Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/FAA1SZB4AKfA1GpoFSHYxzxrp4c.roa
File: FAA1SZB4AKfA1GpoFSHYxzxrp4c.roa (raw, json)
Hash identifier: IQNY8Dl5kL0GgZl9SUJFMbPqFpjd2tBmhw/EtDtA4bM=
Subject key identifier: 14:00:35:49:90:78:00:A7:C0:D4:6A:68:15:21:D8:C7:3C:6B:A7:87
Certificate issuer: /CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Certificate serial: 01856C0A2A4E09F5B1F618C2BDCF1222C2A2
Authority key identifier: 34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/FAA1SZB4AKfA1GpoFSHYxzxrp4c.roa
Signing time: Sun 01 Jan 2023 06:34:43 +0000
ROA not before: Sun 01 Jan 2023 06:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213122
IP address blocks: 5.252.166.0/24 maxlen: 24
5.252.164.0/24 maxlen: 24
5.252.165.0/24 maxlen: 24
45.130.152.0/24 maxlen: 24
45.130.153.0/24 maxlen: 24
45.87.62.0/24 maxlen: 24
45.87.63.0/24 maxlen: 24
45.87.60.0/24 maxlen: 24
45.87.61.0/24 maxlen: 24
185.162.74.0/24 maxlen: 24
2a0e:f380::/32 maxlen: 32
2a0e:f380:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:2a:4e:09:f5:b1:f6:18:c2:bd:cf:12:22:c2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3406d2c439ccbcb78a82d5cb2b4c3ff6e9934b96
Validity
Not Before: Jan 1 06:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=14003549907800a7c0d46a681521d8c73c6ba787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4b:aa:71:f5:c0:6d:ad:fe:17:56:e0:b4:43:
4a:8b:63:2f:64:d7:c2:e1:75:3a:21:86:48:73:75:
69:d1:00:2d:9b:21:c3:1d:09:73:5e:f7:fb:22:a6:
8a:9f:72:39:f1:f7:96:7e:65:5c:91:21:10:cb:45:
bc:26:38:59:40:64:4c:40:12:a0:0c:97:e7:68:ab:
01:8b:87:61:44:be:7f:97:62:6e:64:bd:7c:09:6b:
c3:bc:fb:cb:0f:c5:a5:92:3f:33:f9:1c:12:70:29:
49:6a:4b:1d:c3:eb:1b:41:d6:bf:28:d2:b1:70:34:
2e:f6:00:18:6b:1d:8e:5f:04:c8:b8:b7:c6:66:cc:
eb:68:78:64:3c:fd:66:bf:ca:45:ea:8b:d9:47:f7:
f7:7c:4a:dc:1e:1d:d4:07:a3:b7:9b:bd:1b:fa:40:
e6:c6:2d:d7:26:32:9b:81:b0:f5:3a:db:07:c5:7f:
f6:f6:4f:46:32:e0:72:2a:cf:4f:f6:8e:96:f0:43:
56:27:e7:e0:03:60:d9:df:3c:b1:53:c0:ae:98:6a:
17:ea:06:dc:c0:40:ac:0a:22:9a:cd:d0:90:3d:8e:
f6:97:10:5f:8a:43:91:58:ce:66:c4:f3:b1:36:10:
cb:4b:f4:2c:11:d7:fa:53:d3:a1:7b:cf:ba:e9:41:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:00:35:49:90:78:00:A7:C0:D4:6A:68:15:21:D8:C7:3C:6B:A7:87
X509v3 Authority Key Identifier:
keyid:34:06:D2:C4:39:CC:BC:B7:8A:82:D5:CB:2B:4C:3F:F6:E9:93:4B:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAbSxDnMvLeKgtXLK0w_9umTS5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/FAA1SZB4AKfA1GpoFSHYxzxrp4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/0a3a0f-60f8-4a1c-bba0-7b880c063367/1/NAbSxDnMvLeKgtXLK0w_9umTS5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.164.0-5.252.166.255
