Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/F5KWJPQiSOJwxA1dah-j-lw9H8c.roa
File: F5KWJPQiSOJwxA1dah-j-lw9H8c.roa (raw, json)
Hash identifier: KrTptiBWw2CMo/zFnINmK4kPUpeUXmURZmEnWzeLu00=
Subject key identifier: 17:92:96:24:F4:22:48:E2:70:C4:0D:5D:6A:1F:A3:FA:5C:3D:1F:C7
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018A767E71093CE94AFDFC65A26CFF7A09E4
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/F5KWJPQiSOJwxA1dah-j-lw9H8c.roa
Signing time: Fri 08 Sep 2023 20:31:52 +0000
ROA not before: Fri 08 Sep 2023 20:31:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 185.174.137.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
2a0e:d607::/48 maxlen: 48
2a0e:d602:3::/48 maxlen: 48
2a0e:d602:2::/48 maxlen: 48
2a0e:d606::/48 maxlen: 48
2a0e:d602:1::/48 maxlen: 48
2a0e:d602::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:76:7e:71:09:3c:e9:4a:fd:fc:65:a2:6c:ff:7a:09:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 8 20:31:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17929624f42248e270c40d5d6a1fa3fa5c3d1fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:61:0e:f3:7d:de:88:7a:0f:ec:26:57:df:be:
a5:5e:5a:81:d5:20:27:b6:6b:5d:07:ca:64:f9:9e:
76:65:8e:e0:3a:aa:8e:7b:f2:01:74:da:43:c9:6d:
86:84:cc:8a:ac:0a:5c:b5:65:e0:38:68:bd:79:de:
8a:4c:7f:c1:bc:90:10:95:57:76:f1:88:72:e1:77:
41:4e:2f:8d:99:88:6a:81:74:7d:01:ba:50:3d:b6:
5e:23:3d:9a:13:6b:8c:f5:31:21:38:d2:18:3e:ed:
dc:c1:cc:7c:50:5d:e1:db:e3:59:72:1b:90:fa:4e:
dd:93:ea:0e:26:0e:65:8a:f6:17:3c:de:d3:a8:8a:
06:0d:dd:8a:32:66:74:54:47:f5:d5:96:80:bc:95:
d7:21:7d:70:c5:52:84:a6:51:2f:a3:52:1f:23:2e:
cb:75:28:bc:97:a4:ce:43:a4:c6:a6:05:e5:da:45:
6e:8a:e0:4c:0f:ff:45:1d:c1:16:cd:8d:c5:9a:a2:
b9:e7:5d:a0:e9:38:9c:cc:d9:0e:7e:9c:17:d0:24:
43:62:3b:3f:d1:bc:03:78:f8:a8:19:5e:f7:14:ed:
07:04:ce:07:f5:4f:1d:c0:fa:f3:de:6b:67:8c:ad:
43:23:bb:7a:05:71:b7:81:41:69:7b:45:75:49:80:
93:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:92:96:24:F4:22:48:E2:70:C4:0D:5D:6A:1F:A3:FA:5C:3D:1F:C7
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/F5KWJPQiSOJwxA1dah-j-lw9H8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
185.17.0.0/24
185.106.94.0/24
185.112.83.0/24
185.174.136.0/23
185.229.65.0-185.229.66.255
194.67.201.0/24
IPv6:
2a0e:d602::/46
2a0e:d606::/48
2a0e:d607::/48
