Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/fMZsZEVMFzGgHOoczispD0XeQx0.roa
File: fMZsZEVMFzGgHOoczispD0XeQx0.roa (raw, json)
Hash identifier: F48Ov/yJ1cYprHrtlA7amK1ef4Z89Gskw3KrddqnGu8=
Subject key identifier: 7C:C6:6C:64:45:4C:17:31:A0:1C:EA:1C:CE:2B:29:0F:45:DE:43:1D
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 01894DD6839EEE5CAB78878A5970DEE18139
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/fMZsZEVMFzGgHOoczispD0XeQx0.roa
Signing time: Thu 13 Jul 2023 06:00:51 +0000
ROA not before: Thu 13 Jul 2023 06:00:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28760
IP address blocks: 185.236.144.0/22 maxlen: 22
185.71.252.0/22 maxlen: 22
5.104.216.0/21 maxlen: 21
213.174.224.0/19 maxlen: 19
77.242.64.0/20 maxlen: 20
2a03:fa00::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4d:d6:83:9e:ee:5c:ab:78:87:8a:59:70:de:e1:81:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Jul 13 06:00:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc66c64454c1731a01cea1cce2b290f45de431d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:65:26:f4:fe:3e:a4:60:ed:9c:9b:55:b6:80:
db:02:69:ed:21:89:57:b1:20:53:85:d1:70:ea:48:
53:43:a4:be:19:7f:4a:51:4f:a5:ca:71:ce:36:e0:
7a:5e:a1:13:86:bf:5b:bc:3d:c6:35:86:bd:ee:45:
70:fc:c0:66:5a:d7:25:d0:a7:85:79:b5:7e:64:d4:
fe:33:d3:5d:15:04:44:e7:c8:4c:8f:2c:0b:df:a4:
b6:bd:39:7b:8e:11:59:c3:e9:9f:e2:d0:a9:f8:d6:
47:2a:93:e6:e5:c4:46:39:f9:c3:7f:22:28:59:3e:
a7:1e:ff:52:99:5f:7c:b2:9e:d0:65:39:e9:a0:c5:
c6:46:67:de:2f:bd:ce:2b:5d:49:af:7e:91:39:42:
26:6f:0b:b5:f3:80:59:27:06:93:4a:c2:aa:9e:47:
1b:4b:e9:0d:cf:2b:36:25:b3:af:3e:8c:89:1e:4b:
a8:d9:63:16:84:4a:79:a7:d7:b0:73:47:02:8f:46:
81:42:af:c0:1e:80:d8:16:e9:f4:83:8f:d9:e1:ec:
2e:1a:5e:a4:dd:ef:af:2c:3b:4f:3c:93:f4:09:81:
bd:10:28:28:65:cc:b4:da:24:a3:28:07:ac:51:2a:
5e:94:06:73:b2:df:75:51:e8:da:c8:4e:6d:ef:1d:
da:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C6:6C:64:45:4C:17:31:A0:1C:EA:1C:CE:2B:29:0F:45:DE:43:1D
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/fMZsZEVMFzGgHOoczispD0XeQx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.216.0/21
77.242.64.0/20
185.71.252.0/22
185.236.144.0/22
213.174.224.0/19
IPv6:
2a03:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
65:14:03:96:42:ce:30:ab:28:9e:8c:60:a6:05:1c:14:43:ad:
29:23:ba:1d:67:68:9a:55:af:f1:70:c6:b3:13:62:a3:b8:69:
5b:32:b1:fd:15:96:16:f1:8c:2f:e9:42:0b:74:b9:f6:26:05:
83:3d:2e:6f:62:08:f8:9d:9e:3d:b3:b0:2d:c7:3f:ff:24:4b:
8d:7d:fb:4e:23:59:51:12:50:c2:4c:f2:94:b6:01:10:9d:c5:
61:59:3d:c4:02:84:6b:59:52:7e:8c:46:46:eb:33:6c:f7:2d:
a3:0c:d4:e2:bc:ca:35:3a:d3:b9:e8:bf:d3:25:4c:27:1f:18:
89:2e:66:ed:85:87:ae:b5:8f:a8:fc:d3:e1:67:61:e1:94:b7:
bb:7f:27:74:b2:86:0c:fb:c6:45:54:71:ee:2e:6f:2c:57:1a:
5e:dc:e4:bb:d3:8d:1f:25:a3:91:0e:35:6d:4a:db:2d:f4:f9:
79:12:a9:90:75:bb:25:12:bc:78:77:79:ed:aa:13:3a:2c:8c:
11:33:7d:7a:4f:bf:a6:75:83:63:30:50:83:92:5d:2a:8d:01:
72:12:f9:69:96:06:f6:92:65:46:5a:b8:83:c4:cb:c6:13:82:
05:6b:4c:38:d1:c7:f2:cb:16:d2:54:23:69:66:5c:b3:99:4c:
06:f0:e8:10
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYlN1oOe7lyreIeKWXDe4YE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjMwNzEzMDYwMDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M2NmM2NDQ1NGMxNzMxYTAxY2VhMWNjZTJiMjkwZjQ1ZGU0MzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWUm9P4+pGDtnJtVtoDbAmntIYlX
sSBThdFw6khTQ6S+GX9KUU+lynHONuB6XqEThr9bvD3GNYa97kVw/MBmWtcl0KeF
ebV+ZNT+M9NdFQRE58hMjywL36S2vTl7jhFZw+mf4tCp+NZHKpPm5cRGOfnDfyIo
WT6nHv9SmV98sp7QZTnpoMXGRmfeL73OK11Jr36ROUImbwu184BZJwaTSsKqnkcb
S+kNzys2JbOvPoyJHkuo2WMWhEp5p9ewc0cCj0aBQq/AHoDYFun0g4/Z4ewuGl6k
3e+vLDtPPJP0CYG9ECgoZcy02iSjKAesUSpelAZzst91UejayE5t7x3aDQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHzGbGRFTBcxoBzqHM4rKQ9F3kMdMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvZk1ac1pFVk1GekdnSE9vY3ppc3BEMFhlUXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWjYAwQE
TfJAAwQCuUf8AwQCueyQAwQF1a7gMA0EAgACMAcDBQMqA/oAMA0GCSqGSIb3DQEB
CwUAA4IBAQBlFAOWQs4wqyiejGCmBRwUQ60pI7odZ2iaVa/xcMazE2KjuGlbMrH9
FZYW8Ywv6UILdLn2JgWDPS5vYgj4nZ49s7Atxz//JEuNfftOI1lRElDCTPKUtgEQ
ncVhWT3EAoRrWVJ+jEZG6zNs9y2jDNTivMo1OtO56L/TJUwnHxiJLmbthYeutY+o
/NPhZ2HhlLe7fyd0soYM+8ZFVHHuLm8sVxpe3OS7040fJaORDjVtStst9Pl5EqmQ
dbslErx4d3ntqhM6LIwRM316T7+mdYNjMFCDkl0qjQFyEvlplgb2kmVGWriDxMvG
E4IFa0w40cfyyxbSVCNpZlyzmUwG8OgQ
-----END CERTIFICATE-----
Generated at Wed Oct 4 10:07:43 2023 by rpki-client on console-fra.rpki-client.org