Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fnlancSAKr8e4un4fwlTqPocKo8.roa
File: fnlancSAKr8e4un4fwlTqPocKo8.roa (raw, json)
Hash identifier: nFUF36iYWHuQ+nzkLmcpcfFJuOIunCTbWpE2Ow6KBJY=
Subject key identifier: 7E:79:5A:9D:C4:80:2A:BF:1E:E2:E9:F8:7F:09:53:A8:FA:1C:2A:8F
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018B6155D2C8599D434D5DD9FCF6B88CF15A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fnlancSAKr8e4un4fwlTqPocKo8.roa
Signing time: Tue 24 Oct 2023 10:58:16 +0000
ROA not before: Tue 24 Oct 2023 10:58:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213005
IP address blocks: 93.92.228.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
185.211.180.0/22 maxlen: 22
185.106.124.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
81.21.228.0/22 maxlen: 24
185.245.34.0/23 maxlen: 23
185.227.128.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
212.80.208.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 11:51:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:55:d2:c8:59:9d:43:4d:5d:d9:fc:f6:b8:8c:f1:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 24 10:58:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e795a9dc4802abf1ee2e9f87f0953a8fa1c2a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:30:5b:cd:12:3c:05:31:1e:7e:d0:3b:66:
3e:c3:8f:33:95:b5:4c:45:28:97:85:32:5c:1f:9c:
b9:9c:29:01:2c:a7:91:38:29:74:db:dd:40:13:fa:
a7:c1:43:09:0c:c3:03:00:fc:ed:15:3e:5f:c0:23:
b4:b2:4f:05:50:7c:79:b4:91:8e:ee:16:5d:e0:b9:
06:31:40:e3:a9:22:9a:20:3e:4b:e9:fb:6b:d2:3b:
88:cb:ab:f7:c3:b0:d4:1a:6d:a4:82:8d:be:d3:b8:
b3:81:1b:7c:95:ec:d2:0d:9b:ae:4d:68:3b:39:bd:
e3:81:13:36:5c:25:a4:cf:6a:5b:8a:22:c6:3c:31:
2c:ba:88:57:74:bb:a7:0d:c0:c2:81:03:4c:89:d0:
bd:4e:e3:55:91:45:a9:b6:b0:50:a2:10:b2:27:9c:
de:3e:8c:b3:fc:a4:41:4d:7d:70:10:9f:97:cd:e7:
02:11:44:2b:d9:34:5d:0a:3e:21:29:9a:f3:f8:04:
c0:1b:50:ab:7a:31:56:e3:a0:0c:d1:92:ce:4d:83:
0c:06:08:b4:9f:93:d6:5e:27:8a:ca:e1:17:72:05:
8d:a4:79:2d:8b:8f:6d:c2:6f:ef:b9:e6:9a:f7:26:
fa:20:20:6a:e7:97:51:3d:4c:0e:5b:cc:7f:ca:3e:
2f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:79:5A:9D:C4:80:2A:BF:1E:E2:E9:F8:7F:09:53:A8:FA:1C:2A:8F
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/fnlancSAKr8e4un4fwlTqPocKo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.228.0/22
85.115.192.0/22
92.60.34.0/24
93.92.228.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.245.34.0/23
194.38.56.0/22
212.80.208.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:4d:11:29:d1:f1:60:a7:e1:b1:37:ec:43:0d:94:f4:da:3e:
ec:16:8b:02:ae:f6:02:8d:ca:2a:1c:b4:c3:e1:78:55:94:bf:
da:30:4f:36:f9:5f:75:ce:30:3a:94:29:bd:c9:07:d2:bd:38:
25:d3:ff:f0:74:8e:57:bd:64:a1:9e:b9:31:b8:84:c1:9b:45:
86:ef:8a:a1:42:39:9e:96:c1:5b:1c:57:86:e6:f1:48:12:bc:
24:88:f4:93:32:1c:de:5a:d7:96:06:ca:a0:18:47:80:83:28:
0f:2d:f5:76:b3:5f:3c:26:a4:cf:36:eb:e0:da:8f:ef:b4:08:
e2:14:f8:ab:db:4d:cb:85:b0:c6:5f:45:dd:a2:1d:22:80:e6:
5c:45:a5:94:0a:eb:7d:2b:cb:11:45:e6:b7:a1:43:3c:bc:0c:
39:ce:c8:34:6e:5c:49:4c:75:78:77:d3:98:4e:95:44:4e:e1:
f7:44:90:cc:0a:e8:66:c7:30:ca:66:bd:5a:f6:f8:2a:0b:2c:
33:5f:ea:74:28:86:94:d1:8f:6f:df:77:ba:df:68:e1:98:5f:
cb:35:ce:cc:ad:22:c2:e8:56:af:68:80:3a:97:10:02:9c:b4:
6a:10:fd:1a:ae:6f:51:bf:5b:6a:88:e8:49:0c:3b:cd:c0:0a:
89:ae:28:a7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYthVdLIWZ1DTV3Z/Pa4jPFaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMxMDI0MTA1ODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTc5NWE5ZGM0ODAyYWJmMWVlMmU5Zjg3ZjA5NTNhOGZhMWMyYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJIwW80SPAUxHn7QO2Y+w48zlbVM
RSiXhTJcH5y5nCkBLKeROCl0291AE/qnwUMJDMMDAPztFT5fwCO0sk8FUHx5tJGO
7hZd4LkGMUDjqSKaID5L6ftr0juIy6v3w7DUGm2kgo2+07izgRt8lezSDZuuTWg7
Ob3jgRM2XCWkz2pbiiLGPDEsuohXdLunDcDCgQNMidC9TuNVkUWptrBQohCyJ5ze
Poyz/KRBTX1wEJ+XzecCEUQr2TRdCj4hKZrz+ATAG1CrejFW46AM0ZLOTYMMBgi0
n5PWXieKyuEXcgWNpHkti49twm/vueaa9yb6ICBq55dRPUwOW8x/yj4v6wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFH55Wp3EgCq/HuLp+H8JU6j6HCqPMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvZm5sYW5jU0FLcjhlNHVuNGZ3bFRxUG9jS284LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQCURXkAwQC
VXPAAwQAXDwiAwQCXVzkAwQCuWp8AwQCubPkAwQCub1AAwQCudO0AwQCud/cAwQC
ueOAAwQBufUiAwQCwiY4AwQC1FDQMA0GCSqGSIb3DQEBCwUAA4IBAQCaTREp0fFg
p+GxN+xDDZT02j7sFosCrvYCjcoqHLTD4XhVlL/aME82+V91zjA6lCm9yQfSvTgl
0//wdI5XvWShnrkxuITBm0WG74qhQjmelsFbHFeG5vFIErwkiPSTMhzeWteWBsqg
GEeAgygPLfV2s188JqTPNuvg2o/vtAjiFPir203LhbDGX0Xdoh0igOZcRaWUCut9
K8sRRea3oUM8vAw5zsg0blxJTHV4d9OYTpVETuH3RJDMCuhmxzDKZr1a9vgqCywz
X+p0KIaU0Y9v33e632jhmF/LNc7MrSLC6FavaIA6lxACnLRqEP0arm9Rv1tqiOhJ
DDvNwAqJriin
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org