Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/fTb9TXv8AF2opS_67vXlRP_eYik.roa
File: fTb9TXv8AF2opS_67vXlRP_eYik.roa (raw, json)
Hash identifier: izlwEA2xvd6n5BTHFGMqgAB6xZAbfebm/2B0mC1NQ3E=
Subject key identifier: 7D:36:FD:4D:7B:FC:00:5D:A8:A5:2F:FA:EE:F5:E5:44:FF:DE:62:29
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 01872D1F76D0075D44A823E5495B8DD5F4E5
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/fTb9TXv8AF2opS_67vXlRP_eYik.roa
Signing time: Wed 29 Mar 2023 11:27:29 +0000
ROA not before: Wed 29 Mar 2023 11:27:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25291
IP address blocks: 185.46.136.0/22 maxlen: 24
37.44.0.0/21 maxlen: 24
151.252.40.0/21 maxlen: 24
45.153.82.0/23 maxlen: 24
185.56.128.0/21 maxlen: 24
176.74.56.0/21 maxlen: 24
185.54.232.0/22 maxlen: 24
109.68.224.0/21 maxlen: 24
37.49.152.0/21 maxlen: 24
185.56.104.0/23 maxlen: 24
37.123.104.0/21 maxlen: 24
195.192.128.0/18 maxlen: 24
77.247.80.0/21 maxlen: 24
2a00:13c8::/32 maxlen: 48
2a00:7fc0::/33 maxlen: 48
2a00:7fc0::/32 maxlen: 48
2a04:d480::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:1f:76:d0:07:5d:44:a8:23:e5:49:5b:8d:d5:f4:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Mar 29 11:27:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d36fd4d7bfc005da8a52ffaeef5e544ffde6229
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e1:c7:33:6a:c2:2f:6b:14:a0:d3:1d:51:62:
91:e2:35:ef:74:2a:a1:a7:d2:e2:34:08:20:c1:e1:
0d:d2:84:b3:82:7b:8c:cf:4c:41:a7:60:c1:11:28:
84:8c:11:45:ee:43:fc:e7:ab:01:61:cf:b0:13:b2:
a2:85:e0:10:14:a6:69:f4:fe:5c:61:49:ee:98:e6:
28:0c:b3:7a:e4:18:ce:8f:61:31:30:17:b8:ba:82:
2e:1d:ac:3f:0f:1f:07:01:d6:dd:e7:ca:6e:04:12:
99:d3:fd:73:f0:f6:58:fd:27:c8:f6:f0:1e:ce:8e:
7d:3e:93:eb:b2:21:68:6a:4d:17:f9:ff:38:c3:49:
89:5f:e0:31:57:93:13:0e:0a:07:68:c8:f4:36:89:
d0:57:4e:b1:53:b3:cc:80:2b:f7:2c:a9:4d:84:75:
cf:67:58:a8:d5:01:75:33:39:0b:e3:db:76:7e:d7:
62:fa:0d:d0:29:0f:47:7b:4f:bc:3d:c5:61:ce:a5:
fe:31:29:f4:78:1c:39:62:24:f1:26:7b:dd:4b:68:
fe:ab:6a:f8:7f:9b:71:9a:79:e4:5e:68:1b:ce:e0:
75:a7:cf:db:a7:ec:3f:c8:17:71:e0:25:74:f9:2c:
e0:e3:40:2c:08:1a:91:98:81:07:79:66:a3:32:a3:
ff:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:36:FD:4D:7B:FC:00:5D:A8:A5:2F:FA:EE:F5:E5:44:FF:DE:62:29
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/fTb9TXv8AF2opS_67vXlRP_eYik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.0.0/21
37.49.152.0/21
37.123.104.0/21
45.153.82.0/23
77.247.80.0/21
109.68.224.0/21
