Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/73f6f0-5794-49e0-b4f7-84327227eff0/1/v3fxJExHv_lLRhw2hjHCjxokM90.roa
File: v3fxJExHv_lLRhw2hjHCjxokM90.roa (raw, json)
Hash identifier: Mye1f7hD5FT1MUL7s6aB144iECgy7eVDtILAra6udLA=
Subject key identifier: BF:77:F1:24:4C:47:BF:F9:4B:46:1C:36:86:31:C2:8F:1A:24:33:DD
Certificate issuer: /CN=e32b7329fa83f3b48bb16560060d71d9b3024b66
Certificate serial: 01856C7828A17B309C69B77B7EFCB496353F
Authority key identifier: E3:2B:73:29:FA:83:F3:B4:8B:B1:65:60:06:0D:71:D9:B3:02:4B:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4ytzKfqD87SLsWVgBg1x2bMCS2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/73f6f0-5794-49e0-b4f7-84327227eff0/1/v3fxJExHv_lLRhw2hjHCjxokM90.roa
Signing time: Sun 01 Jan 2023 08:34:52 +0000
ROA not before: Sun 01 Jan 2023 08:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205253
IP address blocks: 185.219.39.0/24 maxlen: 24
185.219.37.0/24 maxlen: 24
185.219.36.0/24 maxlen: 24
185.219.38.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:28:a1:7b:30:9c:69:b7:7b:7e:fc:b4:96:35:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e32b7329fa83f3b48bb16560060d71d9b3024b66
Validity
Not Before: Jan 1 08:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf77f1244c47bff94b461c368631c28f1a2433dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0d:44:78:f3:85:0b:41:42:3f:cc:fd:49:72:
9c:0c:5e:9e:85:08:65:86:9a:80:c1:33:37:df:31:
16:88:73:4b:34:56:a4:13:d8:d5:0e:b2:71:33:3c:
23:35:4e:1e:52:a2:30:20:21:17:a8:5f:c0:bb:0a:
47:af:98:7b:5d:60:99:40:fa:68:3b:9d:17:b6:28:
b0:5d:5a:3c:d1:1b:95:26:93:e8:2e:48:88:b1:df:
b8:38:77:0c:3f:a5:b3:bb:95:f8:49:fc:f0:a2:7b:
28:c6:0e:c3:1e:0d:3f:b9:33:45:9e:7e:43:b5:73:
c4:ca:db:df:5f:14:da:fe:93:9b:0b:9c:58:97:c7:
5a:78:85:64:f8:68:06:4d:e0:cd:75:59:21:45:25:
2b:01:b0:44:39:b4:72:bb:b5:f2:32:61:ea:3e:bb:
d6:e6:92:77:eb:8f:0e:e7:7e:a0:df:44:55:14:0a:
07:1b:f2:71:c3:bf:55:25:9d:0e:ae:a9:bb:ed:80:
d0:54:97:59:6f:a5:6a:69:a3:d4:31:cf:f3:4a:03:
51:96:1c:07:39:3c:ac:f4:7f:e1:ff:40:c0:8b:d9:
75:24:e5:9a:d7:55:09:89:94:84:22:9a:0c:ee:f6:
40:95:24:37:dc:38:0c:a6:9c:ab:78:e2:5f:85:cc:
47:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:77:F1:24:4C:47:BF:F9:4B:46:1C:36:86:31:C2:8F:1A:24:33:DD
X509v3 Authority Key Identifier:
keyid:E3:2B:73:29:FA:83:F3:B4:8B:B1:65:60:06:0D:71:D9:B3:02:4B:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4ytzKfqD87SLsWVgBg1x2bMCS2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/73f6f0-5794-49e0-b4f7-84327227eff0/1/v3fxJExHv_lLRhw2hjHCjxokM90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/73f6f0-5794-49e0-b4f7-84327227eff0/1/4ytzKfqD87SLsWVgBg1x2bMCS2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.36.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:71:94:df:67:cd:82:a9:7f:1b:22:a7:8c:06:e3:42:cf:d5:
