Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/FFWhWWop-woZLhDyqEVw4R6t8vg.roa
File: FFWhWWop-woZLhDyqEVw4R6t8vg.roa (raw, json)
Hash identifier: UQ4trGWCfffz34rbj2kQL40CQDYIGo/85LyWhNhkKgQ=
Subject key identifier: 14:55:A1:59:6A:29:FB:0A:19:2E:10:F2:A8:45:70:E1:1E:AD:F2:F8
Certificate issuer: /CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Certificate serial: 018ABD648A7F49D887012EE93FB58858E2E2
Authority key identifier: 34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/FFWhWWop-woZLhDyqEVw4R6t8vg.roa
Signing time: Fri 22 Sep 2023 14:56:37 +0000
ROA not before: Fri 22 Sep 2023 14:56:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15830
IP address blocks: 185.117.176.0/22 maxlen: 32
217.15.32.0/20 maxlen: 32
88.84.64.0/19 maxlen: 32
217.149.144.0/20 maxlen: 32
95.142.0.0/20 maxlen: 32
2a02:206a::/32 maxlen: 32
2a02:206d::/32 maxlen: 32
2a02:206b::/32 maxlen: 32
2a02:2068::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bd:64:8a:7f:49:d8:87:01:2e:e9:3f:b5:88:58:e2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34f47b73ee8fbedd25f41b3b17b2be08f5bf6563
Validity
Not Before: Sep 22 14:56:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1455a1596a29fb0a192e10f2a84570e11eadf2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9f:02:42:83:39:c8:ac:e6:54:e6:86:43:7f:
01:e8:c0:8c:5c:46:78:e6:56:9a:0d:4d:4b:c6:f4:
eb:b3:7d:0e:93:dd:92:e8:d5:2f:d9:e4:4e:41:01:
10:ea:e4:7f:b2:82:aa:a9:ed:f7:29:da:3e:4e:d6:
90:dc:9b:b9:6d:d6:e5:f2:ee:d1:94:f7:81:3b:0c:
4f:c4:8b:b2:a0:a8:e9:28:cd:75:02:11:3e:56:24:
4d:d3:5f:ec:f3:90:2a:f4:d2:5f:01:b5:c1:52:9b:
26:54:23:eb:56:ba:01:13:9e:57:6a:76:dd:c7:4f:
52:9b:c4:b4:c2:fb:e0:9b:ae:d9:b1:25:21:07:5b:
0b:53:b4:cf:b1:08:01:0f:ca:1e:2d:0d:09:6d:1d:
55:bf:1f:32:7d:0c:6d:94:c7:ed:50:ef:a0:98:65:
15:39:8c:0f:9c:9b:b3:f4:6f:29:9e:92:1a:81:63:
42:e7:41:d6:0d:05:69:1d:4c:f1:fe:ff:be:84:d3:
5c:ce:ca:25:2f:b4:34:46:55:1c:fd:83:ad:95:8a:
68:9f:a2:12:cc:4f:53:07:32:93:d8:21:42:8b:9e:
23:1c:76:90:45:2e:b2:a0:8b:92:50:3f:91:e6:ac:
09:a6:bc:a2:21:a7:be:01:e1:78:63:ef:5d:86:bc:
da:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:55:A1:59:6A:29:FB:0A:19:2E:10:F2:A8:45:70:E1:1E:AD:F2:F8
X509v3 Authority Key Identifier:
keyid:34:F4:7B:73:EE:8F:BE:DD:25:F4:1B:3B:17:B2:BE:08:F5:BF:65:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/FFWhWWop-woZLhDyqEVw4R6t8vg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/0fc5c9-4ec6-4df6-82c4-d87e4047f853/1/NPR7c-6Pvt0l9Bs7F7K-CPW_ZWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.64.0/19
95.142.0.0/20
185.117.176.0/22
