Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/FzzQFxIQbMPGoqslCXFWz2lgAWI.roa
File: FzzQFxIQbMPGoqslCXFWz2lgAWI.roa (raw, json)
Hash identifier: f/qn0Wd6atuFnCKcJMPWnbZdIry4gbStRvO3jPCkwjs=
Subject key identifier: 17:3C:D0:17:12:10:6C:C3:C6:A2:AB:25:09:71:56:CF:69:60:01:62
Certificate issuer: /CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Certificate serial: 01856FCBA90922C6BDC22534BD32515C0D3A
Authority key identifier: B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/FzzQFxIQbMPGoqslCXFWz2lgAWI.roa
Signing time: Mon 02 Jan 2023 00:04:56 +0000
ROA not before: Mon 02 Jan 2023 00:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207799
IP address blocks: 185.73.136.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:a9:09:22:c6:bd:c2:25:34:bd:32:51:5c:0d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6ed62055a5191c02ec5112e95181a89ac060ceb
Validity
Not Before: Jan 2 00:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=173cd01712106cc3c6a2ab25097156cf69600162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:27:04:27:d5:46:9e:ac:8b:06:2d:58:05:77:
ba:76:66:a4:12:d0:e0:33:08:ce:5f:4b:ed:aa:28:
23:aa:73:d9:30:5f:9a:14:9f:64:53:2c:d7:5c:41:
f2:b0:34:79:8b:c2:94:ca:a4:d0:f8:18:55:95:be:
f7:3a:40:a0:96:10:6e:66:77:6a:0a:6a:44:9e:7c:
ce:2a:db:82:fa:26:44:48:a4:18:0c:42:ea:1a:46:
18:ea:fe:92:09:f4:0c:c6:f9:5b:20:d1:9c:20:ff:
8e:bd:f2:73:94:b3:b6:7b:99:84:7e:35:11:b3:dc:
b6:5c:0b:b9:9c:d4:c8:6e:10:bf:1b:44:97:88:75:
72:e0:85:d1:8f:89:c5:f9:ce:25:dc:3b:0c:ac:00:
3e:08:cf:f7:8b:4a:09:7c:f7:f3:2c:7c:67:67:65:
0c:95:70:ad:6d:60:9f:17:25:8e:a9:d1:70:91:48:
28:d2:4a:45:2b:04:a9:dc:83:6e:3f:5e:84:45:aa:
0f:32:ab:32:9f:67:03:16:38:4a:dd:dc:5c:28:73:
94:13:d7:d2:5c:a7:90:a2:cb:8e:07:b6:f1:6e:77:
da:90:4f:a7:fa:7b:ba:a1:d7:8c:98:6c:df:64:f7:
f1:6e:f6:7a:88:0a:1b:cb:ce:94:22:cf:3b:a7:17:
ad:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:3C:D0:17:12:10:6C:C3:C6:A2:AB:25:09:71:56:CF:69:60:01:62
X509v3 Authority Key Identifier:
keyid:B6:ED:62:05:5A:51:91:C0:2E:C5:11:2E:95:18:1A:89:AC:06:0C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu1iBVpRkcAuxREulRgaiawGDOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/FzzQFxIQbMPGoqslCXFWz2lgAWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/dc13c1-de56-449f-9c29-c81266b7c49e/1/tu1iBVpRkcAuxREulRgaiawGDOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.136.0/22
Signature Algorithm: sha256WithRSAEncryption
