Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/_FzpprSgvYHPa5jlJ3XJljTBxiA.roa
File: _FzpprSgvYHPa5jlJ3XJljTBxiA.roa (raw, json)
Hash identifier: eGek/RkMXBIq4KAWRoLFhRdWM1Y1d/GajLP+suD71lQ=
Subject key identifier: FC:5C:E9:A6:B4:A0:BD:81:CF:6B:98:E5:27:75:C9:96:34:C1:C6:20
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 018D0CD4AC60AF52027C1E9D007E9213F019
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/_FzpprSgvYHPa5jlJ3XJljTBxiA.roa
Signing time: Mon 15 Jan 2024 11:14:40 +0000
ROA not before: Mon 15 Jan 2024 11:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51844
IP address blocks: 95.128.158.0/24 maxlen: 24
2a13:3c0:103::/48 maxlen: 48
2a13:3c0:101::/48 maxlen: 48
2a13:3c0:104::/48 maxlen: 48
2a13:3c0:102::/48 maxlen: 48
2a13:3c0:105::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 18 Jan 2024 14:50:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:d4:ac:60:af:52:02:7c:1e:9d:00:7e:92:13:f0:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Jan 15 11:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc5ce9a6b4a0bd81cf6b98e52775c99634c1c620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:95:22:01:39:6d:01:81:4f:8a:05:6e:53:4a:
50:76:60:71:ac:75:8a:f0:18:e4:41:09:93:b8:86:
92:f0:a9:82:46:1d:64:63:dd:4f:1c:e4:77:f6:2c:
d9:80:d3:26:79:87:e7:1f:8c:59:43:5b:b2:cc:6d:
cf:0f:44:fb:2b:85:ce:c2:bf:5f:9f:a0:66:72:b0:
09:0c:20:a3:d4:7e:37:2e:b3:50:25:fd:fb:41:09:
fe:53:13:46:f4:9d:4b:a2:8b:6f:e6:cb:4b:f5:3e:
27:82:52:93:72:d5:6c:44:54:56:84:2b:00:7e:29:
dc:05:92:97:7f:15:a9:70:e9:d9:bf:b1:53:58:b5:
01:8a:0c:5d:91:3d:52:82:ad:be:4c:3d:44:0d:4d:
57:3a:79:b7:21:eb:8f:b4:ac:ff:dd:ad:08:dc:b0:
19:11:98:ab:f4:70:29:af:cd:7b:14:7b:dc:75:f9:
47:86:a1:43:87:32:5b:9b:9f:e9:32:5a:0b:ea:ec:
f1:ed:23:c0:96:d0:7f:59:7e:97:c4:12:10:95:70:
8a:d5:36:0a:ae:b3:a0:6e:01:80:99:a1:75:2b:f9:
39:ba:05:cc:0d:d4:9f:8d:ec:79:a6:63:c5:89:d8:
18:d0:ec:0f:a9:a4:b5:61:db:96:9e:5f:57:70:cd:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:5C:E9:A6:B4:A0:BD:81:CF:6B:98:E5:27:75:C9:96:34:C1:C6:20
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/_FzpprSgvYHPa5jlJ3XJljTBxiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.158.0/24
IPv6:
2a13:3c0:101::-2a13:3c0:105:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:f3:73:22:e9:d3:46:fb:7c:a1:29:69:9f:5b:ec:7a:47:c1:
aa:a9:cc:7d:0f:68:75:55:4f:d3:ff:ef:e2:67:02:24:d4:7e:
70:80:75:c0:a5:3e:be:97:9b:41:5f:f2:98:64:49:63:6d:f9:
13:cd:3a:a1:9f:3f:05:2c:3e:14:1f:52:97:ce:a2:41:8b:f6:
27:77:4a:47:7e:b8:25:71:5a:09:36:35:40:48:72:6a:21:e3:
11:af:e7:42:74:9c:69:5b:5f:35:69:d3:d0:8c:96:d6:54:32:
db:9a:ae:ac:9e:27:56:0e:c9:2b:30:9a:93:99:fb:ef:60:9a:
33:6f:f2:56:56:36:4b:4b:a0:51:8c:ec:26:e0:c9:d4:6f:3c:
77:95:ec:df:12:1b:40:78:8a:c9:a1:4d:56:1d:fb:34:79:15:
a0:59:af:ce:85:96:dc:07:77:e6:44:c1:7c:85:35:7c:52:63:
83:33:f6:e3:97:67:39:8c:e2:ce:cf:8a:e1:24:ef:46:eb:6d:
62:15:4b:74:af:a6:e3:17:6a:57:29:08:42:d1:01:cf:cf:ef:
b1:37:da:6c:cb:de:34:bb:5d:a5:2b:2e:2a:69:93:f8:64:7d:
4f:05:12:b4:48:04:44:32:46:dd:d6:67:bb:d8:43:00:77:44:
76:9f:eb:93
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY0M1Kxgr1ICfB6dAH6SE/AZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjQwMTE1MTExNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzVjZTlhNmI0YTBiZDgxY2Y2Yjk4ZTUyNzc1Yzk5NjM0YzFjNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5UiATltAYFPigVuU0pQdmBxrHWK
8BjkQQmTuIaS8KmCRh1kY91PHOR39izZgNMmeYfnH4xZQ1uyzG3PD0T7K4XOwr9f
n6BmcrAJDCCj1H43LrNQJf37QQn+UxNG9J1Lootv5stL9T4nglKTctVsRFRWhCsA
fincBZKXfxWpcOnZv7FTWLUBigxdkT1Sgq2+TD1EDU1XOnm3IeuPtKz/3a0I3LAZ
EZir9HApr817FHvcdflHhqFDhzJbm5/pMloL6uzx7SPAltB/WX6XxBIQlXCK1TYK
rrOgbgGAmaF1K/k5ugXMDdSfjex5pmPFidgY0OwPqaS1YduWnl9XcM3JFQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPxc6aa0oL2Bz2uY5Sd1yZY0wcYgMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvX0Z6cHByU2d2WUhQYTVqbEozWEpsalRCeGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAX4CeMBoE
AgACMBQwEgMHACoTA8ABAQMHASoTA8ABBDANBgkqhkiG9w0BAQsFAAOCAQEAhvNz
IunTRvt8oSlpn1vsekfBqqnMfQ9odVVP0//v4mcCJNR+cIB1wKU+vpebQV/ymGRJ
Y235E806oZ8/BSw+FB9Sl86iQYv2J3dKR364JXFaCTY1QEhyaiHjEa/nQnScaVtf
NWnT0IyW1lQy25qurJ4nVg7JKzCak5n772CaM2/yVlY2S0ugUYzsJuDJ1G88d5Xs
3xIbQHiKyaFNVh37NHkVoFmvzoWW3Ad35kTBfIU1fFJjgzP245dnOYzizs+K4STv
RuttYhVLdK+m4xdqVykIQtEBz8/vsTfabMveNLtdpSsuKmmT+GR9TwUStEgERDJG
3dZnu9hDAHdEdp/rkw==
Generated at Thu Jan 18 19:07:31 2024 by rpki-client on console-fra.rpki-client.org