Signature Algorithm: sha256WithRSAEncryption
8b:40:67:22:98:a0:71:40:16:9d:3b:a8:4c:4c:2d:51:21:26:
f9:fa:51:6e:a0:d4:fc:73:ef:17:f1:06:a1:02:bb:78:71:ac:
8e:1f:9a:f6:f3:31:08:a7:40:28:1e:f0:5f:7a:7e:17:8d:94:
2a:08:27:cf:b4:cf:94:f4:00:2f:4a:7b:d1:0f:25:b7:1b:5c:
35:c1:c9:7e:22:1f:1a:2c:2d:8b:6d:1a:bf:a6:88:cb:f3:5a:
ec:21:82:6d:b6:cc:99:82:fe:7d:5b:73:64:5f:fb:67:1c:79:
c6:3b:85:3e:ce:3e:97:5e:a3:a9:cd:dd:49:12:bc:00:7b:f4:
82:d5:8b:3b:05:54:19:01:ba:b7:5c:77:2e:ab:d4:9b:22:47:
00:1c:6c:08:37:71:ac:a5:87:31:47:45:9a:a1:bf:77:df:1e:
dd:5a:0b:cf:e4:ac:dd:2b:78:ed:46:2a:52:46:f8:25:52:7d:
80:d6:64:5a:d7:76:c3:38:57:60:9d:ff:e6:ec:41:f8:55:f0:
2e:de:d3:cc:66:18:16:73:3d:d7:e1:e6:95:83:83:80:6b:f7:
2c:33:1a:02:7a:b2:77:eb:d7:27:f2:9e:c9:03:bf:8a:4c:97:
b5:0d:10:8a:cf:f3:5b:5b:2d:de:b0:f7:cb:ba:f9:12:dd:f6:
1e:2d:91:18
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYp2fnEJPOlK/fxlomz/egnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwOTA4MjAzMTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzkyOTYyNGY0MjI0OGUyNzBjNDBkNWQ2YTFmYTNmYTVjM2QxZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWEO833eiHoP7CZX376lXlqB1SAn
tmtdB8pk+Z52ZY7gOqqOe/IBdNpDyW2GhMyKrApctWXgOGi9ed6KTH/BvJAQlVd2
8Yhy4XdBTi+NmYhqgXR9AbpQPbZeIz2aE2uM9TEhONIYPu3cwcx8UF3h2+NZchuQ
+k7dk+oOJg5livYXPN7TqIoGDd2KMmZ0VEf11ZaAvJXXIX1wxVKEplEvo1IfIy7L
dSi8l6TOQ6TGpgXl2kVuiuBMD/9FHcEWzY3FmqK5512g6TiczNkOfpwX0CRDYjs/
0bwDePioGV73FO0HBM4H9U8dwPrz3mtnjK1DI7t6BXG3gUFpe0V1SYCT+QIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFBeSliT0IkjicMQNXWofo/pcPR/HMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvRjVLV0pQUWlTT0p3eEExZGFoLWotbHc5SDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBEBAIAATA+AwQABfx2AwQA
LYpKAwQALY56AwQAuREAAwQAuWpeAwQAuXBTAwQBua6IMAwDBAC55UEDBAC55UID
BADCQ8kwIQQCAAIwGwMHAioO1gIAAAMHACoO1gYAAAMHACoO1gcAADANBgkqhkiG
9w0BAQsFAAOCAQEAi0BnIpigcUAWnTuoTEwtUSEm+fpRbqDU/HPvF/EGoQK7eHGs
jh+a9vMxCKdAKB7wX3p+F42UKggnz7TPlPQAL0p70Q8ltxtcNcHJfiIfGiwti20a
v6aIy/Na7CGCbbbMmYL+fVtzZF/7Zxx5xjuFPs4+l16jqc3dSRK8AHv0gtWLOwVU
GQG6t1x3LqvUmyJHABxsCDdxrKWHMUdFmqG/d98e3VoLz+Ss3St47UYqUkb4JVJ9
gNZkWtd2wzhXYJ3/5uxB+FXwLt7TzGYYFnM91+HmlYODgGv3LDMaAnqyd+vXJ/Ke
yQO/ikyXtQ0Qis/zW1st3rD3y7r5Et32Hi2RGA==
-----END CERTIFICATE-----
Generated at Wed Nov 15 23:56:22 2023 by rpki-client on console-fra.rpki-client.org