Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/FlKMsrWHkwbycWor5hl4RQOrHvE.roa
File: FlKMsrWHkwbycWor5hl4RQOrHvE.roa (raw, json)
Hash identifier: 3DQWrXVIHhjvyKkdAZ/v6QUimnEnVK8DegbbEOY/Kpo=
Subject key identifier: 16:52:8C:B2:B5:87:93:06:F2:71:6A:2B:E6:19:78:45:03:AB:1E:F1
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 01856F42AB676A621E01A6224101D9873E2A
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/FlKMsrWHkwbycWor5hl4RQOrHvE.roa
Signing time: Sun 01 Jan 2023 21:35:18 +0000
ROA not before: Sun 01 Jan 2023 21:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208722
IP address blocks: 5.45.192.0/18 maxlen: 24
178.154.128.0/19 maxlen: 24
84.252.160.0/19 maxlen: 24
37.9.64.0/18 maxlen: 24
141.8.128.0/18 maxlen: 24
93.158.128.0/18 maxlen: 24
37.140.128.0/18 maxlen: 24
95.108.128.0/17 maxlen: 24
185.32.187.0/24 maxlen: 24
87.250.224.0/19 maxlen: 24
77.88.0.0/18 maxlen: 24
213.180.192.0/19 maxlen: 24
178.154.160.0/19 maxlen: 24
5.255.192.0/18 maxlen: 24
2a02:6b8::/29 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 May 2023 11:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:ab:67:6a:62:1e:01:a6:22:41:01:d9:87:3e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Jan 1 21:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16528cb2b5879306f2716a2be619784503ab1ef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:25:54:e1:9e:7c:ca:34:59:55:f7:4b:b5:91:
36:f1:20:9c:bf:e5:89:9b:80:ae:85:5e:f6:e2:f0:
22:96:a6:e0:77:e3:25:47:37:9c:61:f5:fa:f4:60:
10:66:f1:60:75:b9:29:a9:7a:15:84:88:3d:04:b3:
3e:9e:f5:15:cf:af:17:2a:b4:ef:e7:80:1d:82:f6:
8c:3c:64:36:86:6f:ed:46:e0:06:92:7b:99:44:48:
e7:00:03:68:f7:3e:5d:89:d4:0d:04:65:5f:5e:e6:
57:74:ac:17:76:f9:06:8c:b8:7e:44:50:f7:bd:cc:
91:53:3e:43:c0:61:6c:8d:c7:7a:8c:1d:68:ba:63:
81:53:48:c3:40:8b:2f:0b:9c:dc:92:ae:ef:c5:04:
c2:f6:d9:8f:f3:5c:af:89:31:eb:ca:20:5d:e1:56:
26:22:73:c9:84:ca:ff:6e:e4:bc:cf:81:9a:04:d2:
42:48:2b:51:6a:93:97:4f:62:cc:7f:f7:56:69:78:
60:44:d9:1a:e2:fa:68:ea:dc:26:7b:7c:ea:9f:54:
8c:5b:65:bf:64:1d:24:84:c9:13:93:e9:55:e8:be:
b7:17:ea:28:c4:55:8d:82:76:90:77:97:54:1a:cc:
2f:2f:c0:ea:5f:21:52:53:30:7f:c7:7c:1d:6e:be:
3e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:52:8C:B2:B5:87:93:06:F2:71:6A:2B:E6:19:78:45:03:AB:1E:F1
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/FlKMsrWHkwbycWor5hl4RQOrHvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.192.0/18
5.255.192.0/18
