Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ff_0lQA6pa2GBTWBkhUU8Hg3uD8.roa
File: ff_0lQA6pa2GBTWBkhUU8Hg3uD8.roa (raw, json)
Hash identifier: 5W7cuaFHPwACTF++FiPTOZcVV97klTWQG+D7SuTQxTs=
Subject key identifier: 7D:FF:F4:95:00:3A:A5:AD:86:05:35:81:92:15:14:F0:78:37:B8:3F
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 018570B97B915020C2F39D1311C62937DD80
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ff_0lQA6pa2GBTWBkhUU8Hg3uD8.roa
Signing time: Mon 02 Jan 2023 04:24:42 +0000
ROA not before: Mon 02 Jan 2023 04:24:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41088
IP address blocks: 185.125.128.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:7b:91:50:20:c2:f3:9d:13:11:c6:29:37:dd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Jan 2 04:24:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dfff495003aa5ad86053581921514f07837b83f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0f:0d:fd:11:67:1a:7d:50:a9:75:a7:54:93:
da:89:03:0e:a3:50:b8:e5:e2:3c:ff:bf:d4:a5:21:
96:37:b7:35:e5:62:d4:b1:ed:30:fa:fa:f9:1f:7f:
75:e5:3e:0a:46:75:5c:91:5b:7e:08:39:b8:c2:1c:
dc:6e:1b:9c:2f:00:46:5d:10:17:41:c5:b3:c8:56:
54:c1:ad:70:5b:83:5a:9a:1a:74:3a:51:bd:06:ee:
71:d2:89:94:19:31:39:7f:1d:de:81:90:26:58:4f:
c1:1f:4f:dd:df:ca:11:bc:0f:51:34:56:f8:fc:9f:
8c:9a:26:0e:76:d7:12:cf:a9:44:c8:65:a6:14:90:
e3:84:2b:19:33:e0:79:91:75:2d:35:fd:1e:16:d5:
b1:80:ed:f8:2d:bc:a9:71:7d:b9:18:2e:00:8f:6d:
02:6d:94:82:c0:26:fd:8c:8e:40:57:85:a6:80:c4:
2e:f5:aa:22:8c:5a:41:6b:f3:d0:0c:f2:24:17:82:
14:0b:7a:4f:b6:0a:0c:d8:65:8b:99:98:31:23:bc:
98:61:fa:f5:f1:56:1c:9a:d1:06:b1:2b:a6:6d:bc:
17:3b:fa:54:28:ba:ba:34:04:18:3b:00:fa:a7:a3:
d8:6e:21:dd:7c:e7:96:a4:56:ea:24:39:ca:d1:0e:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FF:F4:95:00:3A:A5:AD:86:05:35:81:92:15:14:F0:78:37:B8:3F
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/ff_0lQA6pa2GBTWBkhUU8Hg3uD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.128.0/22
Signature Algorithm: sha256WithRSAEncryption
22:b4:ae:44:be:89:c8:2a:23:74:b8:f2:d7:41:a0:22:b6:f3:
1c:99:c3:f0:ca:64:73:b9:d4:ef:4a:d3:62:b8:d6:54:1a:cf:
ff:ca:1d:02:61:18:51:4a:4a:d0:ba:dc:85:40:57:d8:de:98:
21:f1:02:63:eb:fc:30:81:9e:88:3c:c3:77:c9:47:c2:d1:e3:
d9:1b:a1:cb:0f:f4:da:61:6f:05:7a:8a:81:57:9e:c7:57:1d:
3f:ca:c2:ed:12:83:56:ab:e7:05:cf:22:9e:d5:4d:93:e3:f9:
f8:e7:df:b9:de:77:02:79:1e:44:ba:a2:1d:9a:7d:84:fa:37:
5e:39:7f:75:55:ce:1e:2b:4a:e6:70:dd:d1:e1:84:b9:21:ad:
ff:ae:8d:79:36:36:58:fb:7b:a2:d2:d3:b8:24:0e:46:2e:ed:
ca:4a:b8:58:bd:b7:16:ed:e4:b7:d4:e1:5e:f7:f6:3f:f1:cb:
1f:06:55:24:2c:00:d7:db:f8:fa:dd:f7:c2:b5:fd:66:03:6d:
35:3e:db:f5:41:ee:89:ad:87:5c:05:f5:44:19:98:e3:77:50:
06:fd:89:b7:ba:0a:c7:b9:a9:4e:7e:53:50:6b:89:a3:ce:c5:
b1:b1:12:d2:70:a6:1f:43:12:16:a1:ee:f2:ea:33:86:d3:59:
2b:11:06:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuXuRUCDC850TEcYpN92AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjMwMTAyMDQyNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZmZjQ5NTAwM2FhNWFkODYwNTM1ODE5MjE1MTRmMDc4MzdiODNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig8N/RFnGn1QqXWnVJPaiQMOo1C4
5eI8/7/UpSGWN7c15WLUse0w+vr5H3915T4KRnVckVt+CDm4whzcbhucLwBGXRAX
QcWzyFZUwa1wW4Namhp0OlG9Bu5x0omUGTE5fx3egZAmWE/BH0/d38oRvA9RNFb4
/J+MmiYOdtcSz6lEyGWmFJDjhCsZM+B5kXUtNf0eFtWxgO34LbypcX25GC4Aj20C
bZSCwCb9jI5AV4WmgMQu9aoijFpBa/PQDPIkF4IUC3pPtgoM2GWLmZgxI7yYYfr1
8VYcmtEGsSumbbwXO/pUKLq6NAQYOwD6p6PYbiHdfOeWpFbqJDnK0Q7FVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH3/9JUAOqWthgU1gZIVFPB4N7g/MB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvZmZfMGxRQTZwYTJHQlRXQmtoVVU4SGczdUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX2AMA0G
CSqGSIb3DQEBCwUAA4IBAQAitK5EvonIKiN0uPLXQaAitvMcmcPwymRzudTvStNi
uNZUGs//yh0CYRhRSkrQutyFQFfY3pgh8QJj6/wwgZ6IPMN3yUfC0ePZG6HLD/Ta
YW8FeoqBV57HVx0/ysLtEoNWq+cFzyKe1U2T4/n459+53ncCeR5EuqIdmn2E+jde
OX91Vc4eK0rmcN3R4YS5Ia3/ro15NjZY+3ui0tO4JA5GLu3KSrhYvbcW7eS31OFe
9/Y/8csfBlUkLADX2/j63ffCtf1mA201Ptv1Qe6JrYdcBfVEGZjjd1AG/Ym3ugrH
ualOflNQa4mjzsWxsRLScKYfQxIWoe7y6jOG01krEQb8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:32 2024 by rpki-client on console-fra.rpki-client.org