151.252.40.0/21
176.74.56.0/21
185.46.136.0/22
185.54.232.0/22
185.56.104.0/23
185.56.128.0/21
195.192.128.0/18
IPv6:
2a00:13c8::/32
2a00:7fc0::/32
2a04:d480::/29
Signature Algorithm: sha256WithRSAEncryption
4b:d9:cd:8b:d4:90:9c:b3:d3:31:9f:01:3b:40:d3:ef:49:c8:
5c:f9:60:0e:3f:27:7b:df:57:f0:32:00:4b:f4:68:99:61:c7:
e2:e3:87:4c:c8:3e:ea:43:d0:87:43:cb:d5:78:12:c3:4e:a9:
6c:1a:65:e1:bd:f2:bb:8c:b7:8d:bf:08:cc:d0:f5:ce:45:15:
46:cd:d3:a3:3c:79:b3:c4:56:ba:20:52:31:7c:c4:8c:e6:dd:
e7:af:48:0a:d3:38:dd:ff:6b:ec:e5:50:6e:e9:ca:61:2b:f6:
9e:a0:6d:69:a2:12:1f:34:9f:47:12:34:27:49:22:d8:de:52:
1f:fd:e9:89:50:33:1c:b3:64:51:12:f2:01:ae:97:e8:fb:e7:
8c:ec:ac:00:63:35:d5:15:e2:0d:e8:83:d1:15:85:e1:3e:6c:
a7:1a:37:ae:9c:7a:e5:3e:e1:df:23:e9:c3:a0:5a:71:9c:bc:
34:56:bb:e9:dc:d2:e9:c8:73:ac:37:4e:13:c8:e2:bc:b0:be:
9d:36:05:c5:c2:a0:f2:bb:64:b4:eb:ee:a3:f9:35:62:1c:7e:
3b:c5:0a:68:8d:21:12:9d:f9:ee:41:fd:77:97:02:11:b3:10:
7a:10:b7:34:ce:1f:ea:a5:c9:7a:c2:47:9b:7b:02:38:f7:83:
8e:ee:00:2c
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYctH3bQB11EqCPlSVuN1fTlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjMwMzI5MTEyNzI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM2ZmQ0ZDdiZmMwMDVkYThhNTJmZmFlZWY1ZTU0NGZmZGU2MjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuHHM2rCL2sUoNMdUWKR4jXvdCqh
p9LiNAggweEN0oSzgnuMz0xBp2DBESiEjBFF7kP856sBYc+wE7KiheAQFKZp9P5c
YUnumOYoDLN65BjOj2ExMBe4uoIuHaw/Dx8HAdbd58puBBKZ0/1z8PZY/SfI9vAe
zo59PpPrsiFoak0X+f84w0mJX+AxV5MTDgoHaMj0NonQV06xU7PMgCv3LKlNhHXP
Z1io1QF1MzkL49t2ftdi+g3QKQ9He0+8PcVhzqX+MSn0eBw5YiTxJnvdS2j+q2r4
f5txmnnkXmgbzuB1p8/bp+w/yBdx4CV0+Szg40AsCBqRmIEHeWajMqP/bQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFH02/U17/ABdqKUv+u715UT/3mIpMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvZlRiOVRYdjhBRjJvcFNfNjd2WGxSUF9lWWlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAyUsAAME
AyUxmAMEAyV7aAMEAS2ZUgMEA033UAMEA21E4AMEA5f8KAMEA7BKOAMEArkuiAME
Ark26AMEAbk4aAMEA7k4gAMEBsPAgDAbBAIAAjAVAwUAKgATyAMFACoAf8ADBQMq
BNSAMA0GCSqGSIb3DQEBCwUAA4IBAQBL2c2L1JCcs9MxnwE7QNPvSchc+WAOPyd7
31fwMgBL9GiZYcfi44dMyD7qQ9CHQ8vVeBLDTqlsGmXhvfK7jLeNvwjM0PXORRVG
zdOjPHmzxFa6IFIxfMSM5t3nr0gK0zjd/2vs5VBu6cphK/aeoG1pohIfNJ9HEjQn
SSLY3lIf/emJUDMcs2RREvIBrpfo++eM7KwAYzXVFeIN6IPRFYXhPmynGjeunHrl
PuHfI+nDoFpxnLw0Vrvp3NLpyHOsN04TyOK8sL6dNgXFwqDyu2S06+6j+TViHH47
xQpojSESnfnuQf13lwIRsxB6ELc0zh/qpcl6wkebewI494OO7gAs
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:45 2024 by rpki-client on console-ams.rpki-client.org