Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/F4KbTPDGtDkVNLziWmoZkrxanaU.roa
File: F4KbTPDGtDkVNLziWmoZkrxanaU.roa (raw, json)
Hash identifier: vni2sPqUeRKnKX//kqYkwkm5Qnbg8u6nwnQ7T6I9rMU=
Subject key identifier: 17:82:9B:4C:F0:C6:B4:39:15:34:BC:E2:5A:6A:19:92:BC:5A:9D:A5
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186BF3A11B4A13172AB65B82AAD1E345B79
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/F4KbTPDGtDkVNLziWmoZkrxanaU.roa
Signing time: Wed 08 Mar 2023 03:18:19 +0000
ROA not before: Wed 08 Mar 2023 03:18:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.144.236.0/22 maxlen: 22
2a07:4407::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bf:3a:11:b4:a1:31:72:ab:65:b8:2a:ad:1e:34:5b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 03:18:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17829b4cf0c6b4391534bce25a6a1992bc5a9da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:91:81:c3:ad:fb:44:28:00:df:c2:a4:40:95:
62:f8:07:5a:47:59:8f:e3:d5:64:e3:3d:6a:54:c0:
fb:73:99:bf:7e:5f:c8:dd:71:5d:fa:21:a1:48:a5:
76:28:00:b9:98:a7:24:3e:8c:50:0c:98:3d:81:78:
6d:17:de:60:d9:6a:96:13:28:4c:b4:b1:4c:2c:2c:
61:47:4a:28:9e:d5:3f:d2:50:c6:9c:c4:e1:77:76:
6d:c9:b6:78:c0:35:10:ce:6a:f4:ff:2b:0e:8e:b0:
ea:6a:fb:21:f1:73:7b:64:42:b7:f2:06:ab:dd:b9:
aa:d4:5a:40:df:da:a8:69:e6:3c:7e:3c:0a:f7:2e:
f8:aa:80:3e:6b:ab:9c:96:79:85:76:a6:24:83:27:
de:0d:27:89:9d:77:45:c3:c8:42:68:c9:65:64:c5:
6b:c2:30:21:1e:43:51:32:6c:a5:1e:7c:8b:ad:ba:
28:ea:5e:dc:04:ae:43:9b:0c:88:19:81:c5:cb:9a:
f0:bd:b3:72:91:10:ff:c6:af:17:15:6d:0f:7b:12:
26:45:9e:69:cf:0d:aa:d8:ed:ec:12:f6:59:98:2d:
c6:6b:5a:14:8f:ac:fa:2f:c2:1d:28:af:01:3a:27:
ac:ff:1f:cb:df:b3:24:93:1f:3a:a4:0d:c5:25:76:
a9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:82:9B:4C:F0:C6:B4:39:15:34:BC:E2:5A:6A:19:92:BC:5A:9D:A5
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/F4KbTPDGtDkVNLziWmoZkrxanaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
99:c5:31:26:4f:13:b5:7e:1f:48:e4:35:96:d3:3c:99:88:db:
9e:48:87:48:2c:0e:cc:fe:40:fd:ee:69:86:e2:b7:7b:f9:b3:
e9:e7:c0:67:d3:ed:c1:43:b3:12:c1:68:ca:63:81:49:4b:ad:
57:07:66:86:49:15:ed:af:3e:c8:62:66:1c:86:27:f1:3c:fa:
7e:3e:8c:5e:1d:ce:7d:a3:37:5a:cb:a8:03:c8:aa:10:d7:bc:
ef:81:cf:ec:5e:66:59:6c:2a:6f:b2:e1:1a:62:80:22:65:2d:
f6:d2:b5:98:2a:ea:99:a2:4e:c0:0f:3c:a4:36:0a:da:fc:85:
27:f0:ad:63:50:f6:41:61:fb:9d:34:cb:75:a4:29:cc:0e:65:
14:24:2d:8a:24:4b:60:2f:83:a3:76:6e:ee:10:12:f9:7e:7c:
0c:33:0d:12:43:4b:9e:2c:59:a4:ee:3b:53:ce:68:02:a3:0c:
d3:c1:7e:15:f2:a2:85:9e:88:ba:4f:60:37:54:83:04:31:06:
e1:5b:e7:5c:e3:7a:5d:90:8e:d2:f1:f1:2c:37:c1:2f:ba:ae:
12:c9:a1:37:97:b9:ac:7f:e4:a1:ba:64:90:c1:66:5e:eb:14:
ca:84:e9:b9:17:68:84:57:b2:c9:6e:30:27:bc:b4:41:25:25:
92:65:fa:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYa/OhG0oTFyq2W4Kq0eNFt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MDMxODE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzgyOWI0Y2YwYzZiNDM5MTUzNGJjZTI1YTZhMTk5MmJjNWE5ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZGBw637RCgA38KkQJVi+AdaR1mP
49Vk4z1qVMD7c5m/fl/I3XFd+iGhSKV2KAC5mKckPoxQDJg9gXhtF95g2WqWEyhM
tLFMLCxhR0oontU/0lDGnMThd3ZtybZ4wDUQzmr0/ysOjrDqavsh8XN7ZEK38gar
3bmq1FpA39qoaeY8fjwK9y74qoA+a6uclnmFdqYkgyfeDSeJnXdFw8hCaMllZMVr
wjAhHkNRMmylHnyLrboo6l7cBK5DmwyIGYHFy5rwvbNykRD/xq8XFW0PexImRZ5p
zw2q2O3sEvZZmC3Ga1oUj6z6L8IdKK8BOies/x/L37Mkkx86pA3FJXapfwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBeCm0zwxrQ5FTS84lpqGZK8Wp2lMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvRjRLYlRQREd0RGtWTkx6aVdtb1prcnhhbmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQCZxTEmTxO1fh9I5DWW0zyZ
iNueSIdILA7M/kD97mmG4rd7+bPp58Bn0+3BQ7MSwWjKY4FJS61XB2aGSRXtrz7I
YmYchifxPPp+PoxeHc59ozday6gDyKoQ17zvgc/sXmZZbCpvsuEaYoAiZS320rWY
KuqZok7ADzykNgra/IUn8K1jUPZBYfudNMt1pCnMDmUUJC2KJEtgL4Ojdm7uEBL5
fnwMMw0SQ0ueLFmk7jtTzmgCowzTwX4V8qKFnoi6T2A3VIMEMQbhW+dc43pdkI7S
8fEsN8Evuq4SyaE3l7msf+ShumSQwWZe6xTKhOm5F2iEV7LJbjAnvLRBJSWSZfqy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:36 2023 by rpki-client on console-fra.rpki-client.org