Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/FjzfJoT1ZN1WJaxk0cb8wbJNDnI.roa
File: FjzfJoT1ZN1WJaxk0cb8wbJNDnI.roa (raw, json)
Hash identifier: rZZSgIMrIeDr58q4wBY/Gd+85x7FvNCYE4uQYkwAEAI=
Subject key identifier: 16:3C:DF:26:84:F5:64:DD:56:25:AC:64:D1:C6:FC:C1:B2:4D:0E:72
Certificate issuer: /CN=137f23944e3d78da920055d72c74d02be5455f35
Certificate serial: 01856C1380D92ED98B956DB1A14BAAB3B4F9
Authority key identifier: 13:7F:23:94:4E:3D:78:DA:92:00:55:D7:2C:74:D0:2B:E5:45:5F:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E38jlE49eNqSAFXXLHTQK-VFXzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/FjzfJoT1ZN1WJaxk0cb8wbJNDnI.roa
Signing time: Sun 01 Jan 2023 06:44:55 +0000
ROA not before: Sun 01 Jan 2023 06:44:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58744
IP address blocks: 185.252.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:80:d9:2e:d9:8b:95:6d:b1:a1:4b:aa:b3:b4:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=137f23944e3d78da920055d72c74d02be5455f35
Validity
Not Before: Jan 1 06:44:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=163cdf2684f564dd5625ac64d1c6fcc1b24d0e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:60:1e:c2:a6:b2:ad:b1:e6:02:da:e7:1f:15:
de:5b:ee:82:11:17:ee:db:eb:0d:e6:5a:7a:9a:3f:
50:58:98:3a:eb:e5:4f:19:8e:aa:09:64:6c:a5:a6:
0d:ea:9d:21:51:c6:20:ff:c7:b6:ed:f2:f2:6e:8e:
7b:62:c8:23:c5:9d:28:a4:2a:88:19:8f:e5:fb:80:
c5:fe:3c:d7:f5:42:28:d3:b9:ef:41:6f:f0:53:d0:
0e:83:cd:f8:df:08:4d:90:e0:7e:18:2f:39:2c:4d:
00:ea:d2:d1:11:bc:73:97:77:94:12:5d:73:26:54:
0a:fb:30:5b:39:34:70:89:98:03:25:21:4b:72:60:
ff:a9:31:79:24:18:cb:43:fe:37:67:7a:18:93:93:
77:3b:fc:d7:8d:fe:d0:10:02:be:d0:bc:df:6c:4f:
c0:70:f3:c9:d4:08:65:c7:db:10:42:1c:ab:81:f2:
da:69:a8:57:8b:cb:50:81:36:ec:f5:05:28:1b:11:
d2:0e:d6:ca:ab:92:fd:94:a9:f1:32:84:11:01:9e:
3c:f8:59:f6:08:fa:b5:7b:c8:be:5b:e2:23:2d:cd:
d3:6d:5d:da:02:1f:57:a8:48:e2:b2:8d:c3:44:9e:
0f:fb:be:54:b7:af:46:15:10:4e:15:f5:e9:99:59:
26:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3C:DF:26:84:F5:64:DD:56:25:AC:64:D1:C6:FC:C1:B2:4D:0E:72
X509v3 Authority Key Identifier:
keyid:13:7F:23:94:4E:3D:78:DA:92:00:55:D7:2C:74:D0:2B:E5:45:5F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E38jlE49eNqSAFXXLHTQK-VFXzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/FjzfJoT1ZN1WJaxk0cb8wbJNDnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4a164e-1e58-4105-bed1-407af89ad8e9/1/E38jlE49eNqSAFXXLHTQK-VFXzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.252.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:ac:0f:ed:bd:e3:17:9e:b6:64:de:22:66:ed:a0:24:0d:37:
