Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/8fezclpoa9F4WYZ-Ye4UyrhEFo4.roa
File: 8fezclpoa9F4WYZ-Ye4UyrhEFo4.roa (raw, json)
Hash identifier: 6Ez8fMDMgSFWdhKXPwZQchkVZkQ0+eV5H6Yt0zYLQJ0=
Subject key identifier: F1:F7:B3:72:5A:68:6B:D1:78:59:86:7E:61:EE:14:CA:B8:44:16:8E
Certificate issuer: /CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Certificate serial: 01856E144DF83270984D47E9538CF42B4303
Authority key identifier: B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/8fezclpoa9F4WYZ-Ye4UyrhEFo4.roa
Signing time: Sun 01 Jan 2023 16:05:02 +0000
ROA not before: Sun 01 Jan 2023 16:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20649
IP address blocks: 185.77.1.0/24 maxlen: 24
185.77.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:4d:f8:32:70:98:4d:47:e9:53:8c:f4:2b:43:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4ec6c0a5ebec5817d91b91e79a6bc6132eb9d2c
Validity
Not Before: Jan 1 16:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1f7b3725a686bd17859867e61ee14cab844168e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:3f:cf:8f:69:b4:93:2e:da:5c:2a:b2:47:ed:
bb:79:e4:e4:b7:f4:4f:65:41:19:46:9f:b9:f3:96:
6a:c5:b2:68:b5:2f:f2:44:8f:2c:4b:21:13:c7:00:
4b:bc:91:c2:be:1d:85:ec:04:ee:72:23:5c:b9:25:
d5:db:00:db:ad:bc:6b:8d:4c:0d:6b:e7:48:35:7a:
bb:78:38:93:dd:31:59:00:e0:09:17:69:8f:10:d6:
5c:f9:f6:5a:a5:64:5b:7c:fa:c6:ef:8f:cf:23:fe:
3a:27:b3:81:45:85:2a:f7:b5:7f:50:82:e5:81:4d:
73:f4:62:8b:8d:c0:d7:72:8c:a1:3f:a5:52:c3:01:
5f:c6:a6:6c:35:19:fa:20:87:31:bb:a8:5c:40:44:
7b:c4:26:38:74:5a:09:02:65:bd:66:15:96:34:a4:
c0:45:16:45:74:4b:52:fe:b9:c7:cc:e3:f8:68:34:
7e:37:7d:72:11:4e:cc:71:0e:3a:22:7d:e7:35:ce:
01:20:b8:13:f2:aa:60:c7:b7:84:ea:ba:c5:55:81:
67:a5:dc:68:09:b0:93:de:38:a0:ac:bc:ac:8a:d9:
59:ac:92:bc:64:b6:29:96:72:6b:02:0c:30:53:6c:
24:21:cc:44:72:73:4b:89:d2:78:36:fc:96:ce:d9:
ed:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:F7:B3:72:5A:68:6B:D1:78:59:86:7E:61:EE:14:CA:B8:44:16:8E
X509v3 Authority Key Identifier:
keyid:B4:EC:6C:0A:5E:BE:C5:81:7D:91:B9:1E:79:A6:BC:61:32:EB:9D:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOxsCl6-xYF9kbkeeaa8YTLrnSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/8fezclpoa9F4WYZ-Ye4UyrhEFo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/20974d-6403-4107-a75b-13fb7a5130ca/1/tOxsCl6-xYF9kbkeeaa8YTLrnSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.1.0-185.77.2.255
