Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/1-FPXx2ek5Z7Dog813NyIP7G-CaM.roa
File: 1-FPXx2ek5Z7Dog813NyIP7G-CaM.roa (raw, json)
Hash identifier: Fc0jDteSBlj+1Au30+y7E6lXlBvEqUQTVVxn2vPCjLM=
Subject key identifier: F8:53:D7:C7:67:A4:E5:9E:C3:A2:0F:35:DC:DC:88:3F:B1:BE:09:A3
Certificate issuer: /CN=06785117986adaa437bec30a2bf9f157a9257df2
Certificate serial: 0185738FE4493F3F9E6464B8300AADC1B618
Authority key identifier: 06:78:51:17:98:6A:DA:A4:37:BE:C3:0A:2B:F9:F1:57:A9:25:7D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnhRF5hq2qQ3vsMKK_nxV6klffI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/1-FPXx2ek5Z7Dog813NyIP7G-CaM.roa
Signing time: Mon 02 Jan 2023 17:38:07 +0000
ROA not before: Mon 02 Jan 2023 17:38:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56327
IP address blocks: 185.248.72.0/22 maxlen: 22
185.219.224.0/22 maxlen: 22
2a0f:78c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:e4:49:3f:3f:9e:64:64:b8:30:0a:ad:c1:b6:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06785117986adaa437bec30a2bf9f157a9257df2
Validity
Not Before: Jan 2 17:38:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f853d7c767a4e59ec3a20f35dcdc883fb1be09a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:3a:42:1f:1d:19:8e:d4:a8:23:6d:47:fc:
5d:4e:fc:69:00:70:c6:63:59:9f:56:6d:33:2b:92:
0a:99:25:d6:55:70:8b:5c:d5:84:21:3e:70:df:c0:
9d:81:b3:98:30:80:d0:84:8b:34:ee:9b:2d:91:3d:
d1:8f:0d:76:94:ff:35:8e:ca:7a:18:7c:66:11:62:
52:60:f6:a4:c8:bf:f3:85:87:b1:b1:ad:2c:98:b6:
75:cc:f6:7a:3b:b4:ef:f0:6a:89:01:0a:29:d5:19:
ce:25:75:94:9b:c7:ec:6f:e8:a2:7a:af:8e:94:54:
ad:e9:3c:2a:b2:cc:45:19:c6:95:99:55:e9:4e:97:
8b:4a:eb:a8:5c:b1:db:09:a5:57:a3:74:13:5e:91:
9b:d5:05:26:4f:6a:ce:5b:dc:bb:a3:40:ac:45:f8:
63:5d:2f:b8:35:36:f4:e0:3f:8f:7d:cd:34:0f:14:
ab:ff:05:d3:a1:ec:aa:15:52:ac:e2:86:ba:97:be:
0c:bf:e4:5a:dc:3a:30:1e:3b:5f:f3:a9:47:c5:4f:
c6:f0:f3:0a:ea:7f:f4:27:8b:94:0d:66:44:6d:97:
df:67:59:17:d6:f3:07:d3:d9:b3:91:92:2f:b8:29:
44:d7:10:fa:dd:06:51:1b:1d:cb:04:0d:b6:53:0b:
57:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:53:D7:C7:67:A4:E5:9E:C3:A2:0F:35:DC:DC:88:3F:B1:BE:09:A3
X509v3 Authority Key Identifier:
keyid:06:78:51:17:98:6A:DA:A4:37:BE:C3:0A:2B:F9:F1:57:A9:25:7D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnhRF5hq2qQ3vsMKK_nxV6klffI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/1-FPXx2ek5Z7Dog813NyIP7G-CaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/48f964-a431-4de6-99ce-84ee488566f1/1/BnhRF5hq2qQ3vsMKK_nxV6klffI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.224.0/22
185.248.72.0/22
IPv6:
