Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/fucHmxnz9uCHrxNSl9Tvole5IsU.roa
File: fucHmxnz9uCHrxNSl9Tvole5IsU.roa (raw, json)
Hash identifier: wD/VOh5vB70GbizqVvjXQ98EJeS8zAO7PzEKGNNtTGU=
Subject key identifier: 7E:E7:07:9B:19:F3:F6:E0:87:AF:13:52:97:D4:EF:A2:57:B9:22:C5
Certificate issuer: /CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Certificate serial: 0186C0B16E05100A8743A003EE62A1CB1C40
Authority key identifier: FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/fucHmxnz9uCHrxNSl9Tvole5IsU.roa
Signing time: Wed 08 Mar 2023 10:08:18 +0000
ROA not before: Wed 08 Mar 2023 10:08:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.144.236.0/22 maxlen: 22
185.144.236.0/24 maxlen: 24
2a07:4407::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:b1:6e:05:10:0a:87:43:a0:03:ee:62:a1:cb:1c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc282a794b3f7ab4cd6feb6c5fd6b3d256afc461
Validity
Not Before: Mar 8 10:08:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ee7079b19f3f6e087af135297d4efa257b922c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:82:60:04:79:43:ab:76:1e:c2:7a:fa:14:f5:
72:9b:d0:30:3f:05:a8:9b:55:29:46:e9:89:e3:3a:
66:45:01:05:a7:25:ba:5d:36:c9:ee:8d:aa:53:87:
13:dc:c6:54:63:6e:be:dc:52:5e:76:08:1c:9a:6f:
d6:db:a8:8c:67:bb:a5:0d:d4:0c:fc:a6:e0:40:01:
36:15:dc:69:4f:cd:61:cc:31:a4:d0:72:ce:b9:fc:
1b:86:e8:b8:d7:5e:a6:b0:cb:33:42:d6:3e:fc:f3:
1a:57:e7:b6:d6:7f:2c:a3:b6:6f:62:b0:f6:f8:4f:
dc:e0:52:ae:f1:38:24:ea:10:61:ec:4f:fd:9d:75:
6b:c8:71:77:02:d6:bf:10:8c:30:7d:a7:90:e2:58:
d9:bf:b5:65:35:83:c0:b9:93:e5:0d:70:b6:bf:01:
84:b9:0b:c7:9a:7c:1d:be:f7:69:ad:8b:a6:d6:62:
8d:09:33:0a:eb:b0:cf:6a:3d:91:6c:c8:08:7b:01:
49:2a:1a:83:13:51:0c:3a:01:81:40:99:e1:2c:a7:
be:e1:12:32:8e:53:04:54:b8:32:ac:52:58:8c:2f:
b6:b0:06:29:37:33:e4:64:6b:f9:a2:92:2a:0b:f0:
74:e2:cf:b5:99:47:e2:93:6b:7f:20:2d:a8:d3:e4:
96:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:E7:07:9B:19:F3:F6:E0:87:AF:13:52:97:D4:EF:A2:57:B9:22:C5
X509v3 Authority Key Identifier:
keyid:FC:28:2A:79:4B:3F:7A:B4:CD:6F:EB:6C:5F:D6:B3:D2:56:AF:C4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_CgqeUs_erTNb-tsX9az0lavxGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/fucHmxnz9uCHrxNSl9Tvole5IsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e485e1-a65f-43d4-b572-d3326c59bcd2/1/_CgqeUs_erTNb-tsX9az0lavxGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.236.0/22
IPv6:
2a07:4407::/32
