Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/v4FSKjymtw70eLs5F04jLru43EA.roa
File: v4FSKjymtw70eLs5F04jLru43EA.roa (raw, json)
Hash identifier: 5ti60AoscLNGMR+WOnh7xSzrEFtuS4pfcO95KutkUDA=
Subject key identifier: BF:81:52:2A:3C:A6:B7:0E:F4:78:BB:39:17:4E:23:2E:BB:B8:DC:40
Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Certificate serial: 01856D789B6A8DC7DD4ECB03B77BDC7DDB1A
Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/v4FSKjymtw70eLs5F04jLru43EA.roa
Signing time: Sun 01 Jan 2023 13:14:58 +0000
ROA not before: Sun 01 Jan 2023 13:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212001
IP address blocks: 185.87.170.0/24 maxlen: 24
185.87.168.0/24 maxlen: 24
185.87.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:9b:6a:8d:c7:dd:4e:cb:03:b7:7b:dc:7d:db:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b
Validity
Not Before: Jan 1 13:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bf81522a3ca6b70ef478bb39174e232ebbb8dc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a8:60:80:1b:dd:76:b9:1c:7a:22:21:a8:6d:
91:86:e3:fd:7f:26:54:d1:1c:bf:ad:78:8f:de:22:
de:77:cc:25:cc:2a:3c:be:8a:79:65:7a:07:2e:f3:
fd:ed:2e:b5:a0:d8:94:bd:db:72:d0:7a:24:91:74:
8d:a7:ff:f3:ee:4f:c4:ba:f0:1d:b8:fb:1b:ad:77:
c0:7b:26:d8:b0:b4:1a:51:9f:c5:72:ad:35:3a:22:
ec:fd:7d:99:06:fa:a3:6e:6d:b4:39:68:e9:7d:d4:
49:fa:47:e4:f4:d1:94:39:1c:53:82:a4:40:e3:5c:
96:04:87:c5:21:1d:c6:2f:2c:3d:51:f1:c2:f6:c1:
28:70:96:35:ae:3c:1f:da:74:b8:41:a0:aa:bc:48:
3d:fe:8d:0b:ae:3a:1f:cb:86:b7:eb:bc:2c:44:08:
30:c9:b4:96:08:8a:3e:b2:75:4c:c2:66:90:99:c1:
ac:b0:a3:d6:91:9a:82:f4:cd:ec:75:09:af:15:50:
6e:d0:b8:7a:fa:07:ec:b7:b1:39:e4:71:bf:6b:69:
8d:cc:02:ac:7a:9e:bc:6c:4c:44:45:19:dc:1b:5c:
71:9c:2d:e0:74:b9:69:ce:06:f2:82:3c:9a:58:4e:
db:ce:3c:5a:e5:7b:da:03:76:df:30:96:db:b0:7f:
ad:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:81:52:2A:3C:A6:B7:0E:F4:78:BB:39:17:4E:23:2E:BB:B8:DC:40
X509v3 Authority Key Identifier:
keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/v4FSKjymtw70eLs5F04jLru43EA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.168.0-185.87.170.255
Signature Algorithm: sha256WithRSAEncryption
99:a1:ae:96:85:54:bb:3b:eb:7d:1e:2f:45:2c:6f:4d:c3:3f:
4c:a4:8d:e8:be:b4:d0:cd:e6:c1:31:b5:3d:16:fe:dc:7e:86:
79:72:1a:cf:c4:fa:aa:3c:04:66:80:6d:b5:97:7a:66:fd:4f:
e7:c6:5d:e7:39:35:12:e2:4a:9a:c5:fb:7c:14:5d:06:d9:5f:
02:14:59:a8:c5:e8:42:99:f9:05:ac:12:37:35:06:bc:fd:86:
a2:1c:48:8a:1b:d8:fa:55:70:c0:86:55:25:8f:d1:b3:9b:3d:
b3:3d:90:00:d0:b5:94:f3:82:e9:09:14:92:b7:b5:07:7f:b5:
9c:c7:f7:e1:53:94:4e:70:11:82:6f:0e:3c:68:4f:f1:cb:a2:
1b:db:09:68:48:86:2f:10:eb:9e:a4:4a:6e:84:91:1d:10:16:
cb:48:32:4a:02:eb:97:84:6a:46:57:ac:bd:c4:66:19:2e:d5:
75:39:ff:51:ba:2d:63:45:06:af:d3:b9:43:c0:d1:3a:b4:bb:
34:15:e9:18:a2:13:63:73:b0:53:c1:ab:73:ea:26:ad:a0:43:
ae:7a:43:c9:18:b1:15:53:70:1d:e7:fd:08:ed:1a:b9:40:09:
84:b9:19:25:a2:c5:1f:4a:78:69:25:b4:f5:ce:c3:1f:d8:da:
5e:0d:12:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVteJtqjcfdTssDt3vcfdsaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm
MDQ1OWIwHhcNMjMwMTAxMTMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgxNTIyYTNjYTZiNzBlZjQ3OGJiMzkxNzRlMjMyZWJiYjhkYzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKhggBvddrkceiIhqG2RhuP9fyZU
0Ry/rXiP3iLed8wlzCo8vop5ZXoHLvP97S61oNiUvdty0HokkXSNp//z7k/EuvAd
uPsbrXfAeybYsLQaUZ/Fcq01OiLs/X2ZBvqjbm20OWjpfdRJ+kfk9NGUORxTgqRA
41yWBIfFIR3GLyw9UfHC9sEocJY1rjwf2nS4QaCqvEg9/o0Lrjofy4a367wsRAgw
ybSWCIo+snVMwmaQmcGssKPWkZqC9M3sdQmvFVBu0Lh6+gfst7E55HG/a2mNzAKs
ep68bExERRncG1xxnC3gdLlpzgbygjyaWE7bzjxa5XvaA3bfMJbbsH+tKQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFL+BUio8prcO9Hi7ORdOIy67uNxAMB8GA1UdIwQY
MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct
MjYwYzM3N2EzMTRhLzEvdjRGU0tqeW10dzcwZUxzNUYwNGpMcnU0M0VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh
LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5V6gD
BAC5V6owDQYJKoZIhvcNAQELBQADggEBAJmhrpaFVLs7630eL0Usb03DP0ykjei+
tNDN5sExtT0W/tx+hnlyGs/E+qo8BGaAbbWXemb9T+fGXec5NRLiSprF+3wUXQbZ
XwIUWajF6EKZ+QWsEjc1Brz9hqIcSIob2PpVcMCGVSWP0bObPbM9kADQtZTzgukJ
FJK3tQd/tZzH9+FTlE5wEYJvDjxoT/HLohvbCWhIhi8Q656kSm6EkR0QFstIMkoC
65eEakZXrL3EZhku1XU5/1G6LWNFBq/TuUPA0Tq0uzQV6RiiE2NzsFPBq3PqJq2g
Q656Q8kYsRVTcB3n/QjtGrlACYS5GSWixR9KeGkltPXOwx/Y2l4NEvQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:34 2024 by rpki-client on console-fra.rpki-client.org