Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/fgnsOCPv-ldeiYnC2Eh4iVJPA8Y.roa
File: fgnsOCPv-ldeiYnC2Eh4iVJPA8Y.roa (raw, json)
Hash identifier: r98NaKtGg/lbUk65Na85tDrP+9WejW0kyqAbfGbH/3g=
Subject key identifier: 7E:09:EC:38:23:EF:FA:57:5E:89:89:C2:D8:48:78:89:52:4F:03:C6
Certificate issuer: /CN=441d4b92dd150364c65b7d21299028678b0a5296
Certificate serial: 0188D500DD90C5392B3F11C7BC8F63D04433
Authority key identifier: 44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/fgnsOCPv-ldeiYnC2Eh4iVJPA8Y.roa
Signing time: Mon 19 Jun 2023 18:53:03 +0000
ROA not before: Mon 19 Jun 2023 18:53:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57370
IP address blocks: 178.238.160.0/20 maxlen: 20
178.238.160.0/22 maxlen: 24
178.238.160.0/21 maxlen: 24
178.238.168.0/21 maxlen: 24
185.119.179.0/24 maxlen: 24
185.119.177.0/24 maxlen: 24
185.119.178.0/24 maxlen: 24
185.119.178.0/23 maxlen: 24
185.119.176.0/22 maxlen: 24
185.119.176.0/24 maxlen: 24
185.119.176.0/23 maxlen: 24
144.2.80.0/20 maxlen: 24
144.2.96.0/20 maxlen: 24
144.2.96.0/19 maxlen: 24
144.2.112.0/20 maxlen: 24
144.2.64.0/20 maxlen: 24
144.2.64.0/19 maxlen: 24
144.2.64.0/18 maxlen: 24
2a02:21b2:b2ee::/48 maxlen: 48
2a02:21b2:b3ee::/48 maxlen: 48
2a02:21b2:beee::/48 maxlen: 48
2a02:21b2:ac18::/48 maxlen: 48
2a02:21b2:ac14::/48 maxlen: 48
2a02:21b1::/32 maxlen: 48
2a02:21b4::/32 maxlen: 48
2a02:21b4::/33 maxlen: 48
2a02:21b4::/34 maxlen: 48
2a02:21b4:4000::/34 maxlen: 48
2a02:21b4:8000::/33 maxlen: 48
2a02:21b4:8000::/34 maxlen: 48
2a02:21b4:c000::/34 maxlen: 48
2a02:21b0::/32 maxlen: 48
2a02:21b2:ac10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d5:00:dd:90:c5:39:2b:3f:11:c7:bc:8f:63:d0:44:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441d4b92dd150364c65b7d21299028678b0a5296
Validity
Not Before: Jun 19 18:53:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e09ec3823effa575e8989c2d8487889524f03c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ab:87:a6:16:f8:a0:e9:2f:7c:01:9b:d9:94:
fd:1c:1f:15:dd:bc:ed:7d:a3:c6:51:73:b8:1c:4d:
38:8b:20:45:6e:eb:ad:fb:33:98:2a:46:b2:10:4d:
15:e3:83:c0:0f:88:3b:bb:0c:e5:c9:68:e7:d9:70:
73:54:e1:24:01:2e:f3:2e:b5:4d:f5:df:38:17:e6:
56:9a:c3:6f:9a:57:2b:6f:d3:07:5e:67:94:c4:26:
98:64:3c:b3:da:41:60:d2:38:2e:d4:06:9d:75:69:
0f:f3:00:6b:25:17:fc:68:33:b1:06:89:82:ab:0b:
b4:33:e9:b0:63:11:2e:fa:91:28:46:5a:98:53:86:
aa:df:ae:6c:cc:44:1b:88:71:be:65:73:23:98:81:
d5:96:5a:a2:83:4c:9a:07:5f:08:29:f3:17:68:f2:
29:b0:3c:a0:aa:f0:fc:a7:0a:ea:ad:7f:21:1a:40:
ae:85:71:a6:87:1f:af:6e:b8:f9:42:fc:be:88:e8:
7c:6c:c4:80:52:66:fb:30:d7:c6:58:58:69:44:89:
27:1e:0a:5d:27:f4:b1:39:91:ea:b0:47:39:95:17:
7a:c4:cf:a8:23:4d:39:a8:f5:bd:64:da:5c:59:23:
e5:8a:22:fb:ed:7b:7b:b5:4c:22:1f:2c:87:a2:3b:
4c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:09:EC:38:23:EF:FA:57:5E:89:89:C2:D8:48:78:89:52:4F:03:C6
X509v3 Authority Key Identifier:
