Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa
File: _MCeTHUVkJK99w2K1N-klHn-QUs.roa (raw, json)
Hash identifier: 0Rd3GAYHhB3bQezkaoM0j5MuQGeKKE34Cd/wIZJwkxM=
Subject key identifier: FC:C0:9E:4C:75:15:90:92:BD:F7:0D:8A:D4:DF:A4:94:79:FE:41:4B
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 01856ED4CDA84D8F3AC197F8AF632841BE6D
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa
Signing time: Sun 01 Jan 2023 19:35:18 +0000
ROA not before: Sun 01 Jan 2023 19:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61161
IP address blocks: 185.100.56.0/22 maxlen: 24
185.17.72.0/22 maxlen: 24
185.102.4.0/22 maxlen: 24
2a04:600::/29 maxlen: 48
2a0d:3200::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:cd:a8:4d:8f:3a:c1:97:f8:af:63:28:41:be:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 19:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcc09e4c75159092bdf70d8ad4dfa49479fe414b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:69:bd:5c:10:a3:d2:83:6a:ec:07:fd:65:38:
f0:ad:4e:4b:5d:ee:37:f1:e4:ca:b4:84:39:83:4a:
27:0a:50:99:ed:00:38:eb:48:3a:d0:14:3a:b2:cc:
1e:f6:6b:1a:93:e0:76:74:7f:7b:6b:8c:a7:ef:b6:
27:50:33:08:1e:0e:4e:e7:bc:c6:4f:88:62:9b:ba:
26:f1:06:55:32:73:bc:f0:e0:34:f4:fb:28:de:ac:
a4:07:50:d7:7d:9d:f1:25:e1:81:0b:a6:24:f2:65:
98:3b:8f:5b:44:cc:26:55:4d:c6:8c:7d:34:a6:f6:
cd:ec:81:a3:6c:f9:a3:4e:26:23:e4:e5:cb:72:be:
a5:ac:aa:fd:b5:cf:22:99:21:4d:e9:17:39:49:ed:
e0:1c:e5:9b:2d:29:53:80:e1:1c:c5:46:c9:40:8d:
4e:87:1d:38:74:f8:12:25:e0:0a:e3:94:aa:b9:72:
79:96:d0:0d:54:f6:bd:8c:59:52:61:df:26:79:12:
ff:ff:e5:13:4b:30:60:c1:2c:6e:3c:5b:f9:bb:12:
70:a9:9e:a0:70:7a:3d:bd:73:49:fc:ec:c7:b4:65:
6e:35:d8:14:b0:f2:31:f0:e3:da:c2:eb:17:3d:23:
25:64:30:eb:0c:ea:f0:d0:52:38:b1:21:42:99:bc:
6a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C0:9E:4C:75:15:90:92:BD:F7:0D:8A:D4:DF:A4:94:79:FE:41:4B
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/_MCeTHUVkJK99w2K1N-klHn-QUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.72.0/22
185.100.56.0/22
185.102.4.0/22
IPv6:
2a04:600::/29
2a0d:3200::/29
Signature Algorithm: sha256WithRSAEncryption
07:e0:89:c1:5f:e4:8b:5e:97:02:9c:5b:ae:99:14:59:92:dc:
9d:a4:97:d5:52:1a:da:99:42:a7:01:57:b9:cd:9f:60:12:b7:
4d:f4:3e:d0:09:43:ef:15:1f:a9:36:f3:b5:65:57:a9:a6:c4:
1a:68:7d:85:92:51:b4:fd:fd:12:7a:db:49:43:ee:c0:35:e2:
0f:1e:78:ee:42:33:67:8b:49:02:8f:c6:f4:b3:ec:25:da:63:
2f:cc:85:af:32:91:60:80:3d:f5:f4:e3:11:3f:50:2c:92:c9:
23:db:be:db:d6:29:98:fa:81:c6:73:33:06:e9:90:b0:12:b5:
4e:a1:11:00:00:69:89:a3:fd:5a:d7:59:36:10:e4:24:0b:9c:
f8:ac:62:b7:5f:b5:b0:2a:8a:6c:c0:37:c5:26:c5:47:e5:60:
ca:c2:84:3b:10:b7:d4:2c:86:3d:f6:bf:2b:43:2f:80:99:5e:
e8:23:b9:ea:f5:04:8f:3f:b3:5c:e2:be:15:56:95:77:43:0f:
90:c3:44:78:8f:9b:1f:b7:98:df:95:76:9b:b5:e5:e4:99:65:
07:9a:cb:82:79:78:ae:3d:a4:13:91:0d:cf:fc:f7:21:68:de:
dd:08:dc:40:71:a0:e7:06:38:a9:29:e2:16:67:0c:28:de:8f:
fb:d6:57:3d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVu1M2oTY86wZf4r2MoQb5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjMwMTAxMTkzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2MwOWU0Yzc1MTU5MDkyYmRmNzBkOGFkNGRmYTQ5NDc5ZmU0MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2m9XBCj0oNq7Af9ZTjwrU5LXe43
8eTKtIQ5g0onClCZ7QA460g60BQ6sswe9msak+B2dH97a4yn77YnUDMIHg5O57zG
T4him7om8QZVMnO88OA09Pso3qykB1DXfZ3xJeGBC6Yk8mWYO49bRMwmVU3GjH00
pvbN7IGjbPmjTiYj5OXLcr6lrKr9tc8imSFN6Rc5Se3gHOWbLSlTgOEcxUbJQI1O
hx04dPgSJeAK45SquXJ5ltANVPa9jFlSYd8meRL//+UTSzBgwSxuPFv5uxJwqZ6g
cHo9vXNJ/OzHtGVuNdgUsPIx8OPawusXPSMlZDDrDOrw0FI4sSFCmbxqVQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPzAnkx1FZCSvfcNitTfpJR5/kFLMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvX01DZVRIVVZrSks5OXcySzFOLWtsSG4tUVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuRFIAwQC
uWQ4AwQCuWYEMBQEAgACMA4DBQMqBAYAAwUDKg0yADANBgkqhkiG9w0BAQsFAAOC
AQEAB+CJwV/ki16XApxbrpkUWZLcnaSX1VIa2plCpwFXuc2fYBK3TfQ+0AlD7xUf
qTbztWVXqabEGmh9hZJRtP39EnrbSUPuwDXiDx547kIzZ4tJAo/G9LPsJdpjL8yF
rzKRYIA99fTjET9QLJLJI9u+29YpmPqBxnMzBumQsBK1TqERAABpiaP9WtdZNhDk
JAuc+Kxit1+1sCqKbMA3xSbFR+VgysKEOxC31CyGPfa/K0MvgJle6CO56vUEjz+z
XOK+FVaVd0MPkMNEeI+bH7eY35V2m7Xl5JllB5rLgnl4rj2kE5ENz/z3IWje3Qjc
QHGg5wY4qSniFmcMKN6P+9ZXPQ==
-----END CERTIFICATE-----
Generated at Thu Sep 28 15:50:08 2023 by rpki-client on console-ams.rpki-client.org