Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/fjzICXLsS9gkTl8rya5t3U3pjC4.roa
File: fjzICXLsS9gkTl8rya5t3U3pjC4.roa (raw, json)
Hash identifier: XNwKLKXoJzwuQuZuvHGaNMpM9nWxoN++F4NSt7Bn2HU=
Subject key identifier: 7E:3C:C8:09:72:EC:4B:D8:24:4E:5F:2B:C9:AE:6D:DD:4D:E9:8C:2E
Certificate issuer: /CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Certificate serial: 018B9E1E1FA5350181602696738DFB490AA7
Authority key identifier: 1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/fjzICXLsS9gkTl8rya5t3U3pjC4.roa
Signing time: Sun 05 Nov 2023 06:14:16 +0000
ROA not before: Sun 05 Nov 2023 06:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.138.233.0/24 maxlen: 24
185.138.235.0/24 maxlen: 24
91.239.62.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9e:1e:1f:a5:35:01:81:60:26:96:73:8d:fb:49:0a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c06a82bb115d7393e39fd58b73bbf20f6cd0b1f
Validity
Not Before: Nov 5 06:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e3cc80972ec4bd8244e5f2bc9ae6ddd4de98c2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:de:af:b1:0c:4f:d4:67:37:64:10:f6:b1:3f:
4d:1f:ad:74:c2:f5:b3:21:09:a8:24:d7:c6:98:9f:
3f:82:94:0b:26:d8:07:93:d6:75:7e:a6:7b:34:29:
4d:c9:c1:b5:2c:a3:12:5e:09:d6:77:4c:52:e6:1a:
f5:ea:8b:70:18:a1:68:0c:74:4e:cd:92:05:81:68:
6d:7a:0a:92:c5:6d:97:d3:8f:a3:c5:f3:43:c1:36:
48:4e:f1:b9:24:1a:a4:a7:54:0b:05:43:c4:17:2f:
5c:27:53:7b:8a:3d:95:21:fe:a0:e0:5d:3b:06:42:
7f:40:d7:03:96:c1:39:cf:26:c9:f4:67:12:3a:56:
d5:99:b1:e6:55:c1:bf:d8:23:60:f9:ba:1e:74:86:
cd:b7:23:38:53:5a:5a:e2:dd:28:bd:41:ed:a9:85:
15:3b:67:af:74:96:2e:a3:dd:e2:9a:30:1f:09:98:
bd:d0:a4:0f:86:f4:e9:c8:f6:f4:92:28:07:a6:9f:
b2:dc:4d:08:aa:e5:5a:d2:9a:28:da:77:d0:6c:68:
86:b7:9c:b7:88:5a:b8:f0:03:45:1f:94:05:86:88:
e7:4f:42:52:87:5a:14:be:47:b5:1b:2e:8f:77:f9:
ed:a9:36:45:85:29:e7:af:9b:d2:95:98:9e:3e:cd:
02:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:3C:C8:09:72:EC:4B:D8:24:4E:5F:2B:C9:AE:6D:DD:4D:E9:8C:2E
X509v3 Authority Key Identifier:
keyid:1C:06:A8:2B:B1:15:D7:39:3E:39:FD:58:B7:3B:BF:20:F6:CD:0B:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/fjzICXLsS9gkTl8rya5t3U3pjC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/12eaad-8a45-4789-bab5-726057a1f2a4/1/HAaoK7EV1zk-Of1Ytzu_IPbNCx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.62.0/24
185.138.233.0/24
185.138.235.0/24
Signature Algorithm: sha256WithRSAEncryption