keyid:44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/fgnsOCPv-ldeiYnC2Eh4iVJPA8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.64.0/18
178.238.160.0/20
185.119.176.0/22
IPv6:
2a02:21b0::/31
2a02:21b2:ac10::/48
2a02:21b2:ac14::/48
2a02:21b2:ac18::/48
2a02:21b2:b2ee::/48
2a02:21b2:b3ee::/48
2a02:21b2:beee::/48
2a02:21b4::/32
Signature Algorithm: sha256WithRSAEncryption
2e:63:12:dc:44:c3:ff:81:8c:79:24:05:02:27:83:c5:ed:58:
4e:5f:c4:8a:4b:8e:53:17:b1:06:60:a1:12:5c:18:2e:cc:f6:
3e:f0:49:0d:f4:29:ed:0e:ad:c4:86:37:06:5e:57:61:08:31:
44:cc:ea:08:b1:c8:3f:55:47:41:aa:f6:b4:ca:d3:e2:0d:55:
1f:a7:a0:a1:7f:e2:91:29:c2:7f:92:55:3e:29:3b:bd:69:b6:
4e:a4:29:6a:b0:07:dd:f3:0b:0c:b3:d1:b3:c6:f1:f6:ba:9d:
aa:30:13:8c:e5:6b:6e:6f:49:37:54:5d:c0:6e:12:a6:42:5c:
2d:cd:6c:3c:e4:d7:c8:3e:82:1b:c5:c1:a0:7b:0a:dd:0d:4c:
ca:77:3e:23:1f:aa:a2:0a:1d:79:27:43:10:97:46:32:ca:c8:
04:33:82:ba:64:49:53:05:ee:22:c7:40:30:c3:34:14:17:d2:
c4:74:1e:df:4c:17:34:e2:e3:72:78:c1:40:fc:39:ce:4b:0d:
64:a0:e4:3f:e6:d4:b9:11:62:ee:29:a4:e1:da:c2:65:d1:10:
29:44:0b:27:50:01:1c:de:35:3a:af:17:09:90:3a:11:49:df:
ad:89:e7:40:55:21:2d:6f:10:60:65:4d:47:85:f3:c9:3b:7c:
d6:1b:69:55
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYjVAN2QxTkrPxHHvI9j0EQzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWQ0YjkyZGQxNTAzNjRjNjViN2QyMTI5OTAyODY3OGIw
YTUyOTYwHhcNMjMwNjE5MTg1MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTA5ZWMzODIzZWZmYTU3NWU4OTg5YzJkODQ4Nzg4OTUyNGYwM2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoauHphb4oOkvfAGb2ZT9HB8V3bzt
faPGUXO4HE04iyBFbuut+zOYKkayEE0V44PAD4g7uwzlyWjn2XBzVOEkAS7zLrVN
9d84F+ZWmsNvmlcrb9MHXmeUxCaYZDyz2kFg0jgu1AaddWkP8wBrJRf8aDOxBomC
qwu0M+mwYxEu+pEoRlqYU4aq365szEQbiHG+ZXMjmIHVllqig0yaB18IKfMXaPIp
sDygqvD8pwrqrX8hGkCuhXGmhx+vbrj5Qvy+iOh8bMSAUmb7MNfGWFhpRIknHgpd
J/SxOZHqsEc5lRd6xM+oI005qPW9ZNpcWSPliiL77Xt7tUwiHyyHojtMGQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFH4J7Dgj7/pXXomJwthIeIlSTwPGMB8GA1UdIwQY
MBaAFEQdS5LdFQNkxlt9ISmQKGeLClKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMt
N2Y1ZjRkNjA0NzMxLzEvZmduc09DUHYtbGRlaVluQzJFaDRpVkpQQThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMtN2Y1ZjRkNjA0NzMx
LzEvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjAYBAIAATASAwQGkAJAAwQE
su6gAwQCuXewMEoEAgACMEQDBQEqAiGwAwcAKgIhsqwQAwcAKgIhsqwUAwcAKgIh
sqwYAwcAKgIhsrLuAwcAKgIhsrPuAwcAKgIhsr7uAwUAKgIhtDANBgkqhkiG9w0B
AQsFAAOCAQEALmMS3ETD/4GMeSQFAieDxe1YTl/EikuOUxexBmChElwYLsz2PvBJ
DfQp7Q6txIY3Bl5XYQgxRMzqCLHIP1VHQar2tMrT4g1VH6egoX/ikSnCf5JVPik7
vWm2TqQparAH3fMLDLPRs8bx9rqdqjATjOVrbm9JN1RdwG4SpkJcLc1sPOTXyD6C
G8XBoHsK3Q1Mync+Ix+qogodeSdDEJdGMsrIBDOCumRJUwXuIsdAMMM0FBfSxHQe
30wXNOLjcnjBQPw5zksNZKDkP+bUuRFi7imk4drCZdEQKUQLJ1ABHN41Oq8XCZA6
EUnfrYnnQFUhLW8QYGVNR4XzyTt81htpVQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:58 2024 by rpki-client on console-fra.rpki-client.org