Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/LTfpftkbXBvHJNhHU3VBA59j4T0.roa
File: LTfpftkbXBvHJNhHU3VBA59j4T0.roa (raw, json)
Hash identifier: 52x+yoOa45jCLaq2CLAC9Rs3EGQSNa/1MjHzBOMpzN8=
Subject key identifier: 2D:37:E9:7E:D9:1B:5C:1B:C7:24:D8:47:53:75:41:03:9F:63:E1:3D
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 0185718C2EFBBF310D834F95CCC5AB3B63C9
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/LTfpftkbXBvHJNhHU3VBA59j4T0.roa
Signing time: Mon 02 Jan 2023 08:14:50 +0000
ROA not before: Mon 02 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208036
IP address blocks: 185.66.72.0/24 maxlen: 24
2a0a:ee40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:2e:fb:bf:31:0d:83:4f:95:cc:c5:ab:3b:63:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Jan 2 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d37e97ed91b5c1bc724d847537541039f63e13d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ad:3d:bc:fb:98:90:08:72:c6:f0:88:4e:e2:
1d:ef:86:2d:84:a8:b5:7a:15:59:a3:a9:8d:72:97:
53:98:06:66:9f:66:77:0f:9f:07:75:fa:0a:e4:6b:
57:ea:e5:d5:04:42:83:9f:14:4a:60:01:7b:91:bc:
7d:30:0a:3d:4a:2a:df:08:71:2e:7c:f1:bf:70:35:
8b:4b:3b:e4:17:17:fa:a6:20:50:49:1d:b6:bf:c5:
f4:63:1d:df:d0:d1:b1:fb:63:b5:a4:94:c7:19:8b:
69:72:62:ba:9c:4e:ab:4b:e0:9d:e2:96:22:d4:ad:
c5:28:30:ef:28:b8:c1:1b:d3:3d:82:a0:77:c0:e4:
3e:a2:00:95:63:ab:ed:a2:ed:a3:fc:28:30:60:5a:
32:a9:36:37:b1:d5:a1:97:81:f4:cb:5f:96:f9:ee:
6e:61:bd:44:82:8b:9c:89:73:b6:dc:d1:fa:f5:5f:
b3:ea:c3:91:41:4d:42:91:b8:36:82:9a:e4:29:ad:
67:5c:46:99:03:89:45:ee:db:3e:22:f6:50:06:5f:
4b:f5:1d:ef:7b:a6:61:46:64:0c:c7:f7:49:3d:97:
43:b3:18:bb:47:2c:f1:61:2d:69:5a:2a:90:6b:67:
89:49:6d:c0:ea:6b:8a:1f:cd:0e:c1:b2:a4:d9:e3:
0f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:37:E9:7E:D9:1B:5C:1B:C7:24:D8:47:53:75:41:03:9F:63:E1:3D
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/LTfpftkbXBvHJNhHU3VBA59j4T0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.72.0/24
IPv6:
2a0a:ee40::/32
Signature Algorithm: sha256WithRSAEncryption
1a:ea:6e:8a:99:1b:23:6f:91:eb:1c:fe:90:24:19:09:f7:54:
81:ac:5c:ee:05:ec:c2:40:cb:e3:45:a6:a7:8f:e2:02:e9:99:
ff:e7:f9:f6:94:aa:3f:87:44:c5:6b:3a:b3:f5:30:0b:1d:67:
4f:40:fc:f2:e4:1b:c6:c4:75:86:a0:da:66:41:c0:1b:50:e9:
0e:ee:00:6b:cc:26:0c:7d:a5:90:12:6f:46:12:da:f0:60:66:
1c:4a:2c:00:54:fe:6e:34:2d:57:4a:ad:8f:ae:89:d7:47:14:
fe:9b:3f:8d:b6:92:76:b4:21:37:64:50:b7:31:bf:0a:1d:bb:
fc:9d:63:8b:e3:e4:cf:df:99:75:d5:a7:33:59:d8:1b:de:cb:
15:c8:a6:a1:dd:41:4a:13:ac:d5:da:ac:9a:16:fb:c6:48:60:
19:74:8a:49:60:a7:41:69:6e:71:be:f1:cf:9c:d8:ac:ba:17:
6e:bc:f3:4b:c9:64:20:cd:28:f3:eb:06:8f:69:ac:db:3a:11:
1b:23:43:3c:57:b0:71:09:84:4f:d7:93:bc:39:e1:52:71:55:
70:aa:ff:51:6b:e0:78:95:9d:8e:d2:98:93:55:30:ee:26:5c:
1a:81:2f:26:3d:13:f0:cd:11:b4:dc:97:3b:31:3b:b6:da:3c:
38:39:77:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxjC77vzENg0+VzMWrO2PJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjMwMTAyMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDM3ZTk3ZWQ5MWI1YzFiYzcyNGQ4NDc1Mzc1NDEwMzlmNjNlMTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxa09vPuYkAhyxvCITuId74YthKi1
ehVZo6mNcpdTmAZmn2Z3D58HdfoK5GtX6uXVBEKDnxRKYAF7kbx9MAo9SirfCHEu
fPG/cDWLSzvkFxf6piBQSR22v8X0Yx3f0NGx+2O1pJTHGYtpcmK6nE6rS+Cd4pYi
1K3FKDDvKLjBG9M9gqB3wOQ+ogCVY6vtou2j/CgwYFoyqTY3sdWhl4H0y1+W+e5u
Yb1EgouciXO23NH69V+z6sORQU1Ckbg2gprkKa1nXEaZA4lF7ts+IvZQBl9L9R3v
e6ZhRmQMx/dJPZdDsxi7RyzxYS1pWiqQa2eJSW3A6muKH80OwbKk2eMPmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC036X7ZG1wbxyTYR1N1QQOfY+E9MB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvTFRmcGZ0a2JYQnZISk5oSFUzVkJBNTlqNFQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUJIMA0E
AgACMAcDBQAqCu5AMA0GCSqGSIb3DQEBCwUAA4IBAQAa6m6KmRsjb5HrHP6QJBkJ
91SBrFzuBezCQMvjRaanj+IC6Zn/5/n2lKo/h0TFazqz9TALHWdPQPzy5BvGxHWG
oNpmQcAbUOkO7gBrzCYMfaWQEm9GEtrwYGYcSiwAVP5uNC1XSq2PronXRxT+mz+N
tpJ2tCE3ZFC3Mb8KHbv8nWOL4+TP35l11aczWdgb3ssVyKah3UFKE6zV2qyaFvvG
SGAZdIpJYKdBaW5xvvHPnNisuhduvPNLyWQgzSjz6waPaazbOhEbI0M8V7BxCYRP
15O8OeFScVVwqv9Ra+B4lZ2O0piTVTDuJlwagS8mPRPwzRG03Jc7MTu22jw4OXf6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:53 2023 by rpki-client on console-ams.rpki-client.org