Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/FRIUitvFCv1CtdrV-xjpQuCERQ4.roa
File: FRIUitvFCv1CtdrV-xjpQuCERQ4.roa (raw, json)
Hash identifier: Umqqw/9/MNgxEBNV/9GVWRkfBDBimNqc0IFYYNVJEI8=
Subject key identifier: 15:12:14:8A:DB:C5:0A:FD:42:B5:DA:D5:FB:18:E9:42:E0:84:45:0E
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0186A1EB7B039F9AA155E7B7A9852DB8D3AB
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/FRIUitvFCv1CtdrV-xjpQuCERQ4.roa
Signing time: Thu 02 Mar 2023 10:43:29 +0000
ROA not before: Thu 02 Mar 2023 10:43:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
46.23.108.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a1:eb:7b:03:9f:9a:a1:55:e7:b7:a9:85:2d:b8:d3:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Mar 2 10:43:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1512148adbc50afd42b5dad5fb18e942e084450e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fa:fe:1f:d0:7b:a3:2d:4a:38:fc:67:7e:9e:
40:a8:1d:9a:76:d0:48:42:09:a6:17:7a:eb:36:2e:
90:77:79:76:08:b2:11:55:ed:2b:cf:d8:61:33:b8:
cc:c9:0c:70:87:bc:7d:bf:d2:17:8f:87:b1:67:30:
4d:6c:80:bb:dc:1b:9b:d0:da:c8:05:46:d1:cc:74:
8f:e4:12:4f:f5:8a:fe:ed:e6:43:c2:36:12:e7:0e:
8f:ce:38:6f:70:1a:38:7f:4b:df:5f:cf:41:14:15:
85:4f:8e:e9:17:cf:79:51:ef:b0:0c:d0:03:66:0a:
e1:72:cd:6b:ad:30:43:af:aa:98:30:6c:e8:1b:0f:
5e:19:32:14:94:74:07:9e:5b:48:73:4c:76:9d:17:
14:2c:8d:7a:57:af:39:49:1f:34:14:f7:16:14:50:
74:11:e5:d0:6f:e1:75:5f:31:89:fb:5b:e0:3c:d4:
ed:bf:32:25:80:00:01:f3:29:82:da:35:00:83:8e:
1e:6a:ac:00:8b:61:29:39:35:22:53:70:9a:27:7e:
b3:94:eb:cf:49:70:d1:a1:f7:eb:69:20:5a:cc:ac:
cf:b7:c1:f2:cc:a9:1a:b8:b4:5e:d8:4f:a2:7c:c3:
73:74:27:fc:a5:de:84:d7:7c:53:d9:90:13:b6:cd:
20:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:12:14:8A:DB:C5:0A:FD:42:B5:DA:D5:FB:18:E9:42:E0:84:45:0E
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/FRIUitvFCv1CtdrV-xjpQuCERQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
46.23.108.0/24
85.158.146.0/24
109.205.210.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:3d:9c:3c:db:b4:77:7b:53:55:03:ca:df:97:3a:2d:d9:b8:
11:f6:11:3d:44:21:25:fc:58:26:2c:17:59:88:4f:ee:69:12:
3e:4b:60:6e:9b:75:99:8e:0a:c8:ea:48:d2:d8:52:8c:c9:86:
be:c0:3f:51:8e:b4:5e:2a:95:16:f5:16:3f:19:58:7c:1b:8e:
16:26:6e:74:87:c6:a1:37:20:32:0f:63:c8:ea:05:ec:98:5f:
ff:02:2d:bb:de:5f:43:22:18:45:c7:0d:b5:70:76:18:81:48:
3c:59:fa:bb:84:0c:45:e1:dc:61:77:ab:4d:23:1f:15:d1:cd:
5c:85:76:5f:b7:34:ff:ad:1f:a6:2d:34:98:39:25:49:21:31:
b5:0d:39:df:bf:27:81:ba:ce:81:ae:be:f3:c7:be:dc:d4:36:
fe:4a:21:40:7b:8c:a7:99:12:d8:c3:44:a3:11:c5:ac:9f:58:
32:f8:6d:96:d6:fc:e6:01:61:3e:5b:5c:3c:02:55:21:ae:31:
bf:1f:98:ae:0f:d2:22:d9:d1:5d:99:45:32:a9:a8:af:d0:cd:
b9:b6:ea:00:56:1b:1e:ae:49:d3:83:e5:9b:fa:21:db:d3:5f:
41:f6:22:7f:3e:f1:a0:c9:76:c9:d2:1a:53:92:00:08:0b:24:
ee:11:ce:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYah63sDn5qhVee3qYUtuNOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMzAyMTA0MzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTEyMTQ4YWRiYzUwYWZkNDJiNWRhZDVmYjE4ZTk0MmUwODQ0NTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/r+H9B7oy1KOPxnfp5AqB2adtBI
QgmmF3rrNi6Qd3l2CLIRVe0rz9hhM7jMyQxwh7x9v9IXj4exZzBNbIC73Bub0NrI
BUbRzHSP5BJP9Yr+7eZDwjYS5w6PzjhvcBo4f0vfX89BFBWFT47pF895Ue+wDNAD
Zgrhcs1rrTBDr6qYMGzoGw9eGTIUlHQHnltIc0x2nRcULI16V685SR80FPcWFFB0
EeXQb+F1XzGJ+1vgPNTtvzIlgAAB8ymC2jUAg44eaqwAi2EpOTUiU3CaJ36zlOvP
SXDRoffraSBazKzPt8HyzKkauLRe2E+ifMNzdCf8pd6E13xT2ZATts0gXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBUSFIrbxQr9QrXa1fsY6ULghEUOMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvRlJJVWl0dkZDdjFDdGRyVi14anBRdUNFUlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBQrwAwQC
BQr8AwQALhdsAwQAVZ6SAwQAbc3SAwQApNdnMA0GCSqGSIb3DQEBCwUAA4IBAQCx
PZw827R3e1NVA8rflzot2bgR9hE9RCEl/FgmLBdZiE/uaRI+S2Bum3WZjgrI6kjS
2FKMyYa+wD9RjrReKpUW9RY/GVh8G44WJm50h8ahNyAyD2PI6gXsmF//Ai273l9D
IhhFxw21cHYYgUg8Wfq7hAxF4dxhd6tNIx8V0c1chXZftzT/rR+mLTSYOSVJITG1
DTnfvyeBus6Brr7zx77c1Db+SiFAe4ynmRLYw0SjEcWsn1gy+G2W1vzmAWE+W1w8
AlUhrjG/H5iuD9Ii2dFdmUUyqaiv0M25tuoAVhserknTg+Wb+iHb019B9iJ/PvGg
yXbJ0hpTkgAICyTuEc4q
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org