Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/FDxg7K5J6nthqWajACcDHlF-frM.roa
File: FDxg7K5J6nthqWajACcDHlF-frM.roa (raw, json)
Hash identifier: 5YfAgSl4xiA7x+vMb8IJvi2zh0yKYwN0g0+MOKj0KU8=
Subject key identifier: 14:3C:60:EC:AE:49:EA:7B:61:A9:66:A3:00:27:03:1E:51:7E:7E:B3
Certificate issuer: /CN=c1e2464dd6d042309515f7e5b64ea65c089b4616
Certificate serial: 018572B40AA77C8D060BFD28BD2455CC8AD1
Authority key identifier: C1:E2:46:4D:D6:D0:42:30:95:15:F7:E5:B6:4E:A6:5C:08:9B:46:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/weJGTdbQQjCVFffltk6mXAibRhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/FDxg7K5J6nthqWajACcDHlF-frM.roa
Signing time: Mon 02 Jan 2023 13:37:59 +0000
ROA not before: Mon 02 Jan 2023 13:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198736
IP address blocks: 131.117.184.0/21 maxlen: 21
77.232.168.0/21 maxlen: 21
149.255.120.0/21 maxlen: 21
77.111.238.0/23 maxlen: 23
77.111.237.0/24 maxlen: 24
77.111.236.0/24 maxlen: 24
185.7.244.0/22 maxlen: 22
82.163.232.0/22 maxlen: 22
82.163.128.0/22 maxlen: 22
95.141.160.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 26 Jul 2023 08:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:0a:a7:7c:8d:06:0b:fd:28:bd:24:55:cc:8a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1e2464dd6d042309515f7e5b64ea65c089b4616
Validity
Not Before: Jan 2 13:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=143c60ecae49ea7b61a966a30027031e517e7eb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2e:ae:af:98:a4:d5:91:65:47:57:f7:81:9e:
d7:75:c2:fc:42:20:76:d3:e1:4d:b5:3c:fd:e9:9b:
1e:9d:1d:56:3c:3a:68:d4:ba:d4:4b:6e:5d:79:17:
e5:52:c9:c7:5c:6e:73:db:09:99:98:aa:c0:af:ac:
33:45:2a:65:4d:4d:41:91:ef:29:76:0d:39:58:66:
29:2a:ca:a3:71:6c:d2:43:24:80:0f:fe:f0:22:a0:
20:ac:19:d1:0c:08:1e:f9:55:da:28:c2:94:2a:e7:
dc:ea:6b:50:ee:03:46:ae:cc:88:50:20:e1:d6:db:
cc:ef:d9:97:f0:ac:85:07:15:a7:e9:45:14:bf:1d:
22:dc:f4:82:65:34:d9:e5:59:0c:ea:66:46:6e:75:
bb:53:3f:d9:58:bb:76:2b:cf:55:ae:e9:25:ed:ce:
8f:85:54:56:f8:11:35:15:b4:3b:43:c0:34:5b:36:
17:e0:c7:42:db:9c:58:90:50:3b:f2:dd:d5:9f:80:
99:e5:61:43:10:ea:c9:b6:33:31:52:21:b2:dc:f3:
60:ca:37:92:e4:9f:bb:70:1d:85:2d:ed:fa:2b:e3:
5c:8f:15:d6:7c:db:b8:cf:92:47:43:a9:c9:5e:b2:
f2:c3:9f:c2:ce:68:5c:21:d0:49:55:15:e1:03:a6:
96:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:3C:60:EC:AE:49:EA:7B:61:A9:66:A3:00:27:03:1E:51:7E:7E:B3
X509v3 Authority Key Identifier:
keyid:C1:E2:46:4D:D6:D0:42:30:95:15:F7:E5:B6:4E:A6:5C:08:9B:46:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/weJGTdbQQjCVFffltk6mXAibRhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/FDxg7K5J6nthqWajACcDHlF-frM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/256fab-de97-4679-a465-b96d6714a174/1/weJGTdbQQjCVFffltk6mXAibRhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.236.0/22