71:0a:6e:bc:4a:72:28:91:28:2a:33:68:1d:a1:98:b4:ec:7f:
43:b1:ac:21:a9:c1:04:54:f7:1d:03:b6:57:49:e5:48:3c:d0:
04:64:f4:18:c2:bb:23:61:b1:57:37:c3:a0:c7:b9:57:0c:bc:
96:bb:a2:a8:50:cb:85:5d:0c:29:89:8f:b8:fd:8e:5f:c1:ec:
ca:bf:3b:8a:1b:eb:c5:7a:ec:f6:58:78:55:a1:29:3e:19:5e:
5c:17:c1:12:d8:66:95:56:bd:6c:9f:51:31:d2:4f:69:17:bf:
fc:e5:a2:f1:76:b3:71:bb:5a:80:02:55:74:50:38:b4:54:f9:
3d:bd:ea:85:d9:e0:c3:66:fa:11:5b:08:7e:1b:a1:7d:93:d9:
cd:ec:ec:b3:38:db:bb:d2:1e:4e:e5:14:6d:03:2c:a2:ed:9a:
3c:f6:0b:93:04:5f:a5:7f:c3:f6:e5:d4:00:de:c6:c7:5b:0b:
7b:8a:34:26:05:27:db:52:b5:82:9f:f5:06:53:3d:c7:d3:7d:
8e:ba:a6:26:ae:c9:77:f8:31:5f:21:bf:be:77:58:5e:66:a0:
61:9b:ab:32:a8:f4:42:29:f4:dd:95:3d:ff:22:22:83:93:0f:
52:cf:16:84:b4:49:91:c6:fd:f9:af:4e:8b:77:2e:1d:1a:85:
cf:e9:b4:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy6kJIsa9wiU0vTJRXA06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZWQ2MjA1NWE1MTkxYzAyZWM1MTEyZTk1MTgxYTg5YWMw
NjBjZWIwHhcNMjMwMTAyMDAwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzNjZDAxNzEyMTA2Y2MzYzZhMmFiMjUwOTcxNTZjZjY5NjAwMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvScEJ9VGnqyLBi1YBXe6dmakEtDg
MwjOX0vtqigjqnPZMF+aFJ9kUyzXXEHysDR5i8KUyqTQ+BhVlb73OkCglhBuZndq
CmpEnnzOKtuC+iZESKQYDELqGkYY6v6SCfQMxvlbINGcIP+OvfJzlLO2e5mEfjUR
s9y2XAu5nNTIbhC/G0SXiHVy4IXRj4nF+c4l3DsMrAA+CM/3i0oJfPfzLHxnZ2UM
lXCtbWCfFyWOqdFwkUgo0kpFKwSp3INuP16ERaoPMqsyn2cDFjhK3dxcKHOUE9fS
XKeQosuOB7bxbnfakE+n+nu6odeMmGzfZPfxbvZ6iAoby86UIs87pxetywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBc80BcSEGzDxqKrJQlxVs9pYAFiMB8GA1UdIwQY
MBaAFLbtYgVaUZHALsURLpUYGomsBgzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjkt
YzgxMjY2YjdjNDllLzEvRnp6UUZ4SVFiTVBHb3FzbENYRld6MmxnQVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9kYzEzYzEtZGU1Ni00NDlmLTljMjktYzgxMjY2YjdjNDll
LzEvdHUxaUJWcFJrY0F1eFJFdWxSZ2FpYXdHRE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUmIMA0G
CSqGSIb3DQEBCwUAA4IBAQBxCm68SnIokSgqM2gdoZi07H9DsawhqcEEVPcdA7ZX
SeVIPNAEZPQYwrsjYbFXN8Ogx7lXDLyWu6KoUMuFXQwpiY+4/Y5fwezKvzuKG+vF
euz2WHhVoSk+GV5cF8ES2GaVVr1sn1Ex0k9pF7/85aLxdrNxu1qAAlV0UDi0VPk9
veqF2eDDZvoRWwh+G6F9k9nN7OyzONu70h5O5RRtAyyi7Zo89guTBF+lf8P25dQA
3sbHWwt7ijQmBSfbUrWCn/UGUz3H032OuqYmrsl3+DFfIb++d1heZqBhm6syqPRC
KfTdlT3/IiKDkw9SzxaEtEmRxv35r06Ldy4dGoXP6bQU
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:21:47 2024 by rpki-client on console-ams.rpki-client.org