Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/f5JwNv8k8oZFWDF15-Sp7rI8x1E.roa
File: f5JwNv8k8oZFWDF15-Sp7rI8x1E.roa (raw, json)
Hash identifier: a5T4RF5AFarZwfaP7Ss3HvqGqPIGotMt1arESzihuLk=
Subject key identifier: 7F:92:70:36:FF:24:F2:86:45:58:31:75:E7:E4:A9:EE:B2:3C:C7:51
Certificate issuer: /CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Certificate serial: 01856C65B32EB3A31D2F40B00D5CD10526C1
Authority key identifier: D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/f5JwNv8k8oZFWDF15-Sp7rI8x1E.roa
Signing time: Sun 01 Jan 2023 08:14:42 +0000
ROA not before: Sun 01 Jan 2023 08:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58316
IP address blocks: 185.56.216.0/23 maxlen: 23
185.17.104.0/23 maxlen: 23
185.198.120.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:b3:2e:b3:a3:1d:2f:40:b0:0d:5c:d1:05:26:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Validity
Not Before: Jan 1 08:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f927036ff24f28645583175e7e4a9eeb23cc751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:41:85:05:41:ae:7b:79:6a:6f:75:c0:c0:13:
5b:74:10:9f:63:c7:42:8e:19:a3:e5:f2:bb:57:c0:
80:e3:c0:36:a3:7e:a9:9a:7c:24:83:ad:ed:fc:91:
c5:49:f9:30:d6:91:d0:f7:e1:0e:e0:e3:95:eb:8c:
ec:64:30:c3:26:84:1e:4a:55:db:c6:dc:82:3f:30:
35:0d:ef:7b:94:08:c2:51:f5:d0:d1:cd:dd:db:42:
7b:bd:57:e3:7f:e3:d5:09:45:56:74:19:f1:12:97:
eb:74:f4:65:9f:c0:91:2b:98:84:92:b2:c6:9c:c6:
45:2f:07:12:ab:90:16:7c:71:36:62:10:87:c5:77:
93:ac:32:fe:45:78:1a:7b:cb:5e:5f:9c:a5:53:bf:
b9:32:20:e2:07:0f:ea:d1:d8:d8:87:6f:c8:c1:56:
15:f4:43:4c:a5:2f:c1:ab:d1:d7:47:42:51:c9:36:
40:4c:21:5c:3e:ea:c3:a2:4f:29:0b:2c:fb:79:09:
4a:f4:4a:2a:48:27:56:25:5e:79:3b:77:ef:ae:b6:
18:0e:fc:11:c8:76:4c:2f:3c:b0:d4:f9:3f:ca:c1:
75:21:07:b9:5f:07:3d:eb:a6:6a:cd:d5:40:81:bb:
3f:3c:cf:c4:16:b7:62:b8:df:21:fc:9c:be:2a:11:
e6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:92:70:36:FF:24:F2:86:45:58:31:75:E7:E4:A9:EE:B2:3C:C7:51
X509v3 Authority Key Identifier:
keyid:D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/f5JwNv8k8oZFWDF15-Sp7rI8x1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/1hJ0K5HXcP6O-8m13PjcOJhN0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.104.0/23
185.56.216.0/23
185.198.120.0/22
Signature Algorithm: sha256WithRSAEncryption
95:93:79:6c:44:25:0c:75:28:fb:7f:0f:c3:b7:48:9b:7c:74:
60:d3:7c:0e:2c:82:71:de:29:31:0e:cf:11:d5:8b:ad:31:c6:
71:13:ce:ab:72:f9:fc:3f:8d:62:e4:19:a3:d3:12:3c:66:af:
84:62:2b:d6:b4:36:19:fa:6e:4a:7a:22:68:6f:aa:25:36:a6:
57:88:a3:20:81:ae:d7:ab:b0:96:2b:e0:5a:04:40:82:fc:a9:
3a:73:97:95:e2:21:8b:0d:8b:12:04:55:19:e6:54:19:6a:c1:
55:1f:13:11:a0:ec:cd:56:06:66:aa:26:d2:b2:11:cc:c9:ce:
f5:ed:68:2b:99:0c:68:4d:e1:b4:ac:01:56:d5:e7:f3:8b:b3:
1a:c9:ad:9b:00:03:59:78:4e:15:fc:af:9b:57:5c:6c:67:d9:
01:ec:f5:9a:ea:07:fd:da:8b:c9:9c:16:65:3b:cb:34:45:c0:
a4:36:8e:a6:2f:21:d3:6b:87:28:e0:83:7f:f4:ca:d0:67:c3:
28:db:10:f1:e3:5f:f8:9d:f5:f8:e0:28:c7:24:4b:c2:9c:1d:
84:17:82:cb:f0:aa:67:77:39:0c:4d:a7:d9:46:3e:28:39:37:
44:91:da:65:72:84:a4:b0:d2:64:17:9d:78:11:85:c7:85:16:
e7:77:35:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsZbMus6MdL0CwDVzRBSbBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTI3NDJiOTFkNzcwZmU4ZWZiYzliNWRjZjhkYzM4OTg0
ZGQwZjAwHhcNMjMwMTAxMDgxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjkyNzAzNmZmMjRmMjg2NDU1ODMxNzVlN2U0YTllZWIyM2NjNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUGFBUGue3lqb3XAwBNbdBCfY8dC
jhmj5fK7V8CA48A2o36pmnwkg63t/JHFSfkw1pHQ9+EO4OOV64zsZDDDJoQeSlXb
xtyCPzA1De97lAjCUfXQ0c3d20J7vVfjf+PVCUVWdBnxEpfrdPRln8CRK5iEkrLG
nMZFLwcSq5AWfHE2YhCHxXeTrDL+RXgae8teX5ylU7+5MiDiBw/q0djYh2/IwVYV
9ENMpS/Bq9HXR0JRyTZATCFcPurDok8pCyz7eQlK9EoqSCdWJV55O3fvrrYYDvwR
yHZMLzyw1Pk/ysF1IQe5Xwc966ZqzdVAgbs/PM/EFrdiuN8h/Jy+KhHmJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH+ScDb/JPKGRVgxdefkqe6yPMdRMB8GA1UdIwQY
MBaAFNYSdCuR13D+jvvJtdz43DiYTdDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2Et
OWQ1NmUzYWRjYTkwLzEvZjVKd052OGs4b1pGV0RGMTUtU3A3ckk4eDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2EtOWQ1NmUzYWRjYTkw
LzEvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuRFoAwQB
uTjYAwQCucZ4MA0GCSqGSIb3DQEBCwUAA4IBAQCVk3lsRCUMdSj7fw/Dt0ibfHRg
03wOLIJx3ikxDs8R1YutMcZxE86rcvn8P41i5Bmj0xI8Zq+EYivWtDYZ+m5KeiJo
b6olNqZXiKMgga7Xq7CWK+BaBECC/Kk6c5eV4iGLDYsSBFUZ5lQZasFVHxMRoOzN
VgZmqibSshHMyc717WgrmQxoTeG0rAFW1efzi7Maya2bAANZeE4V/K+bV1xsZ9kB
7PWa6gf92ovJnBZlO8s0RcCkNo6mLyHTa4co4IN/9MrQZ8Mo2xDx41/4nfX44CjH
JEvCnB2EF4LL8KpndzkMTafZRj4oOTdEkdplcoSksNJkF514EYXHhRbndzVZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:35 2024 by rpki-client on console-ams.rpki-client.org