217.15.32.0/20
217.149.144.0/20
IPv6:
2a02:2068::/29
Signature Algorithm: sha256WithRSAEncryption
5a:d4:b3:a9:ad:66:79:2d:d0:bb:56:c1:9f:92:8c:29:c6:63:
ae:c9:97:fc:2c:0e:d7:f3:78:71:08:6c:69:80:c3:c7:47:d5:
ab:7d:71:d2:22:0c:12:9a:f6:93:14:f7:a8:0e:ef:ae:d1:db:
b9:df:cf:8d:50:37:f9:4e:ef:e8:5b:fb:c9:14:0e:94:30:f8:
60:55:4c:6f:1b:d1:39:5c:d3:ad:d1:a0:fa:df:8c:57:7d:f1:
af:32:9c:29:9b:b9:0a:50:78:89:4a:ca:62:96:05:ce:e1:9d:
6f:56:17:a3:dd:28:c9:42:13:15:71:56:a5:6a:32:1b:3d:f6:
53:75:35:c5:06:c0:1e:92:93:dc:e3:03:95:e0:e1:8d:e7:93:
c3:41:e0:c5:ee:9d:7c:25:7d:21:54:01:06:64:ee:f6:12:4e:
74:5d:1a:9f:5a:e9:b4:4c:1c:2f:54:26:26:67:b5:83:86:38:
2d:cc:3d:7d:ed:82:d7:00:59:13:f9:7c:1a:9e:24:b4:d9:17:
b6:74:df:79:2f:a0:c2:69:ef:86:ba:db:e4:f2:08:f9:63:69:
ff:27:6b:06:c7:34:ff:e2:0f:e4:b2:87:21:78:75:8f:91:f4:
17:40:b5:c3:80:86:00:03:37:e9:a3:c3:4e:89:4e:e6:e5:97:
23:5a:85:55
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYq9ZIp/SdiHAS7pP7WIWOLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZjQ3YjczZWU4ZmJlZGQyNWY0MWIzYjE3YjJiZTA4ZjVi
ZjY1NjMwHhcNMjMwOTIyMTQ1NjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU1YTE1OTZhMjlmYjBhMTkyZTEwZjJhODQ1NzBlMTFlYWRmMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp8CQoM5yKzmVOaGQ38B6MCMXEZ4
5laaDU1LxvTrs30Ok92S6NUv2eROQQEQ6uR/soKqqe33Kdo+TtaQ3Ju5bdbl8u7R
lPeBOwxPxIuyoKjpKM11AhE+ViRN01/s85Aq9NJfAbXBUpsmVCPrVroBE55Xanbd
x09Sm8S0wvvgm67ZsSUhB1sLU7TPsQgBD8oeLQ0JbR1Vvx8yfQxtlMftUO+gmGUV
OYwPnJuz9G8pnpIagWNC50HWDQVpHUzx/v++hNNczsolL7Q0RlUc/YOtlYpon6IS
zE9TBzKT2CFCi54jHHaQRS6yoIuSUD+R5qwJpryiIae+AeF4Y+9dhrzalwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBRVoVlqKfsKGS4Q8qhFcOEerfL4MB8GA1UdIwQY
MBaAFDT0e3Puj77dJfQbOxeyvgj1v2VjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQt
ZDg3ZTQwNDdmODUzLzEvRkZXaFdXb3Atd29aTGhEeXFFVnc0UjZ0OHZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wZmM1YzktNGVjNi00ZGY2LTgyYzQtZDg3ZTQwNDdmODUz
LzEvTlBSN2MtNlB2dDBsOUJzN0Y3Sy1DUFdfWldNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFWFRAAwQE
X44AAwQCuXWwAwQE2Q8gAwQE2ZWQMA0EAgACMAcDBQMqAiBoMA0GCSqGSIb3DQEB
CwUAA4IBAQBa1LOprWZ5LdC7VsGfkowpxmOuyZf8LA7X83hxCGxpgMPHR9WrfXHS
IgwSmvaTFPeoDu+u0du538+NUDf5Tu/oW/vJFA6UMPhgVUxvG9E5XNOt0aD634xX
ffGvMpwpm7kKUHiJSspilgXO4Z1vVhej3SjJQhMVcValajIbPfZTdTXFBsAekpPc
4wOV4OGN55PDQeDF7p18JX0hVAEGZO72Ek50XRqfWum0TBwvVCYmZ7WDhjgtzD19
7YLXAFkT+XwaniS02Re2dN95L6DCae+Gutvk8gj5Y2n/J2sGxzT/4g/ksocheHWP
kfQXQLXDgIYAAzfpo8NOiU7m5ZcjWoVV
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:25 2024 by rpki-client on console-fra.rpki-client.org