Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ffstTmtJCFM9JCsvDbifrkNWcTs.roa
File: ffstTmtJCFM9JCsvDbifrkNWcTs.roa (raw, json)
Hash identifier: Vjmvu9+BJtxV07qhTPGexf7j4d+ujdteRP15J7z7M6Y=
Subject key identifier: 7D:FB:2D:4E:6B:49:08:53:3D:24:2B:2F:0D:B8:9F:AE:43:56:71:3B
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018C3564B959D448076DD9E7E766645CCDD9
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ffstTmtJCFM9JCsvDbifrkNWcTs.roa
Signing time: Mon 04 Dec 2023 15:14:02 +0000
ROA not before: Mon 04 Dec 2023 15:14:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59598
IP address blocks: 185.215.247.0/24 maxlen: 24
91.132.56.0/24 maxlen: 24
185.212.60.0/22 maxlen: 24
31.25.88.0/23 maxlen: 24
185.217.108.0/22 maxlen: 24
212.107.28.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:35:64:b9:59:d4:48:07:6d:d9:e7:e7:66:64:5c:cd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Dec 4 15:14:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dfb2d4e6b4908533d242b2f0db89fae4356713b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:78:aa:05:18:be:08:0e:be:af:d7:c3:d2:48:
3f:d5:32:fd:3c:e7:67:4c:21:17:d5:29:4d:63:fc:
d0:22:2a:66:1a:c4:95:67:d9:8d:0e:08:b0:24:c6:
45:66:92:28:da:5d:4e:fb:d9:3d:30:ed:2a:cb:6a:
24:95:36:a8:19:2a:a6:6b:ca:86:6b:24:df:5f:60:
ff:ed:1e:a5:2a:6d:4c:62:0c:85:0c:99:d8:46:80:
a1:37:33:a3:41:d2:19:f0:75:32:93:13:6b:f8:6b:
a4:83:33:4a:37:8c:05:91:46:28:be:a8:8c:3c:45:
be:a9:7f:05:d3:26:0d:52:66:c9:86:c6:1d:be:47:
dd:28:2a:e8:c2:99:e6:3f:9f:9d:ef:df:9f:86:bf:
e3:b9:ba:e3:7f:cb:79:cf:f9:40:ba:30:cf:6f:36:
35:82:36:af:69:0d:f1:fe:bc:a9:c5:85:0c:3c:7c:
df:8e:7e:4d:7f:b2:d9:5f:1b:b9:df:ab:3b:50:30:
a8:a3:1c:1c:86:ec:67:c3:9f:6a:54:77:49:e7:c4:
d5:df:38:68:8a:12:20:fb:fd:cc:b4:17:1a:2a:29:
dd:a8:81:b6:b9:a4:ca:61:96:b2:ff:49:29:79:8e:
0b:6c:15:e4:f9:b3:3f:41:b2:d5:00:a0:8b:6b:fb:
e2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:FB:2D:4E:6B:49:08:53:3D:24:2B:2F:0D:B8:9F:AE:43:56:71:3B
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ffstTmtJCFM9JCsvDbifrkNWcTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/23
91.132.56.0/24
185.212.60.0/22
185.215.247.0/24
185.217.108.0/22
212.107.28.0/22
Signature Algorithm: sha256WithRSAEncryption
89:ba:a6:7e:b5:32:d7:b9:e0:6c:0d:d7:b9:2b:d4:0f:c6:55:
f5:08:83:4b:8b:60:62:d1:c4:d1:5d:53:d1:df:38:c4:e0:7d:
3d:1f:a3:c3:d4:b9:ad:58:0f:fc:a0:e1:ff:d3:cd:06:30:de:
cd:5d:21:62:6d:e5:f8:3d:ed:3d:81:f5:94:a9:62:e0:69:54:
74:40:15:23:7f:bc:c8:a4:86:aa:2e:d4:42:60:7b:67:6c:a0:
b0:2f:8b:b4:a0:e4:df:15:5c:5d:dc:0b:17:4b:45:2a:f3:ee:
4a:65:fe:7d:ec:b3:4d:8e:1c:77:9c:0a:e6:66:f5:fd:dc:61:
5e:af:54:3e:44:3b:af:15:12:0a:3b:7f:9e:07:ee:75:06:d4:
b0:3e:23:58:98:31:41:4d:8a:88:f5:91:34:3f:ed:d9:4a:71:
39:f9:23:19:32:ce:e3:5b:52:e9:d2:5f:13:32:a9:c5:2b:f8:
05:60:29:db:95:3a:90:24:01:10:de:4f:96:26:d8:2c:75:fa:
d9:24:91:64:e3:11:40:be:fe:dd:44:3f:0a:b7:d0:95:a3:81:
94:ae:06:92:a5:4c:c5:66:8e:27:b5:c2:a7:64:79:01:7a:83:
cb:18:63:55:81:d8:c6:8e:88:a2:6c:af:0c:23:59:ab:9d:d4:
21:16:70:f0
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYw1ZLlZ1EgHbdnn52ZkXM3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMxMjA0MTUxNDAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGZiMmQ0ZTZiNDkwODUzM2QyNDJiMmYwZGI4OWZhZTQzNTY3MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHiqBRi+CA6+r9fD0kg/1TL9POdn
TCEX1SlNY/zQIipmGsSVZ9mNDgiwJMZFZpIo2l1O+9k9MO0qy2oklTaoGSqma8qG
ayTfX2D/7R6lKm1MYgyFDJnYRoChNzOjQdIZ8HUykxNr+GukgzNKN4wFkUYovqiM
PEW+qX8F0yYNUmbJhsYdvkfdKCrowpnmP5+d79+fhr/jubrjf8t5z/lAujDPbzY1
gjavaQ3x/rypxYUMPHzfjn5Nf7LZXxu536s7UDCooxwchuxnw59qVHdJ58TV3zho
ihIg+/3MtBcaKindqIG2uaTKYZay/0kpeY4LbBXk+bM/QbLVAKCLa/viCwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH37LU5rSQhTPSQrLw24n65DVnE7MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvZmZzdFRtdEpDRk05SkNzdkRiaWZya05XY1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBHxlYAwQA
W4Q4AwQCudQ8AwQAudf3AwQCudlsAwQC1GscMA0GCSqGSIb3DQEBCwUAA4IBAQCJ
uqZ+tTLXueBsDde5K9QPxlX1CINLi2Bi0cTRXVPR3zjE4H09H6PD1LmtWA/8oOH/
080GMN7NXSFibeX4Pe09gfWUqWLgaVR0QBUjf7zIpIaqLtRCYHtnbKCwL4u0oOTf
FVxd3AsXS0Uq8+5KZf597LNNjhx3nArmZvX93GFer1Q+RDuvFRIKO3+eB+51BtSw
PiNYmDFBTYqI9ZE0P+3ZSnE5+SMZMs7jW1Lp0l8TMqnFK/gFYCnblTqQJAEQ3k+W
JtgsdfrZJJFk4xFAvv7dRD8Kt9CVo4GUrgaSpUzFZo4ntcKnZHkBeoPLGGNVgdjG
joiibK8MI1mrndQhFnDw
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:48 2024 by rpki-client on console-fra.rpki-client.org