Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1wTZquLrZWykLzuhCev4FpcJTzc.roa
File: 1wTZquLrZWykLzuhCev4FpcJTzc.roa (raw, json)
Hash identifier: SD6rQifLUWAaMM/QBJPgyaqKSkE+OktkLxFT9AbaszY=
Subject key identifier: D7:04:D9:AA:E2:EB:65:6C:A4:2F:3B:A1:09:EB:F8:16:97:09:4F:37
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186C061C7FD481C899EBCB7979351D9A33F
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1wTZquLrZWykLzuhCev4FpcJTzc.roa
Signing time: Wed 08 Mar 2023 08:41:19 +0000
ROA not before: Wed 08 Mar 2023 08:41:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.144.236.0/22 maxlen: 22
185.144.236.0/24 maxlen: 24
2a07:4407::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 08 Mar 2023 10:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:61:c7:fd:48:1c:89:9e:bc:b7:97:93:51:d9:a3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 08:41:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d704d9aae2eb656ca42f3ba109ebf81697094f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fa:2c:6b:4f:6c:e9:df:bd:af:f0:a7:88:b3:
bc:29:11:47:2c:27:76:5e:cf:01:93:0d:2a:e4:31:
1e:4d:7b:3d:31:79:22:21:5d:2a:29:e6:da:97:45:
22:63:b9:e9:6e:62:9b:58:29:50:80:d5:54:84:bc:
64:ba:ee:cc:8f:56:f0:f9:7f:0c:df:93:2c:9a:2a:
56:27:46:b9:48:eb:f0:57:8b:a8:a9:91:40:a6:8b:
36:48:05:aa:5e:53:ff:50:dc:d0:13:92:ac:5a:97:
4b:2c:43:7e:ae:21:42:30:89:a2:af:4b:60:05:da:
6b:2e:27:d3:0e:63:93:46:10:00:3c:73:68:2c:5d:
33:7d:0b:8b:50:06:ec:d5:b9:b1:74:01:10:8c:50:
8e:b9:4e:43:3c:b6:c7:6f:9c:e5:06:dd:6b:51:25:
3f:0a:97:99:37:d6:a6:8c:f7:12:86:e5:9f:d8:4b:
bd:63:b3:f6:d9:1a:a4:ea:88:34:d2:98:fd:1d:a2:
34:7a:07:a9:a8:c3:cf:86:94:c6:3c:a3:f2:8d:2d:
fc:1d:1c:d5:12:e3:3e:47:b4:ed:ed:ec:ce:10:20:
29:88:50:b1:07:8d:15:8f:9d:43:7d:ce:0c:33:76:
58:0d:73:6a:6c:b6:b8:fb:ca:e9:66:8f:1d:e6:bf:
86:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:04:D9:AA:E2:EB:65:6C:A4:2F:3B:A1:09:EB:F8:16:97:09:4F:37
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/1wTZquLrZWykLzuhCev4FpcJTzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
d7:8a:7b:b6:4e:fb:cf:22:c2:9c:b2:66:2c:7f:d9:44:35:73:
68:5b:ef:24:de:29:87:7e:21:04:f5:3f:c2:bd:93:f8:69:61:
20:b5:c7:67:21:3d:69:18:37:e6:83:af:64:9b:57:1b:17:61:
13:e9:8c:1f:61:47:79:8a:29:3f:ea:78:3a:a5:aa:e4:76:99:
a8:63:aa:b7:16:80:43:50:9f:a8:9b:16:35:84:51:61:d3:df:
ba:f0:5c:f4:f2:91:4d:6f:38:6c:a2:bc:4f:d8:a0:fe:32:15:
d2:80:83:e7:5a:73:1b:4f:ec:97:c1:09:2d:67:43:b7:33:93:
61:88:28:02:f6:f5:9c:98:dd:25:d0:00:31:58:fb:c0:84:c5:
69:99:af:03:9e:15:5b:18:56:93:be:6b:91:ad:9e:87:03:ec:
4e:b1:ff:fa:89:75:a2:01:fe:b6:54:99:fa:b1:2b:8e:c4:94:
e9:37:45:9b:2c:6d:0e:9d:43:3b:7b:c9:b7:d5:de:53:95:b6:
4a:1e:19:60:67:81:0f:c1:6b:e8:d0:06:8d:b4:83:ff:f5:46:
71:00:70:a6:75:d3:c4:c7:bc:6a:7f:69:e2:7e:9c:b1:1a:96:
51:45:a7:86:6c:21:4b:15:66:15:f5:17:1f:1a:4e:ac:14:00:
c9:56:bc:19
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAYcf9SByJnry3l5NR2aM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MDg0MTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzA0ZDlhYWUyZWI2NTZjYTQyZjNiYTEwOWViZjgxNjk3MDk0ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfosa09s6d+9r/CniLO8KRFHLCd2
Xs8Bkw0q5DEeTXs9MXkiIV0qKebal0UiY7npbmKbWClQgNVUhLxkuu7Mj1bw+X8M
35MsmipWJ0a5SOvwV4uoqZFApos2SAWqXlP/UNzQE5KsWpdLLEN+riFCMImir0tg
BdprLifTDmOTRhAAPHNoLF0zfQuLUAbs1bmxdAEQjFCOuU5DPLbHb5zlBt1rUSU/
CpeZN9amjPcShuWf2Eu9Y7P22Rqk6og00pj9HaI0egepqMPPhpTGPKPyjS38HRzV
EuM+R7Tt7ezOECApiFCxB40Vj51Dfc4MM3ZYDXNqbLa4+8rpZo8d5r+G7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNcE2ari62VspC87oQnr+BaXCU83MB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvMXdUWnF1THJaV3lrTHp1aENldjRGcGNKVHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQDXinu2TvvPIsKcsmYsf9lE
NXNoW+8k3imHfiEE9T/CvZP4aWEgtcdnIT1pGDfmg69km1cbF2ET6YwfYUd5iik/
6ng6parkdpmoY6q3FoBDUJ+omxY1hFFh09+68Fz08pFNbzhsorxP2KD+MhXSgIPn
WnMbT+yXwQktZ0O3M5NhiCgC9vWcmN0l0AAxWPvAhMVpma8DnhVbGFaTvmuRrZ6H
A+xOsf/6iXWiAf62VJn6sSuOxJTpN0WbLG0OnUM7e8m31d5TlbZKHhlgZ4EPwWvo
0AaNtIP/9UZxAHCmddPEx7xqf2nifpyxGpZRRaeGbCFLFWYV9RcfGk6sFADJVrwZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:37 2024 by rpki-client on console-fra.rpki-client.org