Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/F_ZSBVxWSFh5IXU4yjUibcr3BFM.roa
File: F_ZSBVxWSFh5IXU4yjUibcr3BFM.roa (raw, json)
Hash identifier: yS6ckL0tBgpXgNT1zvKAOTEhrOUXlba90iYoJU+im/w=
Subject key identifier: 17:F6:52:05:5C:56:48:58:79:21:75:38:CA:35:22:6D:CA:F7:04:53
Certificate issuer: /CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Certificate serial: 018572711083A553AD39105316A06163C3F9
Authority key identifier: 53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/F_ZSBVxWSFh5IXU4yjUibcr3BFM.roa
Signing time: Mon 02 Jan 2023 12:24:50 +0000
ROA not before: Mon 02 Jan 2023 12:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200069
IP address blocks: 45.14.148.0/22 maxlen: 22
87.253.232.0/24 maxlen: 24
87.253.232.0/21 maxlen: 21
185.189.236.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 05 Oct 2023 15:37:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:10:83:a5:53:ad:39:10:53:16:a0:61:63:c3:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535be45376d58987452bd0646b9a74cf9eb6cb2d
Validity
Not Before: Jan 2 12:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17f652055c56485879217538ca35226dcaf70453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:88:fb:11:f8:9c:74:a4:c1:1a:20:19:f5:c4:
65:f3:c9:2e:bf:46:51:d1:71:f1:98:c7:70:90:1d:
dd:5d:9d:77:e4:84:1b:1c:a8:b0:a2:e3:9b:9b:ab:
3b:65:87:db:27:04:3c:70:71:05:64:1d:ec:f5:a1:
41:20:f0:26:53:a1:32:72:bc:db:f6:08:e0:e3:8f:
26:60:43:96:cf:89:3d:9c:0f:0a:70:04:22:f8:10:
9f:da:1a:f5:5a:f7:e8:8c:21:c4:ad:41:89:93:72:
04:0d:fd:0e:18:c7:40:86:54:95:d8:c4:8b:91:f7:
a9:59:34:4f:30:94:ec:55:97:6e:51:13:05:51:9a:
90:96:b8:08:52:f3:7f:0d:66:92:85:99:30:0a:5e:
fe:96:af:8b:42:78:57:b0:d9:71:84:5d:e9:1a:01:
95:57:88:59:6b:bd:55:18:dd:58:27:f4:96:d9:ee:
b8:58:77:60:a8:93:15:54:ce:79:a9:6a:19:9d:32:
8a:f9:4e:47:cc:07:5f:5c:fb:4f:f0:e4:12:43:88:
a0:c7:2e:25:38:b9:71:d0:d0:6d:58:4c:d3:21:62:
e2:db:ae:21:2f:d8:f5:ea:1e:e9:cd:38:55:1d:af:
b9:e3:57:d8:af:af:05:16:29:b8:d7:19:82:31:10:
3e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:F6:52:05:5C:56:48:58:79:21:75:38:CA:35:22:6D:CA:F7:04:53
X509v3 Authority Key Identifier:
keyid:53:5B:E4:53:76:D5:89:87:45:2B:D0:64:6B:9A:74:CF:9E:B6:CB:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1vkU3bViYdFK9Bka5p0z562yy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/F_ZSBVxWSFh5IXU4yjUibcr3BFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/fb39a8-623b-4435-94fe-cec92b578006/1/U1vkU3bViYdFK9Bka5p0z562yy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.148.0/22
