Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLYNawehAMJuBN64DMNDe5AbPQA.roa
File: FLYNawehAMJuBN64DMNDe5AbPQA.roa (raw, json)
Hash identifier: 8Ry/jYC1suHfaNgmcqaU2q/OgS9JQnIVLUK49PcqRaE=
Subject key identifier: 14:B6:0D:6B:07:A1:00:C2:6E:04:DE:B8:0C:C3:43:7B:90:1B:3D:00
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018BA528CBC00D0231A37B41EC02B37B95C8
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLYNawehAMJuBN64DMNDe5AbPQA.roa
Signing time: Mon 06 Nov 2023 15:03:16 +0000
ROA not before: Mon 06 Nov 2023 15:03:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
193.234.94.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
193.234.205.0/24 maxlen: 24
194.68.244.0/22 maxlen: 22
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
193.183.59.0/24 maxlen: 24
194.68.181.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a5:28:cb:c0:0d:02:31:a3:7b:41:ec:02:b3:7b:95:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 6 15:03:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14b60d6b07a100c26e04deb80cc3437b901b3d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:25:84:86:c2:e8:fb:e8:33:39:14:1e:5b:d8:
ef:65:2d:ab:f2:1e:fb:f1:8f:23:f7:81:1b:33:40:
09:5a:39:20:b7:13:ca:c4:8d:b4:ea:10:c3:98:f6:
5e:32:d7:bf:db:b1:08:43:e6:4a:4c:f6:53:81:42:
8d:34:74:06:c7:50:34:96:a4:08:9c:0e:a8:89:8f:
1a:ed:59:08:5b:b4:a1:5e:e5:93:4d:ef:a9:78:98:
dc:61:31:b6:81:85:5a:1c:c2:05:64:50:98:77:77:
95:d0:7e:31:7d:db:1d:a7:5a:3c:17:3a:ea:f8:cb:
6b:38:e3:20:fd:38:fa:e8:bf:56:4f:5c:13:94:7a:
b3:15:6f:69:8f:99:d9:36:cb:4e:99:ca:ee:e1:51:
36:31:04:d6:62:b1:a5:e7:fe:ae:e7:74:14:c4:ad:
04:8a:e8:cb:40:02:a8:e2:24:ff:7f:43:1c:ae:d7:
59:7a:46:23:20:d1:a6:27:0a:ea:c0:d3:bc:a9:21:
df:b1:0e:58:95:f9:f3:ee:39:7d:5d:00:b2:3c:bb:
8b:47:dc:be:a8:7e:68:4c:96:28:a8:a9:80:45:96:
65:1a:60:3e:e6:20:a6:d5:d5:00:35:38:cb:76:3c:
d8:ba:58:7e:bd:77:7c:c4:81:a5:79:88:19:a4:86:
df:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B6:0D:6B:07:A1:00:C2:6E:04:DE:B8:0C:C3:43:7B:90:1B:3D:00
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FLYNawehAMJuBN64DMNDe5AbPQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.183.59.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
193.234.205.0/24
194.14.57.0/24
194.68.181.0/24
194.68.244.0/22
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:c4:20:6a:c9:fa:ac:ac:8c:e9:c6:e8:48:8b:2c:84:32:c7:
18:fa:64:f0:23:da:5a:95:8a:0c:e6:79:11:c8:e9:bd:40:62:
53:84:0a:03:03:91:8f:8b:b6:ae:50:fe:2c:63:a4:19:b1:9a:
5f:fa:6e:92:52:ab:62:0c:ab:5d:b8:7f:6d:42:45:09:3d:24:
49:83:0e:7d:ba:ba:04:a0:09:de:94:35:40:86:45:1e:36:e4:
ab:08:02:64:fe:1a:2c:26:a7:74:34:ce:52:91:fa:6b:d1:3c:
9c:03:38:7e:02:f2:01:b6:78:fe:62:6c:95:59:8b:87:72:da:
9d:16:58:1d:09:ef:aa:77:9d:b0:58:40:ff:1d:c9:b3:dc:32:
09:4f:28:5c:f4:c6:9d:39:ff:4e:5d:ce:8b:16:0b:8f:0a:8a:
a1:ec:bf:24:fa:0f:f6:4e:9d:6a:4f:08:8f:65:78:bb:be:fa:
f7:2b:2e:f6:c3:ff:06:d4:ca:14:39:aa:af:85:f5:d0:be:1a:
97:93:84:35:c1:b0:82:3a:be:80:02:95:92:67:9b:fe:74:22:
b3:3e:b8:d9:91:e9:a1:f6:e1:17:b0:72:7d:f1:f7:4a:71:90:
41:26:a9:9c:9d:7e:a1:9b:e7:fe:5a:6b:ec:a8:f8:60:1c:60:
cc:28:ce:ae
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYulKMvADQIxo3tB7AKze5XIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMxMTA2MTUwMzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI2MGQ2YjA3YTEwMGMyNmUwNGRlYjgwY2MzNDM3YjkwMWIzZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSWEhsLo++gzORQeW9jvZS2r8h77
8Y8j94EbM0AJWjkgtxPKxI206hDDmPZeMte/27EIQ+ZKTPZTgUKNNHQGx1A0lqQI
nA6oiY8a7VkIW7ShXuWTTe+peJjcYTG2gYVaHMIFZFCYd3eV0H4xfdsdp1o8Fzrq
+MtrOOMg/Tj66L9WT1wTlHqzFW9pj5nZNstOmcru4VE2MQTWYrGl5/6u53QUxK0E
iujLQAKo4iT/f0McrtdZekYjINGmJwrqwNO8qSHfsQ5Ylfnz7jl9XQCyPLuLR9y+
qH5oTJYoqKmARZZlGmA+5iCm1dUANTjLdjzYulh+vXd8xIGleYgZpIbfoQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFBS2DWsHoQDCbgTeuAzDQ3uQGz0AMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRkxZTmF3ZWhBTUp1Qk42NERNTkRlNUFiUFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBADA
RwADBADApQMDBAHApYYDBADBtSIDBADBtxQDBADBtzEDBADBtzsDBADB6gMDBADB
6l4DBALB6nQDBADB6pADBADB6s0DBADCDjkDBADCRLUDBALCRPQDBAHCRwADBAHC
ZxADBADCZ18DBADCZ5EDBADCZ8UDBADChKQDBADChKYDBADChLowDQYJKoZIhvcN
AQELBQADggEBAD/EIGrJ+qysjOnG6EiLLIQyxxj6ZPAj2lqVigzmeRHI6b1AYlOE
CgMDkY+Ltq5Q/ixjpBmxml/6bpJSq2IMq124f21CRQk9JEmDDn26ugSgCd6UNUCG
RR425KsIAmT+Giwmp3Q0zlKR+mvRPJwDOH4C8gG2eP5ibJVZi4dy2p0WWB0J76p3
nbBYQP8dybPcMglPKFz0xp05/05dzosWC48KiqHsvyT6D/ZOnWpPCI9leLu++vcr
LvbD/wbUyhQ5qq+F9dC+GpeThDXBsII6voAClZJnm/50IrM+uNmR6aH24Rewcn3x
90pxkEEmqZydfqGb5/5aa+yo+GAcYMwozq4=
-----END CERTIFICATE-----
Generated at Fri Nov 24 08:40:59 2023 by rpki-client on console-fra.rpki-client.org