Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FiwLm1kmtl2xWaX5s5F-J_BDb8I.roa
File: FiwLm1kmtl2xWaX5s5F-J_BDb8I.roa (raw, json)
Hash identifier: kuRVFbMPOD+s+JGqxzEtT5LUIYai+c7mIaWTu06ZzvE=
Subject key identifier: 16:2C:0B:9B:59:26:B6:5D:B1:59:A5:F9:B3:91:7E:27:F0:43:6F:C2
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018F141D80C42001A6D7DCE9E92EB2C139A9
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FiwLm1kmtl2xWaX5s5F-J_BDb8I.roa
Signing time: Thu 25 Apr 2024 07:17:08 +0000
ROA not before: Thu 25 Apr 2024 07:17:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 192.71.158.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
193.180.61.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
193.234.237.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
194.14.212.0/24 maxlen: 24
194.68.56.0/23 maxlen: 23
194.68.99.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.27.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
194.71.248.0/21 maxlen: 21
194.103.50.0/24 maxlen: 24
194.132.108.0/23 maxlen: 24
194.132.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 09:27:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:1d:80:c4:20:01:a6:d7:dc:e9:e9:2e:b2:c1:39:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 25 07:17:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=162c0b9b5926b65db159a5f9b3917e27f0436fc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:98:f3:b6:27:71:41:46:d1:93:69:4d:55:94:
d8:50:9d:2a:e4:b5:9e:39:77:31:79:4b:70:b9:4c:
86:f2:96:e4:c6:0e:30:dc:6f:0b:2d:6f:6a:74:24:
4d:1b:12:8b:27:f2:41:41:78:e6:3d:87:1b:50:a1:
da:ed:9e:70:94:12:0a:3b:e2:a7:c9:e0:9e:b3:7a:
66:3b:7e:9c:2a:6d:f9:79:a1:d0:94:cf:fb:f5:c0:
a5:21:14:52:fa:d1:f5:d6:ae:cf:d0:35:1f:da:8b:
fc:fd:44:7f:b2:d8:48:73:1f:c0:eb:31:ba:cc:56:
f6:63:4b:3d:7a:d8:03:a8:0f:6d:f7:6d:e2:24:1b:
9b:0d:9c:ab:48:35:4d:91:12:a5:41:73:04:3c:e1:
bf:f4:27:d3:89:fc:09:7c:fb:1a:60:c7:40:fa:0b:
38:4b:66:b0:27:dd:da:e6:34:ba:af:8d:90:79:25:
1c:dc:be:7a:5f:4f:4f:d3:d9:f6:a3:7b:48:61:c8:
a2:94:df:cc:7f:99:1c:c7:12:29:29:55:26:d2:8a:
58:2c:3f:59:bd:c3:18:db:d2:39:78:96:57:3d:e6:
20:79:7d:7c:05:cb:96:ea:91:bf:62:9f:7f:57:5b:
21:68:e2:b1:1c:54:47:77:22:a0:d8:03:b4:8f:3e:
d7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2C:0B:9B:59:26:B6:5D:B1:59:A5:F9:B3:91:7E:27:F0:43:6F:C2
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/FiwLm1kmtl2xWaX5s5F-J_BDb8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.158.0/24
192.121.172.0/24
192.121.192.0/24
193.180.61.0/24
193.183.118.0/24
193.234.68.0/23
193.234.237.0/24
194.14.129.0/24
194.14.212.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.27.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
194.132.174.0/24
Signature Algorithm: sha256WithRSAEncryption
23:2c:f6:4f:3e:23:0c:cb:0d:79:bf:69:d1:8c:00:4e:d8:8b:
56:11:37:2b:e5:e0:39:98:e2:bc:e9:c1:68:f5:53:4c:86:57:
23:bc:02:a1:0b:e8:c9:cb:90:fc:9e:36:0f:25:e8:54:fb:02:
09:3e:72:da:10:b7:d3:6e:ad:49:c6:24:9b:b5:33:d4:ec:d4:
44:34:13:b2:92:9b:2b:97:31:5f:51:cb:f7:49:3e:c6:23:99:
21:41:61:68:2e:95:14:61:ca:9d:f4:6a:56:5c:e8:80:c7:93:
45:14:62:0f:be:ce:51:7d:2c:48:e0:7f:5d:24:f8:92:dc:a5:
b1:b9:af:86:85:11:11:16:c8:d9:7c:4e:d9:a1:cf:06:2d:70:
22:41:09:cd:16:28:c9:d0:1b:80:6a:40:81:52:62:1a:4d:63:
a2:00:23:c7:f7:ca:a6:0c:b1:d4:96:7b:07:54:75:73:f6:be:
b8:4d:d6:5f:df:40:95:ba:75:99:2e:b1:72:28:08:07:d5:c9:
29:ca:0f:6b:66:06:df:ad:19:8c:c7:fd:7c:4f:c6:dd:ea:d7:
cf:16:9c:a6:09:f8:b8:82:fc:67:3f:9c:c6:56:fd:94:7e:0d:
cd:a7:47:ea:94:c4:1c:5d:91:92:7d:aa:73:28:ad:88:03:24:
79:71:ee:18
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAY8UHYDEIAGm19zp6S6ywTmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNDI1MDcxNzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjJjMGI5YjU5MjZiNjVkYjE1OWE1ZjliMzkxN2UyN2YwNDM2ZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpjztidxQUbRk2lNVZTYUJ0q5LWe
OXcxeUtwuUyG8pbkxg4w3G8LLW9qdCRNGxKLJ/JBQXjmPYcbUKHa7Z5wlBIKO+Kn
yeCes3pmO36cKm35eaHQlM/79cClIRRS+tH11q7P0DUf2ov8/UR/sthIcx/A6zG6
zFb2Y0s9etgDqA9t923iJBubDZyrSDVNkRKlQXMEPOG/9CfTifwJfPsaYMdA+gs4
S2awJ93a5jS6r42QeSUc3L56X09P09n2o3tIYciilN/Mf5kcxxIpKVUm0opYLD9Z
vcMY29I5eJZXPeYgeX18BcuW6pG/Yp9/V1shaOKxHFRHdyKg2AO0jz7XPQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBYsC5tZJrZdsVml+bORfifwQ2/CMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRml3TG0xa210bDJ4V2FYNXM1Ri1KX0JEYjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMBHngME
AMB5rAMEAMB5wAMEAMG0PQMEAMG3dgMEAcHqRAMEAMHq7QMEAMIOgQMEAMIO1AME
AcJEOAMEAMJEYwMEAMJEfgMEAMJHGwMEAMJHUwMEAcJHjAMEA8JH+AMEAMJnMgME
AcKEbAMEAMKErjANBgkqhkiG9w0BAQsFAAOCAQEAIyz2Tz4jDMsNeb9p0YwATtiL
VhE3K+XgOZjivOnBaPVTTIZXI7wCoQvoycuQ/J42DyXoVPsCCT5y2hC3026tScYk
m7Uz1OzURDQTspKbK5cxX1HL90k+xiOZIUFhaC6VFGHKnfRqVlzogMeTRRRiD77O
UX0sSOB/XST4ktylsbmvhoURERbI2XxO2aHPBi1wIkEJzRYoydAbgGpAgVJiGk1j
ogAjx/fKpgyx1JZ7B1R1c/a+uE3WX99Albp1mS6xcigIB9XJKcoPa2YG360ZjMf9
fE/G3erXzxacpgn4uIL8Zz+cxlb9lH4NzadH6pTEHF2Rkn2qcyitiAMkeXHuGA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:52 2025 by rpki-client