Signature Algorithm: sha256WithRSAEncryption
58:a4:7f:00:5d:65:d7:e5:70:3b:f5:0e:8c:9e:88:88:d9:47:
14:88:4c:1f:90:13:84:9b:66:d6:08:63:bf:da:42:f3:a3:99:
3e:88:49:df:08:c4:6d:68:f3:3b:2e:0c:f1:0f:4b:25:3a:e9:
90:c8:14:b3:4c:b9:11:46:0f:b2:91:fa:6d:3a:de:de:84:49:
20:5d:a5:de:7e:df:95:57:0c:4d:c6:0e:af:34:2a:a4:75:c5:
1e:d0:36:8d:60:55:36:e8:36:db:48:ae:4c:59:9a:cb:37:89:
30:00:f2:06:86:09:ac:73:b5:40:1e:12:b1:51:fc:19:34:47:
b1:90:5a:25:1a:1e:1e:19:26:e5:43:55:bf:d8:67:84:8a:99:
d6:31:69:c8:23:83:a4:78:d5:52:c9:0c:a6:6c:8d:aa:66:d0:
94:f9:f7:07:ad:4e:dc:1b:3a:f7:43:9a:5d:c9:bf:b2:14:f6:
c0:24:d7:ed:84:19:ac:7d:75:39:54:fb:74:2f:c5:22:ee:f8:
e8:33:6f:e0:69:05:7c:f0:28:b9:ef:7a:25:ba:51:6f:7a:24:
2f:53:c6:56:80:b2:d7:5f:71:2a:ad:fd:73:5f:91:61:c7:57:
d3:84:68:7f:38:34:69:c4:bb:24:b3:2b:d0:cc:64:e2:25:e6:
88:a8:12:d1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYbAsW4FEAqHQ6AD7mKhyxxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMjgyYTc5NGIzZjdhYjRjZDZmZWI2YzVmZDZiM2QyNTZh
ZmM0NjEwHhcNMjMwMzA4MTAwODE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWU3MDc5YjE5ZjNmNmUwODdhZjEzNTI5N2Q0ZWZhMjU3YjkyMmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoJgBHlDq3Yewnr6FPVym9AwPwWo
m1UpRumJ4zpmRQEFpyW6XTbJ7o2qU4cT3MZUY26+3FJedggcmm/W26iMZ7ulDdQM
/KbgQAE2FdxpT81hzDGk0HLOufwbhui4116msMszQtY+/PMaV+e21n8so7ZvYrD2
+E/c4FKu8Tgk6hBh7E/9nXVryHF3Ata/EIwwfaeQ4ljZv7VlNYPAuZPlDXC2vwGE
uQvHmnwdvvdprYum1mKNCTMK67DPaj2RbMgIewFJKhqDE1EMOgGBQJnhLKe+4RIy
jlMEVLgyrFJYjC+2sAYpNzPkZGv5opIqC/B04s+1mUfik2t/IC2o0+SWsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFH7nB5sZ8/bgh68TUpfU76JXuSLFMB8GA1UdIwQY
MBaAFPwoKnlLP3q0zW/rbF/Ws9JWr8RhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzIt
ZDMzMjZjNTliY2QyLzEvZnVjSG14bno5dUNIcnhOU2w5VHZvbGU1SXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNDg1ZTEtYTY1Zi00M2Q0LWI1NzItZDMzMjZjNTliY2Qy
LzEvX0NncWVVc19lclROYi10c1g5YXowbGF2eEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZDsMA0E
AgACMAcDBQAqB0QHMA0GCSqGSIb3DQEBCwUAA4IBAQBYpH8AXWXX5XA79Q6MnoiI
2UcUiEwfkBOEm2bWCGO/2kLzo5k+iEnfCMRtaPM7LgzxD0slOumQyBSzTLkRRg+y
kfptOt7ehEkgXaXeft+VVwxNxg6vNCqkdcUe0DaNYFU26DbbSK5MWZrLN4kwAPIG
hgmsc7VAHhKxUfwZNEexkFolGh4eGSblQ1W/2GeEipnWMWnII4OkeNVSyQymbI2q
ZtCU+fcHrU7cGzr3Q5pdyb+yFPbAJNfthBmsfXU5VPt0L8Ui7vjoM2/gaQV88Ci5
73olulFveiQvU8ZWgLLXX3Eqrf1zX5Fhx1fThGh/ODRpxLsksyvQzGTiJeaIqBLR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:36 2023 by rpki-client on console-fra.rpki-client.org