qfPplg5i8.roa
File: FluAG5TvW9ASTwKc1-qfPplg5i8.roa (raw, json)
Hash identifier: bwI8JV7HX/Pm2HO5D6uN0E5LYZGRnP3hlgxGlr6MQ3c=
Subject key identifier: 16:5B:80:1B:94:EF:5B:D0:12:4F:02:9C:D7:EA:9F:3E:99:60:E6:2F
Certificate issuer: /CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Certificate serial: 018C8260A697026780366FEA10E6268E8D65
Authority key identifier: 13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/FluAG5TvW9ASTwKc1-qfPplg5i8.roa
Signing time: Tue 19 Dec 2023 14:00:21 +0000
ROA not before: Tue 19 Dec 2023 14:00:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20986
IP address blocks: 91.236.153.0/24 maxlen: 24
185.51.218.0/24 maxlen: 24
185.51.219.0/24 maxlen: 24
185.51.216.0/24 maxlen: 24
185.51.217.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:82:60:a6:97:02:67:80:36:6f:ea:10:e6:26:8e:8d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Validity
Not Before: Dec 19 14:00:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=165b801b94ef5bd0124f029cd7ea9f3e9960e62f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:09:e3:cf:f2:8d:33:66:48:b6:e1:07:08:23:
62:93:68:f7:73:d4:9d:c6:35:c3:e0:69:b2:fa:1c:
84:92:12:71:61:87:f5:63:22:d2:48:fa:8f:fc:9b:
f9:59:27:a3:bc:12:b7:2b:6f:ea:37:91:87:08:6c:
e1:5f:6c:28:65:64:ca:d4:92:84:8c:f0:9b:c2:0a:
b7:aa:26:35:f0:32:7d:61:f5:34:49:24:e3:cb:c0:
a5:0a:ce:cb:ec:1f:08:f3:06:78:1a:48:ce:91:65:
ae:e6:aa:b7:a6:f3:ee:04:88:6e:8d:c7:89:64:fd:
05:73:aa:e5:af:73:dd:67:6a:d6:69:cf:a1:77:2d:
df:4c:11:59:c3:64:15:e3:33:40:85:15:b8:34:62:
a8:7e:6f:00:b3:43:79:bf:13:42:8d:fa:16:80:98:
bd:10:f4:18:8e:35:53:44:6c:7e:01:5c:7b:3e:ce:
17:4c:79:64:aa:c4:90:6c:33:ed:83:bc:cc:62:75:
bb:ec:1d:51:2f:27:65:51:9f:9e:6b:07:72:e6:02:
17:ba:d8:39:b6:de:57:e7:10:14:fe:a2:3c:b6:a1:
3f:fc:47:a5:df:d0:21:c1:c5:90:af:8f:2e:36:26:
2b:94:f6:d2:fc:69:7f:c4:db:90:82:02:d6:6f:a0:
0d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5B:80:1B:94:EF:5B:D0:12:4F:02:9C:D7:EA:9F:3E:99:60:E6:2F
X509v3 Authority Key Identifier:
keyid:13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/FluAG5TvW9ASTwKc1-qfPplg5i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.153.0/24
185.51.216.0/22
Signature Algorithm: sha256WithRSAEncryption
23:33:34:a9:af:a0:a4:77:a4:05:11:d4:3b:dd:dd:58:14:41:
09:5b:c4:d0:f7:31:7e:fc:94:92:d6:52:3c:63:6d:53:d7:a0:
90:a4:50:0f:c3:0a:da:87:db:45:8c:a2:ac:39:0c:46:78:97:
51:04:f0:6d:56:a3:5f:56:d4:ee:f7:d6:55:01:bf:ad:3a:f9:
45:78:f4:88:9b:eb:48:2a:70:09:44:3b:75:c1:b2:c4:f6:36:
13:e8:83:5f:48:e9:09:b8:69:18:7a:13:17:74:03:8f:63:bb:
bd:c3:9b:25:75:aa:bf:4e:10:54:ae:ed:64:54:9c:ea:b2:3a:
54:08:e3:5e:8f:7b:94:46:a7:8c:c0:a2:f5:bf:8f:9f:43:59:
8b:6a:50:67:49:5a:fb:b4:c1:4e:ce:3d:25:e8:27:1c:07:6a:
20:fe:20:08:66:30:a5:c6:ed:99:25:9a:0e:c4:8a:14:f7:5e:
f4:29:f4:06:dc:35:4f:bc:c8:4a:4f:f9:64:76:a7:ab:5e:0a:
a2:b2:d9:dd:58:54:7e:b6:2d:2c:ee:6e:ec:99:e7:87:b5:c8:
05:cf:91:52:09:ab:d8:37:6f:46:87:72:6f:14:07:9e:af:c1:
59:99:a1:29:68:54:29:61:30:b4:4a:61:2a:15:b4:9b:cf:1d:
2b:9f:e3:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyCYKaXAmeANm/qEOYmjo1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjBkNTcyODRiZjEyN2MyODE0MGUwNGIyNmE4ZjNlOGJk
ZWYxNzkwHhcNMjMxMjE5MTQwMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjViODAxYjk0ZWY1YmQwMTI0ZjAyOWNkN2VhOWYzZTk5NjBlNjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQnjz/KNM2ZItuEHCCNik2j3c9Sd
xjXD4Gmy+hyEkhJxYYf1YyLSSPqP/Jv5WSejvBK3K2/qN5GHCGzhX2woZWTK1JKE
jPCbwgq3qiY18DJ9YfU0SSTjy8ClCs7L7B8I8wZ4GkjOkWWu5qq3pvPuBIhujceJ
ZP0Fc6rlr3PdZ2rWac+hdy3fTBFZw2QV4zNAhRW4NGKofm8As0N5vxNCjfoWgJi9
EPQYjjVTRGx+AVx7Ps4XTHlkqsSQbDPtg7zMYnW77B1RLydlUZ+eawdy5gIXutg5
tt5X5xAU/qI8tqE//Eel39AhwcWQr48uNiYrlPbS/Gl/xNuQggLWb6ANMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBZbgBuU71vQEk8CnNfqnz6ZYOYvMB8GA1UdIwQY
MBaAFBNg1XKEvxJ8KBQOBLJqjz6L3vF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgt
YWNjMjg3OWY5ZjJlLzEvRmx1QUc1VHZXOUFTVHdLYzEtcWZQcGxnNWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgtYWNjMjg3OWY5ZjJl
LzEvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+yZAwQC
uTPYMA0GCSqGSIb3DQEBCwUAA4IBAQAjMzSpr6Ckd6QFEdQ73d1YFEEJW8TQ9zF+
/JSS1lI8Y21T16CQpFAPwwrah9tFjKKsOQxGeJdRBPBtVqNfVtTu99ZVAb+tOvlF
ePSIm+tIKnAJRDt1wbLE9jYT6INfSOkJuGkYehMXdAOPY7u9w5sldaq/ThBUru1k
VJzqsjpUCONej3uURqeMwKL1v4+fQ1mLalBnSVr7tMFOzj0l6CccB2og/iAIZjCl
xu2ZJZoOxIoU9170KfQG3DVPvMhKT/lkdqerXgqistndWFR+ti0s7m7smeeHtcgF
z5FSCavYN29Gh3JvFAeer8FZmaEpaFQpYTC0SmEqFbSbzx0rn+Mz
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:30:26 2024 by rpki-client on console-ams.rpki-client.org