Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/58c87b-9aa8-48ea-85c3-06b163d359e0/1/fauOc5wOy9Lsw1YN1692ylaPFPA.roa
File: fauOc5wOy9Lsw1YN1692ylaPFPA.roa (raw, json)
Hash identifier: 40PyYGxQEoCu4FdRBD+sro0FDKfIstQJO+A5xJeB5ps=
Subject key identifier: 7D:AB:8E:73:9C:0E:CB:D2:EC:C3:56:0D:D7:AF:76:CA:56:8F:14:F0
Certificate issuer: /CN=d77c869a86fec833793eeedaccd4b1f7ca4433e9
Certificate serial: 01856D8AF92DFE20DFF3D24677B2A03FF953
Authority key identifier: D7:7C:86:9A:86:FE:C8:33:79:3E:EE:DA:CC:D4:B1:F7:CA:44:33:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13yGmob-yDN5Pu7azNSx98pEM-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/58c87b-9aa8-48ea-85c3-06b163d359e0/1/fauOc5wOy9Lsw1YN1692ylaPFPA.roa
Signing time: Sun 01 Jan 2023 13:35:02 +0000
ROA not before: Sun 01 Jan 2023 13:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58243
IP address blocks: 185.207.156.0/22 maxlen: 22
2a0b:25c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:f9:2d:fe:20:df:f3:d2:46:77:b2:a0:3f:f9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d77c869a86fec833793eeedaccd4b1f7ca4433e9
Validity
Not Before: Jan 1 13:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dab8e739c0ecbd2ecc3560dd7af76ca568f14f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7e:af:db:28:fe:39:66:60:3a:d8:7c:a2:b1:
de:e4:c8:53:b3:90:76:bc:34:e8:42:c3:8d:b5:95:
c3:18:24:75:8e:55:22:7c:c8:76:d9:cb:f4:5d:11:
f0:52:14:85:2f:4a:e3:9d:02:25:55:53:71:6e:77:
65:61:c7:bd:1a:b9:34:f9:37:78:bb:96:cc:e7:77:
73:47:16:c5:18:df:01:5d:44:3d:a7:d2:f4:08:63:
d9:20:a7:fa:fc:be:24:7c:ae:37:9c:de:96:78:4d:
aa:0e:19:3e:a6:65:e9:0d:a3:b2:cb:d2:fb:f3:53:
bf:1b:99:f5:4f:12:97:f6:16:a4:a3:ed:b2:1b:5f:
07:a2:17:6e:0e:db:ff:96:ea:65:93:a7:17:22:bf:
69:06:53:84:b1:41:b4:bd:91:f7:cf:3d:93:86:5d:
ce:cd:e5:61:47:17:b3:0a:58:71:82:1d:fa:31:ae:
5a:1b:06:3e:17:41:f9:17:e1:d2:9e:67:0b:51:c4:
1e:5d:12:b8:37:80:0e:9a:53:b5:24:47:21:48:68:
dd:c0:29:97:99:c2:fe:ed:ac:a2:a7:76:d6:cc:c1:
b1:9e:62:d6:bb:43:5e:d5:f7:bf:46:e0:d6:ce:26:
83:b8:62:ee:9b:00:17:e4:cb:11:0e:ba:8d:ce:b4:
52:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:AB:8E:73:9C:0E:CB:D2:EC:C3:56:0D:D7:AF:76:CA:56:8F:14:F0
X509v3 Authority Key Identifier:
keyid:D7:7C:86:9A:86:FE:C8:33:79:3E:EE:DA:CC:D4:B1:F7:CA:44:33:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13yGmob-yDN5Pu7azNSx98pEM-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/58c87b-9aa8-48ea-85c3-06b163d359e0/1/fauOc5wOy9Lsw1YN1692ylaPFPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/58c87b-9aa8-48ea-85c3-06b163d359e0/1/13yGmob-yDN5Pu7azNSx98pEM-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.156.0/22
