Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/FzU7AGG6Sd1N_IHpHYk_lrJng1A.roa
File: FzU7AGG6Sd1N_IHpHYk_lrJng1A.roa (raw, json)
Hash identifier: 1n6TgEGJrD9ApbrLhO+eYyytKocfgSmJholPEAWdUyM=
Subject key identifier: 17:35:3B:00:61:BA:49:DD:4D:FC:81:E9:1D:89:3F:96:B2:67:83:50
Certificate issuer: /CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Certificate serial: 018C8B9886B544E5305460102138D6A6168E
Authority key identifier: 92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/FzU7AGG6Sd1N_IHpHYk_lrJng1A.roa
Signing time: Thu 21 Dec 2023 08:57:58 +0000
ROA not before: Thu 21 Dec 2023 08:57:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8560
IP address blocks: 194.164.120.0/21 maxlen: 24
46.16.72.0/21 maxlen: 24
212.132.64.0/18 maxlen: 24
78.137.96.0/21 maxlen: 24
194.164.88.0/21 maxlen: 24
87.106.0.0/16 maxlen: 24
81.173.112.0/22 maxlen: 24
82.165.0.0/16 maxlen: 24
194.164.160.0/20 maxlen: 24
185.48.116.0/22 maxlen: 24
212.227.0.0/16 maxlen: 24
194.164.192.0/20 maxlen: 24
157.97.105.0/24 maxlen: 32
157.97.104.0/24 maxlen: 32
85.184.248.0/22 maxlen: 24
157.97.104.0/21 maxlen: 24
5.250.176.0/20 maxlen: 24
217.72.192.0/20 maxlen: 24
217.160.0.0/16 maxlen: 24
213.165.64.0/19 maxlen: 24
194.164.4.0/22 maxlen: 24
195.20.224.0/19 maxlen: 24
194.164.8.0/22 maxlen: 24
194.164.16.0/20 maxlen: 24
194.164.48.0/20 maxlen: 24
194.126.206.0/24 maxlen: 24
213.244.192.0/24 maxlen: 24
217.160.150.0/23 maxlen: 32
2001:8d8::/32 maxlen: 48
2a02:2478::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8b:98:86:b5:44:e5:30:54:60:10:21:38:d6:a6:16:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9295b1f1dcd8fa6ac1ef788278c489e15eacae70
Validity
Not Before: Dec 21 08:57:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17353b0061ba49dd4dfc81e91d893f96b2678350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:10:6d:d5:5f:29:8f:bb:20:2d:2d:10:6a:51:
eb:4e:40:ba:55:b0:66:28:94:31:c2:bc:d9:7e:bd:
af:a4:65:8c:37:d0:35:27:c8:5e:38:0f:cb:f7:0a:
0e:a4:c5:d6:ce:62:9d:45:01:0c:dd:15:33:1d:56:
9a:a7:64:27:1e:02:96:f8:b9:0f:02:83:18:21:6e:
bc:da:36:a8:e9:4c:cd:82:8a:0c:34:36:c4:de:2c:
2a:cc:17:d4:ff:51:f4:7d:96:cc:96:5b:f1:df:90:
1c:b0:27:4f:e3:1d:18:42:09:80:43:9b:d4:e4:75:
02:4f:9d:12:86:bb:e3:c5:db:2b:48:75:b0:af:ce:
0d:87:ad:18:19:dc:e6:7d:a1:06:2c:c7:64:0e:26:
84:e6:22:dd:28:f3:d0:e4:01:55:ac:f8:5c:c9:7b:
7d:14:9c:ac:a9:24:2d:f2:ce:02:64:2d:8e:8a:f3:
82:e3:0b:9a:6b:28:0e:14:b6:f3:98:05:b0:36:42:
f2:c5:29:76:76:ea:62:d9:9b:83:50:20:a9:dc:ea:
0c:8f:9b:4b:9e:a6:c1:29:50:4e:87:74:76:46:a3:
f1:a3:1b:3f:d0:ca:92:b2:f3:a0:e8:80:5f:23:f4:
9f:75:59:ca:37:d9:03:bc:2d:70:96:b4:a3:9f:74:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:35:3B:00:61:BA:49:DD:4D:FC:81:E9:1D:89:3F:96:B2:67:83:50
X509v3 Authority Key Identifier:
keyid:92:95:B1:F1:DC:D8:FA:6A:C1:EF:78:82:78:C4:89:E1:5E:AC:AE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpWx8dzY-mrB73iCeMSJ4V6srnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/FzU7AGG6Sd1N_IHpHYk_lrJng1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/0fbc2e-fd88-4df2-aae3-9eb40cc5f68b/1/kpWx8dzY-mrB73iCeMSJ4V6srnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.176.0/20
