Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/FH_AABzApJ_h3lA5bt8TqBcV2T4.roa
File: FH_AABzApJ_h3lA5bt8TqBcV2T4.roa (raw, json)
Hash identifier: BwLvxAcyvESI9mvDAQLgD+H8lKK6pMZnLZlCcaHUO0k=
Subject key identifier: 14:7F:C0:00:1C:C0:A4:9F:E1:DE:50:39:6E:DF:13:A8:17:15:D9:3E
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 0185724C91BAB311D81CC05EF04FCFD13151
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/FH_AABzApJ_h3lA5bt8TqBcV2T4.roa
Signing time: Mon 02 Jan 2023 11:44:58 +0000
ROA not before: Mon 02 Jan 2023 11:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44583
IP address blocks: 85.118.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:91:ba:b3:11:d8:1c:c0:5e:f0:4f:cf:d1:31:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 2 11:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=147fc0001cc0a49fe1de50396edf13a81715d93e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:25:79:0e:ea:7b:55:85:54:d1:87:5f:9d:5e:
20:6a:c9:eb:0d:b9:31:76:87:fc:85:f7:c8:ad:4a:
32:00:70:33:d8:35:01:64:32:3b:64:37:d4:36:20:
b5:1a:b5:f1:58:bc:c0:ba:d1:c6:50:73:6a:df:5f:
43:08:71:0a:86:0d:7c:7f:a6:50:ec:32:bf:69:7b:
76:1d:34:8d:d7:fe:1e:d5:e2:8e:5f:e3:a9:63:5a:
85:6b:e5:75:13:73:d8:c0:1b:cd:0c:c7:30:d2:bd:
5a:3e:3a:2b:e6:93:ae:c1:74:9b:d8:94:e7:a4:82:
5e:c5:f5:2a:87:a8:55:4f:83:62:44:d2:f6:b8:c5:
96:c6:40:39:f1:58:fb:6a:8c:12:5f:16:0d:b1:0a:
d3:25:8c:70:11:e2:63:b7:77:75:d6:68:39:ab:94:
d5:65:98:f8:ae:7d:52:7f:25:e0:18:c3:19:f4:f0:
88:2d:63:3d:93:cd:68:76:68:2c:84:84:56:4d:3b:
d8:48:75:28:5e:13:8a:a8:7f:5a:16:e2:82:dd:f8:
c2:79:17:21:2a:1c:c2:01:24:b3:d2:30:0c:c1:9a:
d3:7f:ca:ac:3e:d1:16:b1:df:f1:63:f7:2e:88:52:
f9:85:24:20:9b:04:79:0d:90:f7:43:a3:aa:8b:02:
b6:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:7F:C0:00:1C:C0:A4:9F:E1:DE:50:39:6E:DF:13:A8:17:15:D9:3E
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/FH_AABzApJ_h3lA5bt8TqBcV2T4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.42.0/24
Signature Algorithm: sha256WithRSAEncryption
92:9b:83:f0:85:52:d6:53:21:e2:b9:36:21:fb:b5:20:b3:28:
80:83:32:ef:e0:1f:09:9a:c3:3a:24:e7:cf:37:b8:a9:4d:99:
a9:07:ae:0b:9a:31:e0:c0:39:3c:f3:00:14:17:35:6d:91:48:
86:b2:3f:36:02:41:83:1f:d1:92:b0:e1:45:1f:4d:ac:70:09:
e5:5d:f6:cd:cb:46:90:9e:05:f8:09:52:78:eb:d4:99:47:37:
0b:66:10:3b:25:6e:8a:e5:0e:ea:be:88:a1:a4:1a:d0:fc:e2:
e7:05:bd:48:c5:a8:1e:67:d1:b0:00:22:99:37:de:72:fc:72:
2c:79:bd:19:57:47:35:ef:70:3e:ab:60:7a:78:ca:23:47:4b:
55:23:c1:42:b7:c6:21:e8:b7:2c:6f:6a:97:8f:75:a0:c3:14:
c2:32:40:d5:86:21:94:dd:09:6e:de:d7:b9:be:43:f2:fa:4a:
9a:95:58:05:78:a6:4b:31:a4:64:15:fd:4f:2a:be:65:ff:4a:
97:86:70:ee:55:18:be:27:84:14:34:4c:04:f1:ad:20:a3:7b:
83:05:bb:bb:fd:af:0b:2d:50:95:ac:85:00:c6:9c:5b:81:25:
e5:d2:14:f4:a6:e2:1f:fd:5f:6f:7f:eb:78:23:a2:02:23:cb:
6e:13:98:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyTJG6sxHYHMBe8E/P0TFRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjMwMTAyMTE0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDdmYzAwMDFjYzBhNDlmZTFkZTUwMzk2ZWRmMTNhODE3MTVkOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iV5Dup7VYVU0YdfnV4gasnrDbkx
dof8hffIrUoyAHAz2DUBZDI7ZDfUNiC1GrXxWLzAutHGUHNq319DCHEKhg18f6ZQ
7DK/aXt2HTSN1/4e1eKOX+OpY1qFa+V1E3PYwBvNDMcw0r1aPjor5pOuwXSb2JTn
pIJexfUqh6hVT4NiRNL2uMWWxkA58Vj7aowSXxYNsQrTJYxwEeJjt3d11mg5q5TV
ZZj4rn1SfyXgGMMZ9PCILWM9k81odmgshIRWTTvYSHUoXhOKqH9aFuKC3fjCeRch
KhzCASSz0jAMwZrTf8qsPtEWsd/xY/cuiFL5hSQgmwR5DZD3Q6OqiwK2oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBR/wAAcwKSf4d5QOW7fE6gXFdk+MB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvRkhfQUFCekFwSl9oM2xBNWJ0OFRxQmNWMlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVXYqMA0G
CSqGSIb3DQEBCwUAA4IBAQCSm4PwhVLWUyHiuTYh+7UgsyiAgzLv4B8JmsM6JOfP
N7ipTZmpB64LmjHgwDk88wAUFzVtkUiGsj82AkGDH9GSsOFFH02scAnlXfbNy0aQ
ngX4CVJ469SZRzcLZhA7JW6K5Q7qvoihpBrQ/OLnBb1IxageZ9GwACKZN95y/HIs
eb0ZV0c173A+q2B6eMojR0tVI8FCt8Yh6Lcsb2qXj3WgwxTCMkDVhiGU3Qlu3te5
vkPy+kqalVgFeKZLMaRkFf1PKr5l/0qXhnDuVRi+J4QUNEwE8a0go3uDBbu7/a8L
LVCVrIUAxpxbgSXl0hT0puIf/V9vf+t4I6ICI8tuE5ig
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:48 2024 by rpki-client on console-fra.rpki-client.org