37.9.64.0/18
37.140.128.0/18
77.88.0.0/18
84.252.160.0/19
87.250.224.0/19
93.158.128.0/18
95.108.128.0/17
141.8.128.0/18
178.154.128.0/18
185.32.187.0/24
213.180.192.0/19
IPv6:
2a02:6b8::/29
Signature Algorithm: sha256WithRSAEncryption
9b:38:cc:d4:ac:d9:20:08:8b:14:b3:8c:ff:c6:4f:2b:a8:d6:
78:d2:cf:2a:00:c1:7c:69:0f:a9:0c:fd:72:40:71:c5:e2:56:
d9:3b:57:8d:eb:4d:c6:d5:2a:76:dd:9d:03:8c:6f:50:76:8e:
a6:57:33:50:24:58:bf:3f:b8:da:54:23:28:79:29:bf:c3:88:
51:7d:19:a4:fa:49:e4:2c:70:96:cc:17:24:2a:2f:f4:5d:6f:
a1:20:ce:39:a2:7a:46:c6:08:c0:ea:f9:86:ad:2b:86:e9:15:
1f:4f:ea:dd:14:7e:66:46:98:4f:39:88:69:d4:e0:3e:b1:e5:
fa:13:a7:d3:a1:3f:f7:6a:73:9e:c5:f8:91:60:65:58:8d:58:
7d:f8:31:93:b3:05:97:f3:46:2f:23:0b:46:aa:3a:8d:6e:24:
7f:1a:a7:0a:5a:22:5f:c3:80:32:7b:0e:25:b7:e3:fb:e5:fa:
40:7d:36:0c:38:ef:24:42:41:80:5d:bf:07:33:3b:71:6d:0b:
d0:a3:60:f4:16:87:d5:6b:a5:a7:e7:bf:92:aa:d9:9a:5c:dc:
bf:68:32:4e:cd:40:e8:a4:b3:6b:42:07:0e:ec:9b:6e:8d:f3:
47:bc:94:cf:77:e1:ee:78:74:d9:52:ad:34:30:9a:19:97:1c:
08:c5:ff:2c
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYVvQqtnamIeAaYiQQHZhz4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjUyOGNiMmI1ODc5MzA2ZjI3MTZhMmJlNjE5Nzg0NTAzYWIxZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSVU4Z58yjRZVfdLtZE28SCcv+WJ
m4CuhV724vAilqbgd+MlRzecYfX69GAQZvFgdbkpqXoVhIg9BLM+nvUVz68XKrTv
54AdgvaMPGQ2hm/tRuAGknuZREjnAANo9z5didQNBGVfXuZXdKwXdvkGjLh+RFD3
vcyRUz5DwGFsjcd6jB1oumOBU0jDQIsvC5zckq7vxQTC9tmP81yviTHryiBd4VYm
InPJhMr/buS8z4GaBNJCSCtRapOXT2LMf/dWaXhgRNka4vpo6twme3zqn1SMW2W/
ZB0khMkTk+lV6L63F+ooxFWNgnaQd5dUGswvL8DqXyFSUzB/x3wdbr4+nQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFBZSjLK1h5MG8nFqK+YZeEUDqx7xMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvRmxLTXNyV0hrd2J5Y1dvcjVobDRSUU9ySHZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQGBS3AAwQG
Bf/AAwQGJQlAAwQGJYyAAwQGTVgAAwQFVPygAwQFV/rgAwQGXZ6AAwQHX2yAAwQG
jQiAAwQGspqAAwQAuSC7AwQF1bTAMA0EAgACMAcDBQMqAga4MA0GCSqGSIb3DQEB
CwUAA4IBAQCbOMzUrNkgCIsUs4z/xk8rqNZ40s8qAMF8aQ+pDP1yQHHF4lbZO1eN
603G1Sp23Z0DjG9Qdo6mVzNQJFi/P7jaVCMoeSm/w4hRfRmk+knkLHCWzBckKi/0
XW+hIM45onpGxgjA6vmGrSuG6RUfT+rdFH5mRphPOYhp1OA+seX6E6fToT/3anOe
xfiRYGVYjVh9+DGTswWX80YvIwtGqjqNbiR/GqcKWiJfw4Ayew4lt+P75fpAfTYM
OO8kQkGAXb8HMztxbQvQo2D0FofVa6Wn57+SqtmaXNy/aDJOzUDopLNrQgcO7Jtu
jfNHvJTPd+HueHTZUq00MJoZlxwIxf8s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:58 2024 by rpki-client on console-fra.rpki-client.org