45.87.60.0/22
45.130.152.0/23
185.162.74.0/24
IPv6:
2a0e:f380::/32
Signature Algorithm: sha256WithRSAEncryption
72:8a:a0:05:fe:5e:ce:58:68:a6:50:33:02:c0:ca:08:00:8e:
fd:cc:9d:ba:c6:66:62:a7:07:ec:88:c4:b4:e6:28:5c:f3:4b:
e4:e2:07:d7:55:9e:d5:02:dd:91:61:11:76:39:68:79:51:5e:
23:6e:24:04:3b:4e:f2:64:27:e7:64:d4:6f:bb:22:8e:6a:f9:
b5:2f:3a:9f:01:a3:96:1d:8d:d3:92:a8:33:83:18:7c:a7:34:
42:b0:a5:9a:a6:59:38:e6:4a:f1:00:7d:e1:f7:da:89:e0:3a:
ed:7b:58:60:51:f7:fd:f1:95:15:fe:31:f6:f5:b0:0c:7a:42:
f6:79:74:9a:bf:97:72:14:d8:ff:80:42:f2:bc:67:07:ed:ad:
43:5d:66:c7:f1:18:c8:1d:78:52:90:21:90:db:66:02:21:40:
ce:dc:e7:88:28:f0:e8:ef:0c:f1:45:0f:02:4f:e8:09:5c:12:
63:27:fb:c5:b7:39:3c:68:68:dc:96:b6:af:83:6a:3c:85:fe:
69:3d:b4:13:5d:c2:2d:e1:74:d4:73:3b:40:e2:7f:96:07:04:
5a:b6:76:04:ac:25:15:b8:16:08:09:95:3e:c0:25:4b:4e:e9:
71:73:1e:84:c0:a0:55:fb:26:db:23:a9:e5:72:bd:54:36:be:
b2:12:b6:55
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVsCipOCfWx9hjCvc8SIsKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDZkMmM0MzljY2JjYjc4YTgyZDVjYjJiNGMzZmY2ZTk5
MzRiOTYwHhcNMjMwMTAxMDYzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDAwMzU0OTkwNzgwMGE3YzBkNDZhNjgxNTIxZDhjNzNjNmJhNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUuqcfXAba3+F1bgtENKi2MvZNfC
4XU6IYZIc3Vp0QAtmyHDHQlzXvf7IqaKn3I58feWfmVckSEQy0W8JjhZQGRMQBKg
DJfnaKsBi4dhRL5/l2JuZL18CWvDvPvLD8Wlkj8z+RwScClJaksdw+sbQda/KNKx
cDQu9gAYax2OXwTIuLfGZszraHhkPP1mv8pF6ovZR/f3fErcHh3UB6O3m70b+kDm
xi3XJjKbgbD1OtsHxX/29k9GMuByKs9P9o6W8ENWJ+fgA2DZ3zyxU8CumGoX6gbc
wECsCiKazdCQPY72lxBfikORWM5mxPOxNhDLS/QsEdf6U9Ohe8+66UEC0QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBQANUmQeACnwNRqaBUh2Mc8a6eHMB8GA1UdIwQY
MBaAFDQG0sQ5zLy3ioLVyytMP/bpk0uWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAt
N2I4ODBjMDYzMzY3LzEvRkFBMVNaQjRBS2ZBMUdwb0ZTSFl4enhycDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8wYTNhMGYtNjBmOC00YTFjLWJiYTAtN2I4ODBjMDYzMzY3
LzEvTkFiU3hEbk12TGVLZ3RYTEswd185dW1UUzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAIF/KQD
BAAF/KYDBAItVzwDBAEtgpgDBAC5okowDQQCAAIwBwMFACoO84AwDQYJKoZIhvcN
AQELBQADggEBAHKKoAX+Xs5YaKZQMwLAyggAjv3MnbrGZmKnB+yIxLTmKFzzS+Ti
B9dVntUC3ZFhEXY5aHlRXiNuJAQ7TvJkJ+dk1G+7Io5q+bUvOp8Bo5YdjdOSqDOD
GHynNEKwpZqmWTjmSvEAfeH32ongOu17WGBR9/3xlRX+Mfb1sAx6QvZ5dJq/l3IU
2P+AQvK8ZwftrUNdZsfxGMgdeFKQIZDbZgIhQM7c54go8OjvDPFFDwJP6AlcEmMn
+8W3OTxoaNyWtq+DajyF/mk9tBNdwi3hdNRzO0Dif5YHBFq2dgSsJRW4FggJlT7A
JUtO6XFzHoTAoFX7JtsjqeVyvVQ2vrIStlU=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:21 2023 by rpki-client on console.sobornost.net