7e:ae:10:37:7c:d5:f4:59:a4:2d:31:42:2f:77:64:bb:4f:92:
c4:b8:0c:a2:60:99:38:02:2e:a0:a9:78:1e:84:5a:1c:f2:59:
58:79:f0:3b:da:83:5b:06:e0:83:3d:12:ee:bb:00:6a:b5:5e:
25:d5:d7:ea:df:72:41:20:a4:2e:2f:0f:df:f3:d4:55:e9:c9:
f2:42:a2:be:14:54:7f:02:40:66:59:20:c3:1e:a9:93:b5:9a:
34:ea:06:de:ea:41:36:b7:ce:f0:40:6a:7e:09:81:ca:b3:36:
9c:1d:0d:d3:48:e4:0e:3e:a8:69:e1:02:93:a8:17:dd:05:5f:
6e:12:75:9d:42:10:58:47:f1:c3:ac:b0:bc:7a:09:12:6b:c8:
bc:6f:5a:d7:9d:f3:86:60:b3:33:ce:b8:67:21:4c:a2:75:6c:
ef:16:a1:05:c5:c9:dc:a8:21:08:e0:01:b9:ee:91:c7:a5:b2:
48:98:62:86:70:c0:e0:0c:c8:c0:4e:25:7e:f1:78:ed:aa:ba:
1c:79:07:d2:90:64:be:c7:e8:2d:05:fc:c2:0a:7e:75:02:28:
1c:90:78:81:5e:fc:8c:bd:68:f2:5d:03:a5:fd:fb:1f:ec:91:
82:de:8b:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseCihezCcabd7fvy0ljU/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMmI3MzI5ZmE4M2YzYjQ4YmIxNjU2MDA2MGQ3MWQ5YjMw
MjRiNjYwHhcNMjMwMTAxMDgzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjc3ZjEyNDRjNDdiZmY5NGI0NjFjMzY4NjMxYzI4ZjFhMjQzM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ1EePOFC0FCP8z9SXKcDF6ehQhl
hpqAwTM33zEWiHNLNFakE9jVDrJxMzwjNU4eUqIwICEXqF/AuwpHr5h7XWCZQPpo
O50XtiiwXVo80RuVJpPoLkiIsd+4OHcMP6Wzu5X4Sfzwonsoxg7DHg0/uTNFnn5D
tXPEytvfXxTa/pObC5xYl8daeIVk+GgGTeDNdVkhRSUrAbBEObRyu7XyMmHqPrvW
5pJ3648O536g30RVFAoHG/Jxw79VJZ0Orqm77YDQVJdZb6VqaaPUMc/zSgNRlhwH
OTys9H/h/0DAi9l1JOWa11UJiZSEIpoM7vZAlSQ33DgMppyreOJfhcxHKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL938SRMR7/5S0YcNoYxwo8aJDPdMB8GA1UdIwQY
MBaAFOMrcyn6g/O0i7FlYAYNcdmzAktmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHl0ektmcUQ4N1NMc1dWZ0JnMXgyYk1DUzJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi83M2Y2ZjAtNTc5NC00OWUwLWI0Zjct
ODQzMjcyMjdlZmYwLzEvdjNmeEpFeEh2X2xMUmh3MmhqSENqeG9rTTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi83M2Y2ZjAtNTc5NC00OWUwLWI0ZjctODQzMjcyMjdlZmYw
LzEvNHl0ektmcUQ4N1NMc1dWZ0JnMXgyYk1DUzJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudskMA0G
CSqGSIb3DQEBCwUAA4IBAQB9cZTfZ82CqX8bIqeMBuNCz9V+rhA3fNX0WaQtMUIv
d2S7T5LEuAyiYJk4Ai6gqXgehFoc8llYefA72oNbBuCDPRLuuwBqtV4l1dfq33JB
IKQuLw/f89RV6cnyQqK+FFR/AkBmWSDDHqmTtZo06gbe6kE2t87wQGp+CYHKszac
HQ3TSOQOPqhp4QKTqBfdBV9uEnWdQhBYR/HDrLC8egkSa8i8b1rXnfOGYLMzzrhn
IUyidWzvFqEFxcncqCEI4AG57pHHpbJImGKGcMDgDMjATiV+8XjtqroceQfSkGS+
x+gtBfzCCn51AigckHiBXvyMvWjyXQOl/fsf7JGC3ot7
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:20 2024 by rpki-client on console-fra.rpki-client.org