Signature Algorithm: sha256WithRSAEncryption
54:6b:f6:57:36:39:17:cc:c7:04:e9:49:8a:75:9d:ea:cc:9f:
91:07:be:08:b4:79:1b:18:bf:92:cf:c4:14:06:09:b3:eb:0e:
bc:4a:40:fd:ce:26:ac:45:03:17:c0:40:53:40:39:fa:96:50:
d4:3f:d1:bb:b0:60:3f:d0:72:cf:37:30:fa:94:ac:2d:f3:ab:
88:3e:8d:61:a8:26:6a:9b:93:e2:ae:5a:53:48:ee:d7:a5:6d:
af:75:c1:f3:ce:ab:25:60:8d:30:4f:f0:a0:61:d0:d6:28:7a:
4f:cd:ff:92:de:34:3f:da:2d:fe:8e:e4:20:c8:fe:31:70:d2:
1a:ec:9f:c7:80:0c:cb:de:8c:41:ef:e8:5c:7a:f9:b6:9c:16:
5a:e4:0f:2d:c9:35:7a:b6:63:e2:18:1d:40:a7:04:c3:00:f8:
3e:2e:32:12:90:31:82:73:f2:c8:81:4b:f4:0a:ae:1d:83:4d:
97:a2:17:d6:0c:c3:69:70:02:2d:22:79:ee:51:b6:a4:51:ed:
38:c4:35:95:38:86:9e:d1:f7:c0:09:31:61:75:ff:bc:2b:35:
dc:f2:5b:52:7e:8f:d9:60:5b:56:cb:f8:8c:31:73:dd:a9:0b:
56:66:48:7a:b4:17:da:de:ff:b9:d7:a7:36:19:6f:47:a5:57:
44:11:0e:31
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVuFE34MnCYTUfpU4z0K0MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZWM2YzBhNWViZWM1ODE3ZDkxYjkxZTc5YTZiYzYxMzJl
YjlkMmMwHhcNMjMwMTAxMTYwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWY3YjM3MjVhNjg2YmQxNzg1OTg2N2U2MWVlMTRjYWI4NDQxNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoD/Pj2m0ky7aXCqyR+27eeTkt/RP
ZUEZRp+585ZqxbJotS/yRI8sSyETxwBLvJHCvh2F7ATuciNcuSXV2wDbrbxrjUwN
a+dINXq7eDiT3TFZAOAJF2mPENZc+fZapWRbfPrG74/PI/46J7OBRYUq97V/UILl
gU1z9GKLjcDXcoyhP6VSwwFfxqZsNRn6IIcxu6hcQER7xCY4dFoJAmW9ZhWWNKTA
RRZFdEtS/rnHzOP4aDR+N31yEU7McQ46In3nNc4BILgT8qpgx7eE6rrFVYFnpdxo
CbCT3jigrLysitlZrJK8ZLYplnJrAgwwU2wkIcxEcnNLidJ4NvyWztntXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPH3s3JaaGvReFmGfmHuFMq4RBaOMB8GA1UdIwQY
MBaAFLTsbApevsWBfZG5HnmmvGEy650sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWIt
MTNmYjdhNTEzMGNhLzEvOGZlemNscG9hOUY0V1laLVllNFV5cmhFRm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8yMDk3NGQtNjQwMy00MTA3LWE3NWItMTNmYjdhNTEzMGNh
LzEvdE94c0NsNi14WUY5a2JrZWVhYThZVExyblN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5TQED
BAC5TQIwDQYJKoZIhvcNAQELBQADggEBAFRr9lc2ORfMxwTpSYp1nerMn5EHvgi0
eRsYv5LPxBQGCbPrDrxKQP3OJqxFAxfAQFNAOfqWUNQ/0buwYD/Qcs83MPqUrC3z
q4g+jWGoJmqbk+KuWlNI7telba91wfPOqyVgjTBP8KBh0NYoek/N/5LeND/aLf6O
5CDI/jFw0hrsn8eADMvejEHv6Fx6+bacFlrkDy3JNXq2Y+IYHUCnBMMA+D4uMhKQ
MYJz8siBS/QKrh2DTZeiF9YMw2lwAi0iee5RtqRR7TjENZU4hp7R98AJMWF1/7wr
NdzyW1J+j9lgW1bL+Iwxc92pC1ZmSHq0F9re/7nXpzYZb0elV0QRDjE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:17 2024 by rpki-client on console-fra.rpki-client.org