Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/FzC7UFV8yAyMMacjEW_qk2r8RCA.roa
File: FzC7UFV8yAyMMacjEW_qk2r8RCA.roa (raw, json)
Hash identifier: +KhrULIDSjkT15d3qGZhjDeMCZQdtj/gGuPdpOR8o+A=
Subject key identifier: 17:30:BB:50:55:7C:C8:0C:8C:31:A7:23:11:6F:EA:93:6A:FC:44:20
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 01856D789B04CAF836F3A24EF62794EA4C61
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/FzC7UFV8yAyMMacjEW_qk2r8RCA.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211253
IP address blocks: 185.87.169.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
185.87.170.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9b:04:ca:f8:36:f3:a2:4e:f6:27:94:ea:4c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1730bb50557cc80c8c31a723116fea936afc4420
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:75:3d:51:24:22:d0:4a:72:ef:27:35:6a:a5:
be:36:48:f8:c1:df:18:34:c6:5d:38:81:0c:52:85:
d0:a3:0c:d3:56:bf:79:90:34:bf:1b:25:cf:68:4d:
1b:40:bb:67:bf:86:95:4b:8a:7c:d9:4c:54:71:bc:
fe:03:c5:f1:76:e0:05:13:a9:df:06:7d:36:85:ad:
61:75:93:70:ee:48:ca:15:49:ca:ce:af:9c:b3:55:
03:d6:ef:7c:2e:63:1c:35:82:56:9e:c7:1b:15:bb:
57:b4:ab:0a:04:a6:ea:22:84:82:42:d9:1d:62:44:
2c:e6:23:d3:ac:8d:17:f0:5a:e6:2b:54:02:d6:40:
72:c9:cb:da:6c:95:aa:a8:12:e0:ac:be:3e:6f:2a:
5f:34:1d:d2:e3:e7:ff:3f:f2:d7:da:64:4b:55:61:
7c:9d:be:95:2d:1d:6d:c3:75:ad:c5:21:25:b0:4e:
c8:d0:68:38:4b:85:cc:94:cd:4f:e1:5b:c5:71:0a:
ce:61:01:e1:ef:e2:52:e5:5a:03:b5:a2:03:76:01:
8f:fe:08:1e:c2:5d:ac:eb:31:3d:07:4e:5d:db:91:
0a:3e:7b:07:33:bc:8c:6c:18:11:53:0e:7f:d2:e6:
e2:37:d9:22:6f:c3:4f:47:07:3f:04:ff:1d:1e:cf:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:30:BB:50:55:7C:C8:0C:8C:31:A7:23:11:6F:EA:93:6A:FC:44:20
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/FzC7UFV8yAyMMacjEW_qk2r8RCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.168.0-185.87.170.255
Signature Algorithm: sha256WithRSAEncryption
4f:ce:ef:93:6f:2f:ce:80:cb:75:d4:1a:f3:b2:d5:01:4e:b4:
c6:49:87:d5:49:fd:9a:ae:91:71:80:29:32:63:1e:ba:42:b1:
0d:ea:b1:3f:13:e6:93:82:54:d0:83:82:13:1a:dd:d1:4e:30:
42:75:02:8a:10:48:c2:37:4e:d9:8c:a1:94:71:39:10:7d:0e:
55:b0:d2:d0:59:4a:28:27:59:cb:e3:67:56:7b:e3:cd:c1:9d:
95:f2:62:bb:c7:fe:a6:50:6a:24:46:df:c1:0c:c3:ad:3e:0e:
24:b4:4c:b1:04:28:f2:0f:dc:8a:38:60:30:a2:df:a7:e1:29:
e6:e9:5a:d9:85:b7:35:fe:ba:5d:fd:b1:1b:3e:32:03:b8:54:
1d:35:ea:3e:9c:6f:19:d0:01:a4:e1:03:89:2e:e7:28:fa:86:
ab:75:e2:be:48:7d:0e:cf:a0:fe:70:66:d3:01:5c:55:4c:39:
85:f8:a2:9a:c6:d9:a0:43:c9:d3:3b:47:30:01:f6:bd:fa:ba:
b0:af:86:3a:16:fa:2f:dd:1f:23:47:e9:b9:7d:24:73:1e:6e:
e6:26:29:4e:bd:79:92:69:ea:c4:52:b8:7d:e3:95:e0:45:56:
58:f5:8d:68:b4:3f:cb:d9:1c:fb:3d:e7:dd:21:ae:43:76:4a:
4c:d1:54:2f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVteJsEyvg286JO9ieU6kxhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzMwYmI1MDU1N2NjODBjOGMzMWE3MjMxMTZmZWE5MzZhZmM0NDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnU9USQi0Epy7yc1aqW+Nkj4wd8Y
NMZdOIEMUoXQowzTVr95kDS/GyXPaE0bQLtnv4aVS4p82UxUcbz+A8XxduAFE6nf
Bn02ha1hdZNw7kjKFUnKzq+cs1UD1u98LmMcNYJWnscbFbtXtKsKBKbqIoSCQtkd
YkQs5iPTrI0X8FrmK1QC1kByycvabJWqqBLgrL4+bypfNB3S4+f/P/LX2mRLVWF8
nb6VLR1tw3WtxSElsE7I0Gg4S4XMlM1P4VvFcQrOYQHh7+JS5VoDtaIDdgGP/gge
wl2s6zE9B05d25EKPnsHM7yMbBgRUw5/0ubiN9kib8NPRwc/BP8dHs8H2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBcwu1BVfMgMjDGnIxFv6pNq/EQgMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvRnpDN1VGVjh5QXlNTWFjakVXX3FrMnI4UkNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5V6gD
BAC5V6owDQYJKoZIhvcNAQELBQADggEBAE/O75NvL86Ay3XUGvOy1QFOtMZJh9VJ
/ZqukXGAKTJjHrpCsQ3qsT8T5pOCVNCDghMa3dFOMEJ1AooQSMI3TtmMoZRxORB9
DlWw0tBZSignWcvjZ1Z7483BnZXyYrvH/qZQaiRG38EMw60+DiS0TLEEKPIP3Io4
YDCi36fhKebpWtmFtzX+ul39sRs+MgO4VB016j6cbxnQAaThA4ku5yj6hqt14r5I
fQ7PoP5wZtMBXFVMOYX4oprG2aBDydM7RzAB9r36urCvhjoW+i/dHyNH6bl9JHMe
buYmKU69eZJp6sRSuH3jleBFVlj1jWi0P8vZHPs9590hrkN2SkzRVC8=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:18 2024 by rpki-client on console-fra.rpki-client.org