Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/FLpV_eNcxJSg-iSfQceH7gkBmao.roa
File: FLpV_eNcxJSg-iSfQceH7gkBmao.roa (raw, json)
Hash identifier: QDZB0UGPBM4TcTzHH/hRArz4YiYhefiVrN+SGUnaCK8=
Subject key identifier: 14:BA:55:FD:E3:5C:C4:94:A0:FA:24:9F:41:C7:87:EE:09:01:99:AA
Certificate issuer: /CN=04c5f1d1779eb709090365db982917adfd0f8049
Certificate serial: 01857227F8C93274BE1A2FA295198B861039
Authority key identifier: 04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/FLpV_eNcxJSg-iSfQceH7gkBmao.roa
Signing time: Mon 02 Jan 2023 11:05:00 +0000
ROA not before: Mon 02 Jan 2023 11:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39358
IP address blocks: 195.114.107.0/24 maxlen: 24
195.114.106.0/24 maxlen: 24
195.114.106.0/23 maxlen: 24
194.126.231.0/24 maxlen: 24
2001:67c:3e9::/48 maxlen: 48
2001:67c:3e8::/48 maxlen: 48
2001:67c:3e8::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:f8:c9:32:74:be:1a:2f:a2:95:19:8b:86:10:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04c5f1d1779eb709090365db982917adfd0f8049
Validity
Not Before: Jan 2 11:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14ba55fde35cc494a0fa249f41c787ee090199aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1f:65:54:b0:79:2b:73:f2:63:d5:1e:b0:11:
de:df:d8:6d:db:72:fa:c5:cb:ac:f1:cf:20:ba:ae:
2b:aa:69:d5:0b:a5:46:1a:48:e6:52:b7:4e:70:f3:
69:7e:c6:c0:7d:36:b1:77:22:c0:43:b0:2a:fc:96:
38:c5:c9:cf:ed:ff:66:c8:f5:d0:19:ce:a3:17:01:
83:5f:46:59:ef:be:9f:e7:60:ef:14:88:b9:18:c5:
a9:57:b5:d2:16:bc:66:08:38:98:26:84:ca:92:d5:
66:8e:0c:33:33:b0:ba:17:74:c5:06:69:96:e0:97:
10:d0:d0:75:93:46:94:54:fe:0e:ea:f7:ef:2c:8b:
c3:da:ab:0f:fe:c4:8d:dc:ca:20:c9:f2:96:75:2b:
f3:ac:83:50:97:90:06:b4:45:41:df:83:e3:d9:76:
77:b1:c0:ea:dc:6e:e2:75:7f:32:71:1f:84:d0:01:
b0:45:fd:2d:47:81:3f:32:74:9a:97:ba:2d:88:b9:
24:03:bf:0e:b2:32:74:76:d0:29:7d:c2:54:3f:e3:
e1:53:81:af:b5:cc:eb:aa:c7:72:3e:3a:46:23:11:
d5:7b:4a:f4:83:39:e3:27:59:b3:21:59:60:f0:b1:
0c:62:4f:7b:55:5b:ff:b9:c5:36:c8:49:d5:29:16:
b9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:BA:55:FD:E3:5C:C4:94:A0:FA:24:9F:41:C7:87:EE:09:01:99:AA
X509v3 Authority Key Identifier:
keyid:04:C5:F1:D1:77:9E:B7:09:09:03:65:DB:98:29:17:AD:FD:0F:80:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMXx0XeetwkJA2XbmCkXrf0PgEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/FLpV_eNcxJSg-iSfQceH7gkBmao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/70b33b-d1eb-4bbb-97d6-0592453df7d2/1/BMXx0XeetwkJA2XbmCkXrf0PgEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.231.0/24