46.16.72.0/21
78.137.96.0/21
81.173.112.0/22
82.165.0.0/16
85.184.248.0/22
87.106.0.0/16
157.97.104.0/21
185.48.116.0/22
194.126.206.0/24
194.164.4.0-194.164.11.255
194.164.16.0/20
194.164.48.0/20
194.164.88.0/21
194.164.120.0/21
194.164.160.0/20
194.164.192.0/20
195.20.224.0/19
212.132.64.0/18
212.227.0.0/16
213.165.64.0/19
213.244.192.0/24
217.72.192.0/20
217.160.0.0/16
IPv6:
2001:8d8::/32
2a02:2478::/29
Signature Algorithm: sha256WithRSAEncryption
20:bb:8d:48:7c:6c:7c:d8:f0:27:1b:95:b4:07:9e:10:bc:c6:
9c:b1:5b:dc:2c:24:4b:ec:7f:af:29:fc:56:b6:cc:4c:99:12:
d0:dc:4b:cc:99:57:b1:22:e5:a7:ce:fe:97:3c:6e:e8:2b:17:
23:74:64:ad:7e:f9:2e:97:5a:68:57:ec:b9:03:eb:9c:ca:d3:
be:2c:c7:f5:97:6a:2a:c3:9a:2a:79:c1:a0:64:7f:89:08:d7:
5f:72:80:2b:dd:5e:b1:47:4e:22:20:a3:dd:aa:0d:42:55:63:
e8:93:dd:6e:98:96:ea:21:9c:3d:2b:4b:b6:16:7a:9c:4b:e8:
8f:d5:fd:aa:af:e9:6c:59:1f:fa:6b:e7:e4:d5:9a:ea:a7:fa:
c1:21:6b:14:d3:08:d0:b1:a5:7c:07:36:f6:cf:5d:e8:23:a2:
06:1d:0f:b1:57:df:ed:c0:a8:15:05:70:e8:66:e9:28:7f:f4:
a4:52:82:8e:a9:b0:cf:0b:06:d8:d2:db:0b:92:74:e5:2c:f7:
0c:8a:51:ff:8f:10:ba:6c:55:6b:5f:17:02:e8:d0:13:fa:ea:
d2:9a:3f:10:6e:87:bb:3a:b8:02:b7:95:7e:ea:08:8a:7d:76:
99:60:59:31:1f:8e:ec:db:56:ab:b6:cc:cc:14:e6:c5:41:0e:
a0:26:ea:e5
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYyLmIa1ROUwVGAQITjWphaOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTViMWYxZGNkOGZhNmFjMWVmNzg4Mjc4YzQ4OWUxNWVh
Y2FlNzAwHhcNMjMxMjIxMDg1NzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM1M2IwMDYxYmE0OWRkNGRmYzgxZTkxZDg5M2Y5NmIyNjc4MzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxBt1V8pj7sgLS0QalHrTkC6VbBm
KJQxwrzZfr2vpGWMN9A1J8heOA/L9woOpMXWzmKdRQEM3RUzHVaap2QnHgKW+LkP
AoMYIW682jao6UzNgooMNDbE3iwqzBfU/1H0fZbMllvx35AcsCdP4x0YQgmAQ5vU
5HUCT50ShrvjxdsrSHWwr84Nh60YGdzmfaEGLMdkDiaE5iLdKPPQ5AFVrPhcyXt9
FJysqSQt8s4CZC2OivOC4wuaaygOFLbzmAWwNkLyxSl2dupi2ZuDUCCp3OoMj5tL
nqbBKVBOh3R2RqPxoxs/0MqSsvOg6IBfI/SfdVnKN9kDvC1wlrSjn3SIDQIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFBc1OwBhukndTfyB6R2JP5ayZ4NQMB8GA1UdIwQY
MBaAFJKVsfHc2Ppqwe94gnjEieFerK5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMt
OWViNDBjYzVmNjhiLzEvRnpVN0FHRzZTZDFOX0lIcEhZa19sckpuZzFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wZmJjMmUtZmQ4OC00ZGYyLWFhZTMtOWViNDBjYzVmNjhi
LzEva3BXeDhkelktbXJCNzNpQ2VNU0o0VjZzcm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBmwQCAAEwgZQDBAQF
+rADBAMuEEgDBANOiWADBAJRrXADAwBSpQMEAlW4+AMDAFdqAwQDnWFoAwQCuTB0
AwQAwn7OMAwDBALCpAQDBALCpAgDBATCpBADBATCpDADBAPCpFgDBAPCpHgDBATC
pKADBATCpMADBAXDFOADBAbUhEADAwDU4wMEBdWlQAMEANX0wAMEBNlIwAMDANmg
MBQEAgACMA4DBQAgAQjYAwUDKgIkeDANBgkqhkiG9w0BAQsFAAOCAQEAILuNSHxs
fNjwJxuVtAeeELzGnLFb3CwkS+x/ryn8VrbMTJkS0NxLzJlXsSLlp87+lzxu6CsX
I3RkrX75LpdaaFfsuQPrnMrTvizH9ZdqKsOaKnnBoGR/iQjXX3KAK91esUdOIiCj
3aoNQlVj6JPdbpiW6iGcPStLthZ6nEvoj9X9qq/pbFkf+mvn5NWa6qf6wSFrFNMI
0LGlfAc29s9d6COiBh0PsVff7cCoFQVw6GbpKH/0pFKCjqmwzwsG2NLbC5J05Sz3
DIpR/48QumxVa18XAujQE/rq0po/EG6Huzq4AreVfuoIin12mWBZMR+O7NtWq7bM
zBTmxUEOoCbq5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:13 2024 by rpki-client on console-ams.rpki-client.org