93:4e:6e:8f:86:1d:17:19:41:71:5e:85:15:1d:9e:49:a9:97:
5c:77:a9:37:84:46:56:fa:93:52:9a:14:48:0d:9c:4e:ed:af:
35:46:21:6e:ac:97:ed:75:b1:74:2f:01:c2:e7:4d:51:c5:00:
c5:20:66:25:65:f9:4a:76:8a:2f:e3:87:bc:1a:70:17:64:9e:
01:55:16:53:9e:71:f7:70:56:02:36:73:6a:5e:bb:73:18:f7:
9e:36:94:e4:2b:99:76:d8:51:a8:48:9d:cd:9b:45:e1:73:bf:
c9:9f:f4:f6:b6:b3:7b:58:a9:d3:b1:ae:39:21:c1:9d:8d:7e:
00:a1:3e:bd:2c:9f:63:53:7e:d9:aa:0e:dc:2c:dc:d3:ef:7a:
c1:30:3b:29:00:2a:11:4d:c2:cd:e5:2b:b7:89:ad:88:1d:6f:
1a:e5:86:38:e4:9c:ad:8b:f7:70:ad:a8:bc:cf:30:dd:02:57:
f4:5e:11:11:23:d9:dc:c3:97:be:0f:c5:41:49:4a:ad:1c:34:
e8:6a:ca:c8:cf:f4:f9:da:7e:3b:4c:6a:79:44:2c:82:d2:97:
44:17:e3:ba:02:c4:13:6f:d0:48:11:a6:cd:d5:d2:49:b3:cb:
0b:58:a9:4d:8d:e0:f2:b6:d3:94:17:ee:60:70:e7:09:fd:4a:
fe:87:01:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYueHh+lNQGBYCaWc437SQqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMDZhODJiYjExNWQ3MzkzZTM5ZmQ1OGI3M2JiZjIwZjZj
ZDBiMWYwHhcNMjMxMTA1MDYxNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTNjYzgwOTcyZWM0YmQ4MjQ0ZTVmMmJjOWFlNmRkZDRkZTk4YzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgt6vsQxP1Gc3ZBD2sT9NH610wvWz
IQmoJNfGmJ8/gpQLJtgHk9Z1fqZ7NClNycG1LKMSXgnWd0xS5hr16otwGKFoDHRO
zZIFgWhtegqSxW2X04+jxfNDwTZITvG5JBqkp1QLBUPEFy9cJ1N7ij2VIf6g4F07
BkJ/QNcDlsE5zybJ9GcSOlbVmbHmVcG/2CNg+boedIbNtyM4U1pa4t0ovUHtqYUV
O2evdJYuo93imjAfCZi90KQPhvTpyPb0kigHpp+y3E0IquVa0poo2nfQbGiGt5y3
iFq48ANFH5QFhojnT0JSh1oUvke1Gy6Pd/ntqTZFhSnnr5vSlZiePs0CYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH48yAly7EvYJE5fK8mubd1N6YwuMB8GA1UdIwQY
MBaAFBwGqCuxFdc5Pjn9WLc7vyD2zQsfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUt
NzI2MDU3YTFmMmE0LzEvZmp6SUNYTHNTOWdrVGw4cnlhNXQzVTNwakM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xMmVhYWQtOGE0NS00Nzg5LWJhYjUtNzI2MDU3YTFmMmE0
LzEvSEFhb0s3RVYxemstT2YxWXR6dV9JUGJOQ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+8+AwQA
uYrpAwQAuYrrMA0GCSqGSIb3DQEBCwUAA4IBAQCTTm6Phh0XGUFxXoUVHZ5JqZdc
d6k3hEZW+pNSmhRIDZxO7a81RiFurJftdbF0LwHC501RxQDFIGYlZflKdoov44e8
GnAXZJ4BVRZTnnH3cFYCNnNqXrtzGPeeNpTkK5l22FGoSJ3Nm0Xhc7/Jn/T2trN7
WKnTsa45IcGdjX4AoT69LJ9jU37Zqg7cLNzT73rBMDspACoRTcLN5Su3ia2IHW8a
5YY45Jyti/dwrai8zzDdAlf0XhERI9ncw5e+D8VBSUqtHDToasrIz/T52n47TGp5
RCyC0pdEF+O6AsQTb9BIEabN1dJJs8sLWKlNjeDyttOUF+5gcOcJ/Ur+hwGZ
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:21 2024 by rpki-client on console-fra.rpki-client.org