Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/FSxKHJPvplqZkgHsSVKpQbIk6CA.roa
File: FSxKHJPvplqZkgHsSVKpQbIk6CA.roa (raw, json)
Hash identifier: N5X033KcitZwDJU2XQFej7IN0yP96oDy/p6GRpSDNeI=
Subject key identifier: 15:2C:4A:1C:93:EF:A6:5A:99:92:01:EC:49:52:A9:41:B2:24:E8:20
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018570FBC719A695B10E6F86EFE3EB1B723E
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/FSxKHJPvplqZkgHsSVKpQbIk6CA.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204063
IP address blocks: 5.1.64.0/21 maxlen: 32
94.247.47.0/24 maxlen: 32
185.90.161.0/24 maxlen: 32
185.90.160.0/24 maxlen: 32
185.90.163.0/24 maxlen: 32
185.90.162.0/24 maxlen: 32
5.1.94.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c7:19:a6:95:b1:0e:6f:86:ef:e3:eb:1b:72:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=152c4a1c93efa65a999201ec4952a941b224e820
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:98:4b:26:ce:f0:72:0f:42:47:81:ab:79:13:
15:d8:23:77:73:6b:ac:62:d6:81:0a:e8:de:fa:94:
3a:3e:86:c8:96:63:a9:cd:ed:2d:28:d6:80:9e:25:
6a:a3:a7:78:6b:dd:8b:89:10:23:cd:09:56:64:6f:
cf:7f:37:3b:d1:85:3f:93:67:a6:49:d3:a3:d2:eb:
4d:5c:e7:ad:bf:39:c1:5f:d5:f2:88:27:9d:97:9c:
52:ea:22:d6:b2:6f:45:d5:c8:de:b8:93:9a:10:6a:
ec:0f:2b:2b:c9:e1:03:0c:09:f9:9a:cd:37:a0:f8:
9e:3a:53:b3:fb:6a:70:81:ba:20:28:a4:e9:9e:31:
65:f1:d0:20:c1:7e:18:e9:60:ed:10:f1:00:5a:2f:
70:a8:ab:a0:8d:d7:24:83:59:ad:71:d0:fd:88:49:
b0:36:2e:44:fc:8d:cc:3a:29:ba:08:7c:8c:65:0d:
f1:9c:b7:cc:13:6f:c3:cd:ea:11:b3:4c:57:18:15:
c8:23:90:a1:e9:80:fe:86:4e:ac:6a:9c:b1:dd:fa:
7e:f6:fa:b8:2e:41:2d:48:c6:c6:7d:2c:6f:1c:9e:
b8:6d:de:7a:3c:95:4c:57:3d:64:0c:71:d6:f6:96:
15:af:68:38:90:0c:f6:b0:0c:81:3f:71:ff:a9:cc:
b5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:2C:4A:1C:93:EF:A6:5A:99:92:01:EC:49:52:A9:41:B2:24:E8:20
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/FSxKHJPvplqZkgHsSVKpQbIk6CA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.64.0/21
5.1.94.0/24
94.247.47.0/24
185.90.160.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:d9:14:42:3c:a2:1b:3d:87:9c:af:84:1c:6d:c4:3e:b9:a0:
fe:e9:f7:b7:47:38:7a:19:89:8c:89:08:a1:69:a3:5e:77:5f:
fd:78:b0:a8:9c:3f:87:39:06:4a:06:28:77:78:92:19:3d:ac:
5d:a9:03:80:14:9c:75:a0:a4:99:db:8f:62:c4:6b:8f:10:c0:
d8:13:de:4c:91:2c:f4:0d:0c:fe:c4:af:03:a0:36:3b:ce:a6:
93:c4:98:77:39:d9:4c:49:f8:05:1b:a6:0a:e5:b6:18:63:9d:
71:22:f2:6d:30:ae:6d:4d:93:44:9a:33:19:91:b5:a0:73:4b:
a2:06:fd:e0:bc:23:2e:86:26:b3:48:a1:bb:57:bd:6a:e6:59:
a1:a9:17:d7:e1:9a:d3:44:ea:30:de:d1:63:82:5f:96:37:1e:
4d:b0:d1:f9:f9:16:29:65:5e:a4:4a:d6:a5:28:4e:30:e7:9e:
ff:7e:56:19:18:01:34:2b:bf:46:7c:f2:c7:9a:95:2c:1e:d3:
cb:9b:13:e4:ca:48:f0:89:79:f3:ff:ba:4c:6c:91:0b:9c:da:
56:dd:7e:89:91:8a:ef:89:46:54:f4:15:95:bc:6f:8d:b7:2b:
37:5f:15:b0:b8:35:78:22:09:bf:98:75:f4:a7:8d:a8:8d:e6:
57:43:9f:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVw+8cZppWxDm+G7+PrG3I+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTJjNGExYzkzZWZhNjVhOTk5MjAxZWM0OTUyYTk0MWIyMjRlODIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5hLJs7wcg9CR4GreRMV2CN3c2us
YtaBCuje+pQ6PobIlmOpze0tKNaAniVqo6d4a92LiRAjzQlWZG/Pfzc70YU/k2em
SdOj0utNXOetvznBX9XyiCedl5xS6iLWsm9F1cjeuJOaEGrsDysryeEDDAn5ms03
oPieOlOz+2pwgbogKKTpnjFl8dAgwX4Y6WDtEPEAWi9wqKugjdckg1mtcdD9iEmw
Ni5E/I3MOim6CHyMZQ3xnLfME2/DzeoRs0xXGBXII5Ch6YD+hk6sapyx3fp+9vq4
LkEtSMbGfSxvHJ64bd56PJVMVz1kDHHW9pYVr2g4kAz2sAyBP3H/qcy1ewIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUsShyT76ZamZIB7ElSqUGyJOggMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvRlN4S0hKUHZwbHFaa2dIc1NWS3BRYklrNkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBQFAAwQA
BQFeAwQAXvcvAwQCuVqgMA0GCSqGSIb3DQEBCwUAA4IBAQA82RRCPKIbPYecr4Qc
bcQ+uaD+6fe3Rzh6GYmMiQihaaNed1/9eLConD+HOQZKBih3eJIZPaxdqQOAFJx1
oKSZ249ixGuPEMDYE95MkSz0DQz+xK8DoDY7zqaTxJh3OdlMSfgFG6YK5bYYY51x
IvJtMK5tTZNEmjMZkbWgc0uiBv3gvCMuhiazSKG7V71q5lmhqRfX4ZrTROow3tFj
gl+WNx5NsNH5+RYpZV6kStalKE4w557/flYZGAE0K79GfPLHmpUsHtPLmxPkykjw
iXnz/7pMbJELnNpW3X6JkYrviUZU9BWVvG+Ntys3XxWwuDV4Igm/mHX0p42ojeZX
Q58f
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org