10:b4:3c:3a:24:40:c0:25:1f:78:a1:06:2f:0d:07:30:c4:39:
4a:af:80:f6:e0:a6:3f:6b:56:ad:c7:40:b4:2c:78:32:35:f8:
ae:d6:1e:dc:ce:17:c4:4f:51:87:08:e9:37:83:1b:0c:8e:08:
c0:39:16:4a:b2:2b:7f:08:db:4f:23:7e:e7:35:6f:c5:98:57:
df:2f:0a:0c:bf:6a:34:58:22:e4:ab:4f:7c:73:0e:da:d8:44:
f2:98:e7:ed:76:4e:50:4c:cd:ff:81:03:b1:9e:de:97:0e:7e:
5b:4a:8f:94:a9:50:a4:c0:89:bb:31:da:a7:0e:0a:97:54:d5:
98:9a:2e:3f:db:dd:e7:d7:df:9a:d4:b6:88:6c:89:53:22:ad:
5a:50:51:8a:9e:ba:88:cc:48:9c:78:b8:8a:00:2b:db:7a:9f:
5a:2a:d3:4c:4e:17:bd:4d:d7:aa:5c:b3:53:c0:40:a1:13:2b:
98:26:66:e1:44:b0:10:4e:bf:2e:3c:3c:33:a5:f4:06:c3:41:
39:17:36:70:d3:73:5d:70:92:77:c7:2d:5f:8e:bd:36:73:36:
52:4f:08:74:81:e8:b6:0d:70:b8:84:2c:79:08:2d:34:b2:9c:
68:70:88:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE4DZLtmLlW2xoUuqs7T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzN2YyMzk0NGUzZDc4ZGE5MjAwNTVkNzJjNzRkMDJiZTU0
NTVmMzUwHhcNMjMwMTAxMDY0NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjNjZGYyNjg0ZjU2NGRkNTYyNWFjNjRkMWM2ZmNjMWIyNGQwZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGAewqayrbHmAtrnHxXeW+6CERfu
2+sN5lp6mj9QWJg66+VPGY6qCWRspaYN6p0hUcYg/8e27fLybo57YsgjxZ0opCqI
GY/l+4DF/jzX9UIo07nvQW/wU9AOg8343whNkOB+GC85LE0A6tLREbxzl3eUEl1z
JlQK+zBbOTRwiZgDJSFLcmD/qTF5JBjLQ/43Z3oYk5N3O/zXjf7QEAK+0LzfbE/A
cPPJ1Ahlx9sQQhyrgfLaaahXi8tQgTbs9QUoGxHSDtbKq5L9lKnxMoQRAZ48+Fn2
CPq1e8i+W+IjLc3TbV3aAh9XqEjiso3DRJ4P+75Ut69GFRBOFfXpmVkmQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBY83yaE9WTdViWsZNHG/MGyTQ5yMB8GA1UdIwQY
MBaAFBN/I5ROPXjakgBV1yx00CvlRV81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTM4amxFNDllTnFTQUZYWExIVFFLLVZGWHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YTE2NGUtMWU1OC00MTA1LWJlZDEt
NDA3YWY4OWFkOGU5LzEvRmp6ZkpvVDFaTjFXSmF4azBjYjh3YkpORG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy80YTE2NGUtMWU1OC00MTA1LWJlZDEtNDA3YWY4OWFkOGU5
LzEvRTM4amxFNDllTnFTQUZYWExIVFFLLVZGWHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufz8MA0G
CSqGSIb3DQEBCwUAA4IBAQCwrA/tveMXnrZk3iJm7aAkDTcQtDw6JEDAJR94oQYv
DQcwxDlKr4D24KY/a1atx0C0LHgyNfiu1h7czhfET1GHCOk3gxsMjgjAORZKsit/
CNtPI37nNW/FmFffLwoMv2o0WCLkq098cw7a2ETymOftdk5QTM3/gQOxnt6XDn5b
So+UqVCkwIm7MdqnDgqXVNWYmi4/293n19+a1LaIbIlTIq1aUFGKnrqIzEiceLiK
ACvbep9aKtNMThe9TdeqXLNTwEChEyuYJmbhRLAQTr8uPDwzpfQGw0E5FzZw03Nd
cJJ3xy1fjr02czZSTwh0gei2DXC4hCx5CC00spxocIg+
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:41 2024 by rpki-client on console-ams.rpki-client.org