Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/FZw7tqOHzpCPVLmp3uW_oAlsUIk.roa
File: FZw7tqOHzpCPVLmp3uW_oAlsUIk.roa (raw, json)
Hash identifier: u8DdugBlRV+Lv7FNro8Z89AFU7aehsgkDEXUx25vfaU=
Subject key identifier: 15:9C:3B:B6:A3:87:CE:90:8F:54:B9:A9:DE:E5:BF:A0:09:6C:50:89
Certificate issuer: /CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
Certificate serial: 01856E81F81C47E2799B8B56E0031E98C204
Authority key identifier: EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/FZw7tqOHzpCPVLmp3uW_oAlsUIk.roa
Signing time: Sun 01 Jan 2023 18:04:49 +0000
ROA not before: Sun 01 Jan 2023 18:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43201
IP address blocks: 195.158.222.0/23 maxlen: 23
195.158.220.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:81:f8:1c:47:e2:79:9b:8b:56:e0:03:1e:98:c2:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebdfa7c0ad7ef674dd5b4194960f2ffd4115f261
Validity
Not Before: Jan 1 18:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=159c3bb6a387ce908f54b9a9dee5bfa0096c5089
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:51:bc:c2:c8:36:98:45:d0:85:b0:35:db:b7:
a0:0c:a7:31:fa:d4:60:27:77:5e:f6:7f:8f:5e:56:
a1:f4:41:e7:9b:31:d6:2a:37:fa:af:29:f3:a7:fe:
a7:94:81:80:62:f7:47:a1:c1:c4:7c:36:84:1f:36:
d0:29:c8:b0:08:0a:30:71:3d:52:3a:2d:22:f2:07:
9c:99:88:8b:63:8b:fa:28:c6:c1:63:00:3d:bb:1c:
a8:a8:70:7c:6f:5a:33:90:f2:d5:18:e5:dc:66:4e:
09:b1:a2:d2:71:55:e2:34:b9:59:ed:ac:06:67:56:
c1:84:44:54:31:1a:56:90:44:5b:c9:60:0d:6d:3d:
f5:87:81:c5:58:70:46:e2:f2:67:05:1c:9e:27:0e:
36:99:49:ab:40:23:22:34:6a:c3:b1:07:1b:9f:5e:
ad:25:b8:d6:9f:5b:26:72:ab:4e:f1:3c:14:c3:e4:
90:31:f2:44:26:2c:2c:79:ab:60:e4:40:d9:f4:68:
73:da:16:b1:2f:d1:dc:73:6e:ef:f2:b3:53:7e:24:
49:d5:4c:1e:58:d8:ce:f6:80:d8:11:3e:75:65:3e:
65:f5:1c:27:d9:aa:fc:56:45:d2:b5:7b:51:88:28:
0f:46:37:e7:88:7f:47:e4:46:f7:15:17:9a:d0:32:
4d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:9C:3B:B6:A3:87:CE:90:8F:54:B9:A9:DE:E5:BF:A0:09:6C:50:89
X509v3 Authority Key Identifier:
keyid:EB:DF:A7:C0:AD:7E:F6:74:DD:5B:41:94:96:0F:2F:FD:41:15:F2:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69-nwK1-9nTdW0GUlg8v_UEV8mE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/FZw7tqOHzpCPVLmp3uW_oAlsUIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/434fed-877d-4a0f-a256-85345f660655/1/69-nwK1-9nTdW0GUlg8v_UEV8mE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.158.220.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:88:e7:42:97:98:3f:ec:24:b9:e1:fb:d2:2d:88:31:24:6f:
