Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/fksoAThrsvC7DgUgIBej0vcUs3Q.roa
File: fksoAThrsvC7DgUgIBej0vcUs3Q.roa (raw, json)
Hash identifier: khvn4dvRmSvlanc4qdzRI0z7bAmU8Kxx+I/ptfWNuFo=
Subject key identifier: 7E:4B:28:01:38:6B:B2:F0:BB:0E:05:20:20:17:A3:D2:F7:14:B3:74
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 018CC2DAD2DB12692A4F94E93B0710C19A2C
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/fksoAThrsvC7DgUgIBej0vcUs3Q.roa
Signing time: Mon 01 Jan 2024 02:29:29 +0000
ROA not before: Mon 01 Jan 2024 02:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20880
IP address blocks: 158.181.68.0/22 maxlen: 22
158.181.76.0/22 maxlen: 22
158.181.72.0/22 maxlen: 22
158.181.80.0/20 maxlen: 20
158.181.80.0/22 maxlen: 22
82.119.0.0/19 maxlen: 19
82.119.0.0/20 maxlen: 20
82.119.16.0/20 maxlen: 20
62.117.16.0/20 maxlen: 20
158.181.64.0/19 maxlen: 19
158.181.64.0/20 maxlen: 20
5.28.64.0/19 maxlen: 19
5.28.64.0/18 maxlen: 18
89.16.128.0/19 maxlen: 19
89.16.128.0/20 maxlen: 20
89.16.144.0/20 maxlen: 20
5.28.96.0/19 maxlen: 19
185.9.224.0/22 maxlen: 22
62.117.0.192/28 maxlen: 28
86.56.64.0/18 maxlen: 18
37.120.64.0/18 maxlen: 18
62.117.0.128/26 maxlen: 26
62.117.0.0/19 maxlen: 20
62.117.0.0/20 maxlen: 24
37.120.0.0/17 maxlen: 17
37.120.0.0/18 maxlen: 18
86.56.0.0/17 maxlen: 17
86.56.0.0/18 maxlen: 18
2a02:2450::/32 maxlen: 32
2a02:2454::/33 maxlen: 33
2a02:2450::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 15 Feb 2024 09:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:d2:db:12:69:2a:4f:94:e9:3b:07:10:c1:9a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 1 02:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e4b2801386bb2f0bb0e05202017a3d2f714b374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:dc:31:e0:0a:b1:4b:58:8a:3f:8b:e6:92:b0:
b5:c0:7b:56:90:e2:a9:f5:ca:cc:92:c8:68:a3:df:
ca:1f:54:4b:fe:87:34:34:16:49:a3:d8:90:2e:03:
b4:3d:92:44:bd:98:ae:34:f2:59:db:e2:17:f0:d2:
06:77:d0:f3:b4:5e:9b:22:a4:c2:ca:83:77:90:da:
04:d0:eb:1f:f5:40:a3:f8:cc:82:54:b9:6a:4d:76:
fc:53:31:bb:63:e5:88:0a:72:85:bc:9c:57:75:54:
c0:2c:4e:20:3c:61:52:26:f1:dc:c7:d3:7a:98:5e:
25:81:8f:5c:db:51:84:10:1c:c8:ce:2f:04:bd:04:
98:2d:0e:de:9b:1e:20:05:e3:43:dc:91:11:60:b9:
a5:0b:83:44:40:23:aa:c1:9e:1e:55:02:c0:a3:cf:
fa:19:91:eb:8d:2e:90:03:02:09:2d:00:20:e2:c9:
57:99:a2:72:0b:05:2a:0b:8a:8f:52:a9:f1:24:f9:
7f:63:bc:a4:ad:5f:df:31:4c:fc:56:d3:35:b2:e5:
77:9a:3e:ea:a4:23:12:85:9c:5d:7c:98:f1:af:67:
2f:5c:2d:7a:57:32:01:b1:3c:e3:e2:41:ab:52:e0:
9b:e6:ed:ba:9c:7c:a4:b5:63:07:1d:40:51:8a:2f:
13:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4B:28:01:38:6B:B2:F0:BB:0E:05:20:20:17:A3:D2:F7:14:B3:74
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/fksoAThrsvC7DgUgIBej0vcUs3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
62.117.0.0/19
82.119.0.0/19
86.56.0.0/17
89.16.128.0/19
158.181.64.0/19
185.9.224.0/22
IPv6:
2a02:2450::/29
Signature Algorithm: sha256WithRSAEncryption
25:b7:df:a9:7b:0b:6f:82:bc:a6:a2:23:49:70:be:b6:85:f4:
d3:eb:c4:f2:6f:a4:40:28:49:df:c7:5f:e8:60:f9:d2:de:ef:
63:d1:6f:68:6b:82:54:e6:1d:d4:e1:28:ee:57:b6:d3:58:46:
f6:db:16:03:c3:0e:ef:72:79:24:93:9e:0f:08:b4:b7:4d:2f:
f4:7b:98:be:8f:f6:aa:d0:bb:89:90:45:a7:9e:fb:c2:1b:18:
a3:64:c8:90:84:2c:85:af:c7:85:aa:21:ac:c1:0b:f5:48:38:
78:4b:06:fc:82:dd:6d:70:b8:5b:0f:13:d0:ba:bc:1d:cf:67:
c0:6c:72:10:ba:40:30:08:bf:f6:ae:94:15:d2:22:a2:14:70:
b3:bd:40:9d:60:5c:e1:60:19:46:a9:7e:91:5e:e6:e8:61:c3:
76:4e:c4:dc:d9:f5:ce:6f:c0:30:5b:c2:42:6e:3f:ea:a8:a8:
b1:9e:cc:49:3f:9d:86:24:2d:5d:c0:21:cd:53:bf:a4:70:59:
c4:1e:bf:fe:9b:4e:30:d1:42:97:4b:74:e3:81:74:1c:18:91:
97:f7:c0:db:0a:12:95:b0:29:ae:c1:03:c0:17:87:43:36:b9:
e9:ff:3b:d0:08:9b:56:04:53:74:d8:45:20:5b:9f:2c:be:62:
80:c0:9b:4e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzC2tLbEmkqT5TpOwcQwZosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjQwMTAxMDIyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTRiMjgwMTM4NmJiMmYwYmIwZTA1MjAyMDE3YTNkMmY3MTRiMzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dwx4AqxS1iKP4vmkrC1wHtWkOKp
9crMkshoo9/KH1RL/oc0NBZJo9iQLgO0PZJEvZiuNPJZ2+IX8NIGd9DztF6bIqTC
yoN3kNoE0Osf9UCj+MyCVLlqTXb8UzG7Y+WICnKFvJxXdVTALE4gPGFSJvHcx9N6
mF4lgY9c21GEEBzIzi8EvQSYLQ7emx4gBeND3JERYLmlC4NEQCOqwZ4eVQLAo8/6
GZHrjS6QAwIJLQAg4slXmaJyCwUqC4qPUqnxJPl/Y7ykrV/fMUz8VtM1suV3mj7q
pCMShZxdfJjxr2cvXC16VzIBsTzj4kGrUuCb5u26nHyktWMHHUBRii8TqQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFH5LKAE4a7Lwuw4FICAXo9L3FLN0MB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvZmtzb0FUaHJzdkM3RGdVZ0lCZWowdmNVczNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQGBRxAAwQH
JXgAAwQFPnUAAwQFUncAAwQHVjgAAwQFWRCAAwQFnrVAAwQCuQngMA0EAgACMAcD
BQMqAiRQMA0GCSqGSIb3DQEBCwUAA4IBAQAlt9+pewtvgrymoiNJcL62hfTT68Ty
b6RAKEnfx1/oYPnS3u9j0W9oa4JU5h3U4SjuV7bTWEb22xYDww7vcnkkk54PCLS3
TS/0e5i+j/aq0LuJkEWnnvvCGxijZMiQhCyFr8eFqiGswQv1SDh4Swb8gt1tcLhb
DxPQurwdz2fAbHIQukAwCL/2rpQV0iKiFHCzvUCdYFzhYBlGqX6RXuboYcN2TsTc
2fXOb8AwW8JCbj/qqKixnsxJP52GJC1dwCHNU7+kcFnEHr/+m04w0UKXS3TjgXQc
GJGX98DbChKVsCmuwQPAF4dDNrnp/zvQCJtWBFN02EUgW58svmKAwJtO
-----END CERTIFICATE-----
Generated at Thu Feb 15 13:09:23 2024 by rpki-client on console-fra.rpki-client.org