Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/fdiFZkg3YG_skcOUntKhNkyOwK8.roa
File: fdiFZkg3YG_skcOUntKhNkyOwK8.roa (raw, json)
Hash identifier: hovtjRBT9f5rn3xHo+t7HRJdNPO5hLhI8SJyNhSFOjg=
Subject key identifier: 7D:D8:85:66:48:37:60:6F:EC:91:C3:94:9E:D2:A1:36:4C:8E:C0:AF
Certificate issuer: /CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Certificate serial: 01856EEFCF366AF2A74E58553B08DB0B812D
Authority key identifier: E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/fdiFZkg3YG_skcOUntKhNkyOwK8.roa
Signing time: Sun 01 Jan 2023 20:04:47 +0000
ROA not before: Sun 01 Jan 2023 20:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198977
IP address blocks: 185.69.70.0/23 maxlen: 23
2a05:2100::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:cf:36:6a:f2:a7:4e:58:55:3b:08:db:0b:81:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1baf90ed13d175452cf5e5a1632a794bf1f4c9a
Validity
Not Before: Jan 1 20:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dd885664837606fec91c3949ed2a1364c8ec0af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:55:c3:7a:6a:79:c6:4a:a6:dd:9b:60:c7:7f:
44:ff:c1:84:44:72:4c:fd:42:0a:eb:81:46:a0:7f:
3d:d9:78:82:d0:18:b7:44:4b:2b:f1:a1:3d:73:eb:
fc:86:f6:2a:1c:f4:e0:cc:14:19:29:25:8e:35:19:
da:40:40:87:de:e6:c9:c6:19:f4:85:27:c4:94:ee:
bf:76:b5:70:9e:fc:bd:d6:6a:9e:17:0f:c3:44:d8:
6e:56:ff:97:4a:00:5e:1d:25:35:1b:2b:19:1f:1e:
af:36:c4:cc:b1:2c:46:14:d6:0b:0c:db:8b:cf:41:
3e:6d:ca:ec:8e:db:8b:c1:09:5f:a8:26:50:15:64:
38:97:6e:9c:80:ae:be:48:92:9c:74:e2:74:d4:3c:
91:a5:9d:9a:61:5c:d7:e9:96:85:2a:9a:55:ac:1b:
be:7c:e5:65:b6:fa:5d:48:5a:f2:a7:10:5e:6b:43:
40:af:b0:05:4a:c9:b4:4f:65:66:41:4b:15:ae:72:
42:ee:88:c6:88:54:88:7f:c9:e0:ab:db:1b:6d:ef:
2c:b7:cb:cd:20:0d:02:c3:b4:65:65:3c:1f:cb:93:
bf:17:cd:ec:b0:62:a2:73:3c:56:cf:e8:d8:00:16:
6c:18:a3:54:3b:c5:60:91:21:ea:f3:82:98:06:f8:
32:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D8:85:66:48:37:60:6F:EC:91:C3:94:9E:D2:A1:36:4C:8E:C0:AF
X509v3 Authority Key Identifier:
keyid:E1:BA:F9:0E:D1:3D:17:54:52:CF:5E:5A:16:32:A7:94:BF:1F:4C:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4br5DtE9F1RSz15aFjKnlL8fTJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/fdiFZkg3YG_skcOUntKhNkyOwK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e6efcf-e5d9-49f0-b11f-d52fdc9e8287/1/4br5DtE9F1RSz15aFjKnlL8fTJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.70.0/23
IPv6:
2a05:2100::/30
Signature Algorithm: sha256WithRSAEncryption