195.114.106.0/23
IPv6:
2001:67c:3e8::/47
Signature Algorithm: sha256WithRSAEncryption
65:7b:c8:49:69:a7:cd:14:7d:b3:36:b7:be:2d:78:2f:07:52:
21:d6:ec:eb:0d:eb:35:e5:88:f8:41:af:8f:3c:93:75:0c:0e:
66:0b:f6:27:d5:d1:29:90:c0:6e:22:7d:ef:a9:ef:7e:ce:46:
25:8f:25:c8:7f:3f:96:5e:8e:6f:d9:8e:62:7a:a2:5d:06:40:
bc:a6:8d:ab:00:bf:7c:54:27:32:b7:77:f4:ba:71:8c:2e:b8:
d8:b3:02:22:fb:12:05:7d:b5:d2:0d:03:5b:f2:9c:71:ff:c0:
3d:27:a4:da:36:01:c5:90:25:47:aa:39:a1:17:7a:01:1e:09:
75:06:b0:5d:7b:c9:55:3a:ba:60:39:e1:f3:86:c3:10:bd:59:
f9:98:78:0a:59:47:b0:c6:5b:7e:a9:b9:01:6e:86:6a:d8:f4:
80:af:6f:53:e7:d7:0d:79:7f:71:90:0d:6c:49:29:a1:ae:02:
f0:3f:fd:87:04:e5:cd:86:e4:b1:8c:18:c3:9f:14:72:d7:cb:
fa:39:9c:97:8e:6e:84:08:02:38:c8:0a:11:54:69:c9:a4:30:
94:2f:55:1e:11:5f:d6:9f:72:f6:6f:fa:dc:07:1e:60:53:1b:
fa:98:92:f5:a1:2f:90:ee:33:ce:dc:5b:bf:82:46:af:9e:e4:
80:74:49:3b
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVyJ/jJMnS+Gi+ilRmLhhA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YzVmMWQxNzc5ZWI3MDkwOTAzNjVkYjk4MjkxN2FkZmQw
ZjgwNDkwHhcNMjMwMTAyMTEwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGJhNTVmZGUzNWNjNDk0YTBmYTI0OWY0MWM3ODdlZTA5MDE5OWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmh9lVLB5K3PyY9UesBHe39ht23L6
xcus8c8guq4rqmnVC6VGGkjmUrdOcPNpfsbAfTaxdyLAQ7Aq/JY4xcnP7f9myPXQ
Gc6jFwGDX0ZZ776f52DvFIi5GMWpV7XSFrxmCDiYJoTKktVmjgwzM7C6F3TFBmmW
4JcQ0NB1k0aUVP4O6vfvLIvD2qsP/sSN3MogyfKWdSvzrINQl5AGtEVB34Pj2XZ3
scDq3G7idX8ycR+E0AGwRf0tR4E/MnSal7otiLkkA78OsjJ0dtApfcJUP+PhU4Gv
tczrqsdyPjpGIxHVe0r0gznjJ1mzIVlg8LEMYk97VVv/ucU2yEnVKRa5GwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBS6Vf3jXMSUoPokn0HHh+4JAZmqMB8GA1UdIwQY
MBaAFATF8dF3nrcJCQNl25gpF639D4BJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYt
MDU5MjQ1M2RmN2QyLzEvRkxwVl9lTmN4SlNnLWlTZlFjZUg3Z2tCbWFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83MGIzM2ItZDFlYi00YmJiLTk3ZDYtMDU5MjQ1M2RmN2Qy
LzEvQk1YeDBYZWV0d2tKQTJYYm1Da1hyZjBQZ0VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwn7nAwQB
w3JqMA8EAgACMAkDBwEgAQZ8A+gwDQYJKoZIhvcNAQELBQADggEBAGV7yElpp80U
fbM2t74teC8HUiHW7OsN6zXliPhBr488k3UMDmYL9ifV0SmQwG4ife+p737ORiWP
Jch/P5Zejm/ZjmJ6ol0GQLymjasAv3xUJzK3d/S6cYwuuNizAiL7EgV9tdINA1vy
nHH/wD0npNo2AcWQJUeqOaEXegEeCXUGsF17yVU6umA54fOGwxC9WfmYeApZR7DG
W36puQFuhmrY9ICvb1Pn1w15f3GQDWxJKaGuAvA//YcE5c2G5LGMGMOfFHLXy/o5
nJeOboQIAjjIChFUacmkMJQvVR4RX9afcvZv+twHHmBTG/qYkvWhL5DuM87cW7+C
Rq+e5IB0STs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:16:56 2024 by rpki-client on console-ams.rpki-client.org