23:d0:a8:1e:6f:50:59:76:17:41:3b:81:68:fd:37:b4:76:84:
a3:b8:c3:4f:d9:2b:06:7e:4b:0b:6f:ef:0a:7c:bb:64:78:c2:
9c:21:da:39:9c:34:1f:9a:46:df:2d:0e:26:d6:12:40:14:88:
29:be:0e:c0:92:88:ea:11:60:3c:94:1a:33:d6:d1:c1:75:d5:
d3:22:18:77:b1:95:53:1d:e2:54:ce:2b:ea:f6:6a:6d:dc:6c:
c5:55:14:d9:1f:e6:20:90:27:00:73:db:93:f2:5d:e1:a5:1d:
47:63:8b:d9:ff:42:f2:1f:57:67:f3:fc:8b:d2:da:25:2f:30:
c8:d0:89:8a:44:97:9e:34:6c:ff:d2:5c:0d:0f:61:72:ae:53:
a3:58:8a:7c:3c:48:5d:49:81:2c:17:68:86:e9:fd:c4:eb:30:
e4:a2:ba:07:5b:c4:1d:97:44:eb:07:ec:bf:b8:a6:08:c0:62:
bc:4e:5a:8a:37:5e:6f:98:00:f9:1e:8d:8c:2e:4e:87:5f:75:
2d:06:b0:95:3e:50:c6:cf:eb:2f:70:5a:ae:e7:df:73:99:78:
5f:2c:1d:da:38:da:61:4d:e0:60:e4:c7:ad:e7:45:aa:d6:0d:
86:6b:40:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVugfgcR+J5m4tW4AMemMIEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZGZhN2MwYWQ3ZWY2NzRkZDViNDE5NDk2MGYyZmZkNDEx
NWYyNjEwHhcNMjMwMTAxMTgwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTljM2JiNmEzODdjZTkwOGY1NGI5YTlkZWU1YmZhMDA5NmM1MDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFG8wsg2mEXQhbA127egDKcx+tRg
J3de9n+PXlah9EHnmzHWKjf6rynzp/6nlIGAYvdHocHEfDaEHzbQKciwCAowcT1S
Oi0i8gecmYiLY4v6KMbBYwA9uxyoqHB8b1ozkPLVGOXcZk4JsaLScVXiNLlZ7awG
Z1bBhERUMRpWkERbyWANbT31h4HFWHBG4vJnBRyeJw42mUmrQCMiNGrDsQcbn16t
JbjWn1smcqtO8TwUw+SQMfJEJiwseatg5EDZ9Ghz2haxL9Hcc27v8rNTfiRJ1Uwe
WNjO9oDYET51ZT5l9Rwn2ar8VkXStXtRiCgPRjfniH9H5Eb3FRea0DJNbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBWcO7ajh86Qj1S5qd7lv6AJbFCJMB8GA1UdIwQY
MBaAFOvfp8CtfvZ03VtBlJYPL/1BFfJhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjktbndLMS05blRkVzBHVWxnOHZfVUVWOG1FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80MzRmZWQtODc3ZC00YTBmLWEyNTYt
ODUzNDVmNjYwNjU1LzEvRlp3N3RxT0h6cENQVkxtcDN1V19vQWxzVUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny80MzRmZWQtODc3ZC00YTBmLWEyNTYtODUzNDVmNjYwNjU1
LzEvNjktbndLMS05blRkVzBHVWxnOHZfVUVWOG1FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw57cMA0G
CSqGSIb3DQEBCwUAA4IBAQCmiOdCl5g/7CS54fvSLYgxJG8j0Kgeb1BZdhdBO4Fo
/Te0doSjuMNP2SsGfksLb+8KfLtkeMKcIdo5nDQfmkbfLQ4m1hJAFIgpvg7Akojq
EWA8lBoz1tHBddXTIhh3sZVTHeJUzivq9mpt3GzFVRTZH+YgkCcAc9uT8l3hpR1H
Y4vZ/0LyH1dn8/yL0tolLzDI0ImKRJeeNGz/0lwND2FyrlOjWIp8PEhdSYEsF2iG
6f3E6zDkoroHW8Qdl0TrB+y/uKYIwGK8TlqKN15vmAD5Ho2MLk6HX3UtBrCVPlDG
z+svcFqu599zmXhfLB3aONphTeBg5Met50Wq1g2Ga0D5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:58 2023 by rpki-client on console-fra.rpki-client.org