2a0f:78c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:5e:9c:41:b0:df:79:00:92:eb:bf:f2:17:cb:40:77:51:f3:
da:32:a9:4b:71:43:54:a1:e9:98:46:45:68:3e:95:89:f1:78:
8c:36:9a:ec:f4:40:60:02:7e:cd:4f:63:a8:e3:e1:be:5d:6f:
77:a8:2b:44:5d:9b:5d:d1:1e:54:60:fe:50:6f:64:82:ac:54:
af:de:9e:1e:09:6a:32:2c:2a:68:24:60:45:10:9d:51:8d:90:
41:f5:11:79:42:0c:02:22:38:83:42:6a:2c:82:bc:3c:dc:df:
45:5f:b1:72:c2:6c:66:81:92:25:2a:2f:b2:45:de:cf:07:22:
2f:cd:9c:58:08:f8:b3:ef:40:a3:87:34:34:3f:81:64:65:7e:
55:45:a6:f1:96:55:eb:21:1a:89:00:34:8d:d5:97:91:b9:1b:
e6:b5:c5:77:70:ef:5e:59:d2:6b:eb:c2:be:40:19:4e:34:e0:
b1:46:1f:ac:50:fa:1c:16:6e:f4:0d:a6:e5:93:6e:25:18:f1:
1a:a1:52:db:04:06:72:54:76:57:ae:f1:dc:2b:bb:09:4b:20:
c7:f0:df:8e:27:c6:80:e1:f6:c5:54:5a:9f:a9:97:b8:27:dd:
1d:c2:14:6c:17:b7:5c:dd:cf:8e:85:7a:08:d9:34:fb:d1:8b:
04:a2:94:b1
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVzj+RJPz+eZGS4MAqtwbYYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Nzg1MTE3OTg2YWRhYTQzN2JlYzMwYTJiZjlmMTU3YTky
NTdkZjIwHhcNMjMwMTAyMTczODA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODUzZDdjNzY3YTRlNTllYzNhMjBmMzVkY2RjODgzZmIxYmUwOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld06Qh8dGY7UqCNtR/xdTvxpAHDG
Y1mfVm0zK5IKmSXWVXCLXNWEIT5w38CdgbOYMIDQhIs07pstkT3Rjw12lP81jsp6
GHxmEWJSYPakyL/zhYexsa0smLZ1zPZ6O7Tv8GqJAQop1RnOJXWUm8fsb+iieq+O
lFSt6TwqssxFGcaVmVXpTpeLSuuoXLHbCaVXo3QTXpGb1QUmT2rOW9y7o0CsRfhj
XS+4NTb04D+Pfc00DxSr/wXToeyqFVKs4oa6l74Mv+Ra3DowHjtf86lHxU/G8PMK
6n/0J4uUDWZEbZffZ1kX1vMH09mzkZIvuClE1xD63QZRGx3LBA22UwtXWQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPhT18dnpOWew6IPNdzciD+xvgmjMB8GA1UdIwQY
MBaAFAZ4UReYatqkN77DCiv58VepJX3yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5oUkY1aHEycVEzdnNNS0tfbnhWNmtsZmZJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80OGY5NjQtYTQzMS00ZGU2LTk5Y2Ut
ODRlZTQ4ODU2NmYxLzEvMS1GUFh4MmVrNVo3RG9nODEzTnlJUDdHLUNhTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWQvNDhmOTY0LWE0MzEtNGRlNi05OWNlLTg0ZWU0ODg1NjZm
MS8xL0JuaFJGNWhxMnFRM3ZzTUtLX254VjZrbGZmSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArnb4AME
Arn4SDANBAIAAjAHAwUDKg94wDANBgkqhkiG9w0BAQsFAAOCAQEAZ16cQbDfeQCS
67/yF8tAd1Hz2jKpS3FDVKHpmEZFaD6VifF4jDaa7PRAYAJ+zU9jqOPhvl1vd6gr
RF2bXdEeVGD+UG9kgqxUr96eHglqMiwqaCRgRRCdUY2QQfUReUIMAiI4g0JqLIK8
PNzfRV+xcsJsZoGSJSovskXezwciL82cWAj4s+9Ao4c0ND+BZGV+VUWm8ZZV6yEa
iQA0jdWXkbkb5rXFd3DvXlnSa+vCvkAZTjTgsUYfrFD6HBZu9A2m5ZNuJRjxGqFS
2wQGclR2V67x3Cu7CUsgx/DfjifGgOH2xVRan6mXuCfdHcIUbBe3XN3PjoV6CNk0
+9GLBKKUsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:12 2024 by rpki-client on console-ams.rpki-client.org