Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/8b-6uGzrnVAsJNVWZP5dkbnBaAs.roa
File: 8b-6uGzrnVAsJNVWZP5dkbnBaAs.roa (raw, json)
Hash identifier: ZBTTg3/DexzmvPjOAeSQRIbZco0Xz/FWY0Xkus14VEc=
Subject key identifier: F1:BF:BA:B8:6C:EB:9D:50:2C:24:D5:56:64:FE:5D:91:B9:C1:68:0B
Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Certificate serial: 01856D6F875FBEEBD11479DB3D4169DEC83E
Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/8b-6uGzrnVAsJNVWZP5dkbnBaAs.roa
Signing time: Sun 01 Jan 2023 13:05:03 +0000
ROA not before: Sun 01 Jan 2023 13:05:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48345
IP address blocks: 91.223.220.0/24 maxlen: 24
91.234.215.0/24 maxlen: 24
94.232.112.0/21 maxlen: 21
2001:67c:174::/48 maxlen: 48
2001:67c:28d8::/48 maxlen: 48
2001:67c:15b8::/48 maxlen: 48
2a0e:d340::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:87:5f:be:eb:d1:14:79:db:3d:41:69:de:c8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c
Validity
Not Before: Jan 1 13:05:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1bfbab86ceb9d502c24d55664fe5d91b9c1680b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:55:2f:31:63:5a:87:e5:0d:75:e0:a2:28:43:
4a:e1:38:f0:4d:64:cf:c4:43:ee:d9:4b:d5:dc:96:
f8:8d:93:0e:70:59:bf:af:4d:a6:93:01:68:14:99:
9d:b9:96:bf:ea:97:bb:80:2f:f2:6c:2f:3e:a3:00:
51:85:42:38:b1:4a:4b:6f:9e:c7:d0:60:ca:9f:1d:
ce:0b:13:57:4e:39:76:a4:05:ec:48:02:24:6b:e1:
23:bc:1b:be:43:2c:ab:3f:b9:31:e9:32:12:54:9b:
36:d0:d9:08:bb:14:3f:24:49:a1:45:eb:14:03:1b:
05:64:5e:c6:41:30:53:cf:78:0c:c5:71:61:eb:bc:
00:0f:8e:ee:14:ca:41:b1:4f:dd:cf:12:e5:7b:4b:
66:f3:12:9d:a2:72:49:5b:ea:f6:b0:ab:dd:cc:f6:
df:5d:3d:6b:92:e4:bf:93:dd:ab:fb:91:d1:be:c6:
29:d0:55:2f:09:d0:27:91:52:32:11:2c:bd:5f:65:
30:d0:72:1e:a8:87:9a:49:a2:30:07:57:0d:54:42:
aa:52:8d:62:a4:99:d7:58:0b:b6:e0:1b:07:72:92:
13:76:6f:f3:1d:6f:88:35:c0:1f:f7:a1:ab:c2:a7:
62:b1:12:a1:c7:d9:35:a2:d0:67:54:1b:d4:35:73:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BF:BA:B8:6C:EB:9D:50:2C:24:D5:56:64:FE:5D:91:B9:C1:68:0B
X509v3 Authority Key Identifier:
keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/8b-6uGzrnVAsJNVWZP5dkbnBaAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.220.0/24
91.234.215.0/24
94.232.112.0/21
IPv6:
2001:67c:174::/48
2001:67c:15b8::/48
2001:67c:28d8::/48
2a0e:d340::/48
Signature Algorithm: sha256WithRSAEncryption
2c:07:4a:8b:18:77:64:d6:0b:11:a1:ba:27:5c:75:de:05:9a:
40:34:0a:80:b2:2a:97:84:1c:c7:f2:fa:99:5d:92:ac:96:dc:
17:4f:7d:9f:15:ff:6c:77:ed:10:ae:52:d2:1f:61:10:c3:1a:
d9:57:bd:2c:81:e7:e8:b1:58:b7:59:13:c5:6e:f6:5d:3a:02:
0e:47:c9:91:a9:34:8a:f6:d0:22:85:27:18:0c:c4:d2:4a:60:
84:00:af:18:e3:43:26:9d:6b:df:f0:70:e2:6a:6f:6d:20:ce:
68:3b:44:77:08:c3:f9:b5:e9:09:d4:d7:97:e4:5b:ab:cb:ea:
2f:3e:c3:65:f6:b3:ef:02:bc:b9:99:14:54:b4:d4:b8:ed:0d:
16:e1:42:8c:9f:b0:80:0b:7d:f9:ac:9c:c1:3a:d1:4a:41:27:
6d:8d:20:ac:d1:5c:cb:f8:0a:85:b7:42:59:1d:fa:45:f6:66:
60:de:04:07:76:59:e2:62:fc:98:5f:81:07:05:84:3e:b1:5a:
70:cc:b0:81:35:f3:02:26:a8:a1:5b:71:66:e3:a0:1b:9e:04:
64:85:53:df:1b:7f:78:1c:56:61:db:b8:a9:a2:88:c6:f7:c2:
4d:ed:1a:ef:f5:43:b3:fc:05:29:59:40:ea:ed:fe:f1:2e:eb:
ce:19:17:3c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYVtb4dfvuvRFHnbPUFp3sg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1
YzE4OWMwHhcNMjMwMTAxMTMwNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJmYmFiODZjZWI5ZDUwMmMyNGQ1NTY2NGZlNWQ5MWI5YzE2ODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplUvMWNah+UNdeCiKENK4TjwTWTP
xEPu2UvV3Jb4jZMOcFm/r02mkwFoFJmduZa/6pe7gC/ybC8+owBRhUI4sUpLb57H
0GDKnx3OCxNXTjl2pAXsSAIka+EjvBu+QyyrP7kx6TISVJs20NkIuxQ/JEmhResU
AxsFZF7GQTBTz3gMxXFh67wAD47uFMpBsU/dzxLle0tm8xKdonJJW+r2sKvdzPbf
XT1rkuS/k92r+5HRvsYp0FUvCdAnkVIyESy9X2Uw0HIeqIeaSaIwB1cNVEKqUo1i
pJnXWAu24BsHcpITdm/zHW+INcAf96GrwqdisRKhx9k1otBnVBvUNXNbVwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFPG/urhs651QLCTVVmT+XZG5wWgLMB8GA1UdIwQY
MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk
LWI2MTQzNjExOTZmZC8xLzhiLTZ1R3pyblZBc0pOVldaUDVka2JuQmFBcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm
ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwVwYIKwYBBQUHAQcBAf8ESDBGMBgEAgABMBIDBABb39wD
BABb6tcDBANe6HAwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACABBnwo2AMH
ACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEALAdKixh3ZNYLEaG6J1x13gWaQDQK
gLIql4Qcx/L6mV2SrJbcF099nxX/bHftEK5S0h9hEMMa2Ve9LIHn6LFYt1kTxW72
XToCDkfJkak0ivbQIoUnGAzE0kpghACvGONDJp1r3/Bw4mpvbSDOaDtEdwjD+bXp
CdTXl+Rbq8vqLz7DZfaz7wK8uZkUVLTUuO0NFuFCjJ+wgAt9+aycwTrRSkEnbY0g
rNFcy/gKhbdCWR36RfZmYN4EB3ZZ4mL8mF+BBwWEPrFacMywgTXzAiaooVtxZuOg
G54EZIVT3xt/eBxWYdu4qaKIxvfCTe0a7/VDs/wFKVlA6u3+8S7rzhkXPA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:47 2023 by rpki-client on console-fra.rpki-client.org