87.253.232.0/21
185.189.236.0/22
Signature Algorithm: sha256WithRSAEncryption
76:8d:dc:df:ed:d6:ce:f1:cf:2d:9c:93:04:7b:39:c9:03:e0:
37:be:52:ac:dd:41:3b:e2:1b:e5:f3:a6:f0:21:5f:6c:64:5c:
b9:57:eb:63:1b:6a:42:2b:07:cf:90:7b:30:94:54:6a:4b:d6:
e8:d4:e1:76:b7:cb:6d:27:93:31:f6:b2:9f:60:f4:22:5c:8e:
2e:8d:9d:73:70:70:07:34:49:cd:d0:1d:18:cd:f8:f2:b5:d9:
d7:c8:5a:a4:d6:c9:76:25:63:76:d7:b2:92:b1:ef:60:f6:33:
26:9f:d0:a1:e7:b6:f5:1f:05:0c:ad:ab:ba:4a:db:6f:2d:c0:
45:3c:51:45:9f:c7:3e:03:71:80:59:31:58:43:a0:66:d7:a6:
39:c5:bd:bb:a8:3a:84:38:ac:eb:05:e6:ce:1e:57:5a:c4:61:
66:d1:39:53:b2:ad:07:7e:57:b1:f2:6c:e7:a2:84:84:94:93:
ae:f8:7a:79:4b:0d:48:63:06:2f:d3:9d:de:f7:92:96:89:fa:
ae:39:40:f4:f2:30:67:30:a8:c3:90:95:c0:82:16:eb:a2:b9:
90:63:74:71:8e:eb:3f:5e:8b:74:fc:41:a2:e3:52:35:7d:08:
ac:c1:bf:82:e8:e0:d9:8c:24:aa:88:08:e0:8f:3f:33:c0:57:
87:26:b7:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVycRCDpVOtORBTFqBhY8P5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNWJlNDUzNzZkNTg5ODc0NTJiZDA2NDZiOWE3NGNmOWVi
NmNiMmQwHhcNMjMwMTAyMTIyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Y2NTIwNTVjNTY0ODU4NzkyMTc1MzhjYTM1MjI2ZGNhZjcwNDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+4j7EficdKTBGiAZ9cRl88kuv0ZR
0XHxmMdwkB3dXZ135IQbHKiwouObm6s7ZYfbJwQ8cHEFZB3s9aFBIPAmU6Eycrzb
9gjg448mYEOWz4k9nA8KcAQi+BCf2hr1WvfojCHErUGJk3IEDf0OGMdAhlSV2MSL
kfepWTRPMJTsVZduURMFUZqQlrgIUvN/DWaShZkwCl7+lq+LQnhXsNlxhF3pGgGV
V4hZa71VGN1YJ/SW2e64WHdgqJMVVM55qWoZnTKK+U5HzAdfXPtP8OQSQ4igxy4l
OLlx0NBtWEzTIWLi264hL9j16h7pzThVHa+541fYr68FFim41xmCMRA+UQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBf2UgVcVkhYeSF1OMo1Im3K9wRTMB8GA1UdIwQY
MBaAFFNb5FN21YmHRSvQZGuadM+etsstMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUt
Y2VjOTJiNTc4MDA2LzEvRl9aU0JWeFdTRmg1SVhVNHlqVWliY3IzQkZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mYjM5YTgtNjIzYi00NDM1LTk0ZmUtY2VjOTJiNTc4MDA2
LzEvVTF2a1UzYlZpWWRGSzlCa2E1cDB6NTYyeXkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ6UAwQD
V/3oAwQCub3sMA0GCSqGSIb3DQEBCwUAA4IBAQB2jdzf7dbO8c8tnJMEeznJA+A3
vlKs3UE74hvl86bwIV9sZFy5V+tjG2pCKwfPkHswlFRqS9bo1OF2t8ttJ5Mx9rKf
YPQiXI4ujZ1zcHAHNEnN0B0YzfjytdnXyFqk1sl2JWN217KSse9g9jMmn9Ch57b1
HwUMrau6SttvLcBFPFFFn8c+A3GAWTFYQ6Bm16Y5xb27qDqEOKzrBebOHldaxGFm
0TlTsq0Hflex8mznooSElJOu+Hp5Sw1IYwYv053e95KWifquOUD08jBnMKjDkJXA
ghbrormQY3Rxjus/Xot0/EGi41I1fQiswb+C6ODZjCSqiAjgjz8zwFeHJrf0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:41 2024 by rpki-client on console-ams.rpki-client.org