22:3d:6d:0e:7b:80:8e:6b:83:9e:59:15:b0:be:75:6b:0b:5c:
4c:89:dc:51:7f:fa:f4:3d:3e:4f:12:3e:4f:a3:ad:8a:d3:a9:
7f:58:1b:4f:74:cb:24:16:75:4e:fc:0c:c6:6e:30:a2:4a:0e:
a2:f5:54:f4:55:21:0d:9d:35:18:83:4b:5f:04:99:c4:f8:aa:
2d:5f:0a:4c:fb:b1:ab:f4:bc:c1:f4:9c:6f:19:41:4d:45:25:
44:93:f3:42:81:3d:d6:83:15:b4:d1:11:ee:c3:d0:44:3b:02:
e0:b0:86:c1:1b:6c:89:9d:00:b2:51:9c:37:65:4b:28:22:b8:
4d:d4:04:79:d2:d6:2b:8a:b7:85:66:b3:41:73:1c:d0:d4:a8:
f5:92:a0:cd:a1:e1:58:8f:bf:2a:c3:3a:5f:8a:f7:01:30:2f:
14:5b:86:22:d2:31:6c:78:ac:c7:90:d0:cd:4d:e9:bf:85:01:
13:cd:3e:50:0d:12:be:b4:c8:fc:eb:35:48:1a:fc:4e:2a:a1:
3e:f3:cf:60:3e:dc:01:94:bd:86:db:18:61:19:0b:2e:72:94:
60:9a:65:1b:80:68:6a:47:77:9c:e6:92:73:0a:dd:e1:5d:e5:
07:ea:27:9c:f3:93:da:35:20:ea:df:49:e1:0b:73:49:c5:ba:
79:e2:86:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu7882avKnTlhVOwjbC4EtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYmFmOTBlZDEzZDE3NTQ1MmNmNWU1YTE2MzJhNzk0YmYx
ZjRjOWEwHhcNMjMwMTAxMjAwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ4ODU2NjQ4Mzc2MDZmZWM5MWMzOTQ5ZWQyYTEzNjRjOGVjMGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglXDemp5xkqm3Ztgx39E/8GERHJM
/UIK64FGoH892XiC0Bi3REsr8aE9c+v8hvYqHPTgzBQZKSWONRnaQECH3ubJxhn0
hSfElO6/drVwnvy91mqeFw/DRNhuVv+XSgBeHSU1GysZHx6vNsTMsSxGFNYLDNuL
z0E+bcrsjtuLwQlfqCZQFWQ4l26cgK6+SJKcdOJ01DyRpZ2aYVzX6ZaFKppVrBu+
fOVltvpdSFrypxBea0NAr7AFSsm0T2VmQUsVrnJC7ojGiFSIf8ngq9sbbe8st8vN
IA0Cw7RlZTwfy5O/F83ssGKiczxWz+jYABZsGKNUO8VgkSHq84KYBvgyoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH3YhWZIN2Bv7JHDlJ7SoTZMjsCvMB8GA1UdIwQY
MBaAFOG6+Q7RPRdUUs9eWhYyp5S/H0yaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJyNUR0RTlGMVJTejE1YUZqS25sTDhmVEpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNmVmY2YtZTVkOS00OWYwLWIxMWYt
ZDUyZmRjOWU4Mjg3LzEvZmRpRlprZzNZR19za2NPVW50S2hOa3lPd0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9lNmVmY2YtZTVkOS00OWYwLWIxMWYtZDUyZmRjOWU4Mjg3
LzEvNGJyNUR0RTlGMVJTejE1YUZqS25sTDhmVEpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuUVGMA0E
AgACMAcDBQIqBSEAMA0GCSqGSIb3DQEBCwUAA4IBAQAiPW0Oe4COa4OeWRWwvnVr
C1xMidxRf/r0PT5PEj5Po62K06l/WBtPdMskFnVO/AzGbjCiSg6i9VT0VSENnTUY
g0tfBJnE+KotXwpM+7Gr9LzB9JxvGUFNRSVEk/NCgT3WgxW00RHuw9BEOwLgsIbB
G2yJnQCyUZw3ZUsoIrhN1AR50tYrireFZrNBcxzQ1Kj1kqDNoeFYj78qwzpfivcB
MC8UW4Yi0jFseKzHkNDNTem/hQETzT5QDRK+tMj86zVIGvxOKqE+889gPtwBlL2G
2xhhGQsucpRgmmUbgGhqR3ec5pJzCt3hXeUH6iec85PaNSDq30nhC3NJxbp54oYu
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:23 2024 by rpki-client on console-ams.rpki-client.org