IPv6:
2a0b:25c0::/29
Signature Algorithm: sha256WithRSAEncryption
19:a8:e1:44:3f:9b:a1:3d:95:c3:39:4e:83:b3:ae:bd:32:ed:
64:5b:64:38:90:e2:ce:a6:fe:06:b6:b2:0a:73:4a:5c:2b:7c:
e0:17:fe:1d:93:75:41:5e:50:a2:08:7b:e5:87:2f:37:68:f2:
65:89:b6:93:f0:64:b3:82:b5:46:82:ee:8f:29:98:c1:6b:94:
db:f0:f5:f0:91:d1:5f:9f:52:01:e5:4a:12:a1:30:84:2c:6e:
29:33:41:18:fe:34:a3:d4:d6:5e:b3:76:37:5a:9c:e2:4e:46:
ef:2b:46:11:5b:af:44:14:90:aa:1c:e5:bd:6e:e6:e0:0c:7d:
c7:5b:95:bf:ae:dd:78:24:8f:de:61:ea:c2:d0:e8:30:01:8c:
df:5e:0a:bc:28:1f:68:3a:18:75:cb:d3:01:2a:9d:91:66:f9:
c4:d8:df:84:cc:3e:77:f8:3e:2b:3b:26:e4:3e:31:37:4e:02:
06:cc:a1:8b:69:48:28:d1:52:32:28:54:9b:95:a8:2d:69:83:
2f:0a:5a:3e:73:c9:6c:a4:14:4a:9f:4f:0e:50:3a:80:ad:f3:
11:f9:59:30:9d:0c:12:03:52:60:71:15:f6:d3:a6:32:06:2c:
be:13:e2:4a:45:85:ac:b0:90:57:16:36:df:97:49:ab:d2:67:
e5:ce:30:20
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtivkt/iDf89JGd7KgP/lTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3N2M4NjlhODZmZWM4MzM3OTNlZWVkYWNjZDRiMWY3Y2E0
NDMzZTkwHhcNMjMwMTAxMTMzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGFiOGU3MzljMGVjYmQyZWNjMzU2MGRkN2FmNzZjYTU2OGYxNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX6v2yj+OWZgOth8orHe5MhTs5B2
vDToQsONtZXDGCR1jlUifMh22cv0XRHwUhSFL0rjnQIlVVNxbndlYce9Grk0+Td4
u5bM53dzRxbFGN8BXUQ9p9L0CGPZIKf6/L4kfK43nN6WeE2qDhk+pmXpDaOyy9L7
81O/G5n1TxKX9hako+2yG18HohduDtv/luplk6cXIr9pBlOEsUG0vZH3zz2Thl3O
zeVhRxezClhxgh36Ma5aGwY+F0H5F+HSnmcLUcQeXRK4N4AOmlO1JEchSGjdwCmX
mcL+7ayip3bWzMGxnmLWu0Ne1fe/RuDWziaDuGLumwAX5MsRDrqNzrRSZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH2rjnOcDsvS7MNWDdevdspWjxTwMB8GA1UdIwQY
MBaAFNd8hpqG/sgzeT7u2szUsffKRDPpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTN5R21vYi15RE41UHU3YXpOU3g5OHBFTS1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81OGM4N2ItOWFhOC00OGVhLTg1YzMt
MDZiMTYzZDM1OWUwLzEvZmF1T2M1d095OUxzdzFZTjE2OTJ5bGFQRlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81OGM4N2ItOWFhOC00OGVhLTg1YzMtMDZiMTYzZDM1OWUw
LzEvMTN5R21vYi15RE41UHU3YXpOU3g5OHBFTS1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc+cMA0E
AgACMAcDBQMqCyXAMA0GCSqGSIb3DQEBCwUAA4IBAQAZqOFEP5uhPZXDOU6Ds669
Mu1kW2Q4kOLOpv4GtrIKc0pcK3zgF/4dk3VBXlCiCHvlhy83aPJlibaT8GSzgrVG
gu6PKZjBa5Tb8PXwkdFfn1IB5UoSoTCELG4pM0EY/jSj1NZes3Y3WpziTkbvK0YR
W69EFJCqHOW9bubgDH3HW5W/rt14JI/eYerC0OgwAYzfXgq8KB9oOhh1y9MBKp2R
ZvnE2N+EzD53+D4rOybkPjE3TgIGzKGLaUgo0VIyKFSblagtaYMvClo+c8lspBRK
n08OUDqArfMR+VkwnQwSA1JgcRX206YyBiy+E+JKRYWssJBXFjbfl0mr0mflzjAg
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:05 2024 by rpki-client on console-fra.rpki-client.org