77.232.168.0/21
82.163.128.0/22
82.163.232.0/22
95.141.160.0/20
131.117.184.0/21
149.255.120.0/21
185.7.244.0/22
Signature Algorithm: sha256WithRSAEncryption
67:44:ec:c0:92:0f:a3:b5:53:7d:dd:57:d6:4a:cc:e0:74:aa:
89:5f:f5:1a:d7:2c:77:c6:8e:7d:d4:ea:c4:dd:75:03:b7:bc:
ef:34:83:f0:1e:88:e4:18:87:aa:69:9b:e9:8e:ce:f4:3e:c8:
1d:82:5e:28:a3:c7:22:d8:0d:ff:74:e4:0f:25:08:6b:9a:ac:
3f:31:d2:00:97:a8:43:ff:57:61:f6:7c:4a:6b:a7:85:fc:ed:
c1:73:e5:a6:76:6c:ab:2e:a6:3a:eb:7a:bb:38:2a:c3:7d:21:
fd:f3:27:d6:79:14:9e:b2:0a:29:c4:45:cb:03:82:39:d6:eb:
0b:7d:9e:a3:ee:c1:9d:07:f5:cf:c8:3f:dd:6d:ca:6a:bf:0e:
a9:da:a1:e2:d9:9d:4c:22:d2:fa:e5:7f:94:e2:cc:9d:8e:bd:
9c:76:21:7a:ca:5d:96:96:67:fe:d2:6b:54:6f:e6:2b:ce:82:
af:74:5e:47:e2:1a:ea:88:4d:df:1f:20:4e:ce:85:46:e1:4d:
d6:c9:75:e2:d1:63:5a:ce:57:49:37:03:43:8e:ce:5e:01:93:
ac:1f:0c:e9:e3:74:6b:e0:f3:5e:e2:36:f9:eb:d6:eb:b9:b9:
cd:4b:09:26:91:cb:8a:15:3a:9a:0a:28:72:0e:f0:05:bc:db:
92:37:42:34
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVytAqnfI0GC/0ovSRVzIrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZTI0NjRkZDZkMDQyMzA5NTE1ZjdlNWI2NGVhNjVjMDg5
YjQ2MTYwHhcNMjMwMTAyMTMzNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDNjNjBlY2FlNDllYTdiNjFhOTY2YTMwMDI3MDMxZTUxN2U3ZWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS6ur5ik1ZFlR1f3gZ7XdcL8QiB2
0+FNtTz96ZsenR1WPDpo1LrUS25deRflUsnHXG5z2wmZmKrAr6wzRSplTU1Bke8p
dg05WGYpKsqjcWzSQySAD/7wIqAgrBnRDAge+VXaKMKUKufc6mtQ7gNGrsyIUCDh
1tvM79mX8KyFBxWn6UUUvx0i3PSCZTTZ5VkM6mZGbnW7Uz/ZWLt2K89Vrukl7c6P
hVRW+BE1FbQ7Q8A0WzYX4MdC25xYkFA78t3Vn4CZ5WFDEOrJtjMxUiGy3PNgyjeS
5J+7cB2FLe36K+NcjxXWfNu4z5JHQ6nJXrLyw5/CzmhcIdBJVRXhA6aWEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBQ8YOyuSep7YalmowAnAx5Rfn6zMB8GA1UdIwQY
MBaAFMHiRk3W0EIwlRX35bZOplwIm0YWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2VKR1RkYlFRakNWRmZmbHRrNm1YQWliUmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNTZmYWItZGU5Ny00Njc5LWE0NjUt
Yjk2ZDY3MTRhMTc0LzEvRkR4ZzdLNUo2bnRocVdhakFDY0RIbEYtZnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNTZmYWItZGU5Ny00Njc5LWE0NjUtYjk2ZDY3MTRhMTc0
LzEvd2VKR1RkYlFRakNWRmZmbHRrNm1YQWliUmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCTW/sAwQD
TeioAwQCUqOAAwQCUqPoAwQEX42gAwQDg3W4AwQDlf94AwQCuQf0MA0GCSqGSIb3
DQEBCwUAA4IBAQBnROzAkg+jtVN93VfWSszgdKqJX/Ua1yx3xo591OrE3XUDt7zv
NIPwHojkGIeqaZvpjs70Psgdgl4oo8ci2A3/dOQPJQhrmqw/MdIAl6hD/1dh9nxK
a6eF/O3Bc+WmdmyrLqY663q7OCrDfSH98yfWeRSesgopxEXLA4I51usLfZ6j7sGd
B/XPyD/dbcpqvw6p2qHi2Z1MItL65X+U4sydjr2cdiF6yl2Wlmf+0mtUb+YrzoKv
dF5H4hrqiE3fHyBOzoVG4U3WyXXi0WNazldJNwNDjs5eAZOsHwzp43Rr4PNe4jb5
69brubnNSwkmkcuKFTqaCihyDvAFvNuSN0I0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:21 2024 by rpki-client on console-ams.rpki-client.org