Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/FFjEN0vu8T0BSt1lKEFSuLzupnA.roa
File: FFjEN0vu8T0BSt1lKEFSuLzupnA.roa (raw, json)
Hash identifier: yHELCkX4H6Fra8FjtYR03xe1HdhPYOOrHH1v7//+EOc=
Subject key identifier: 14:58:C4:37:4B:EE:F1:3D:01:4A:DD:65:28:41:52:B8:BC:EE:A6:70
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB8B9E5DA7E77ADA459CD95D7CF5B8
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/FFjEN0vu8T0BSt1lKEFSuLzupnA.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61071
IP address blocks: 95.158.144.0/24 maxlen: 24
185.18.230.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8b:9e:5d:a7:e7:7a:da:45:9c:d9:5d:7c:f5:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1458c4374beef13d014add65284152b8bceea670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2d:31:ad:0a:b5:71:84:27:d6:fa:04:f1:95:
da:9a:ca:c8:a0:55:82:7d:d3:a6:0f:c9:5c:27:f0:
7a:95:0c:0e:09:2b:e0:2d:12:21:c6:b8:6e:31:3f:
d4:c8:b0:9e:40:42:6b:78:9a:00:7b:13:aa:6b:f5:
6b:d5:ec:f5:ef:f5:2a:c9:b3:14:c6:22:df:49:12:
e2:26:9c:e5:0a:ff:e5:5c:37:95:17:ea:df:ff:8a:
95:88:98:63:4f:36:cb:64:2b:f4:af:1f:45:08:c4:
ad:45:e0:72:af:66:07:aa:6a:26:59:b2:74:fb:e6:
7b:f0:9d:fc:97:b4:0d:9e:93:f6:a7:42:bb:37:67:
24:b3:c5:f8:a7:cf:49:de:68:12:b9:f4:40:69:40:
3d:ad:c8:c8:6c:28:cf:43:d2:cc:04:a6:4d:21:59:
17:b1:63:7f:45:ec:be:ce:e4:23:ab:f7:cc:40:14:
ba:30:06:dd:e1:67:b2:fc:18:d2:5d:88:4b:3e:d0:
48:e6:a2:b9:aa:4b:0b:55:2e:14:cf:d3:34:eb:fd:
0e:85:0c:e3:7e:3a:14:b4:37:0d:d5:9b:72:dc:94:
e8:2c:1b:2e:97:54:73:4d:ab:d3:bb:57:31:8b:df:
02:ef:87:ba:6d:06:00:30:72:7e:ec:42:77:1c:ff:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:58:C4:37:4B:EE:F1:3D:01:4A:DD:65:28:41:52:B8:BC:EE:A6:70
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/FFjEN0vu8T0BSt1lKEFSuLzupnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.158.144.0/24
185.18.230.0/23
Signature Algorithm: sha256WithRSAEncryption
33:ed:4b:5e:62:83:06:1b:7f:f1:a3:3c:d2:99:00:ed:8c:21:
f0:bb:52:fe:ec:3e:23:04:c8:20:55:fd:08:99:a3:18:a7:68:
8b:91:c2:6e:fc:d2:73:fa:50:5f:37:56:0b:0a:bc:41:67:e2:
a6:1b:42:fb:39:40:ff:1d:24:47:b9:b5:f0:d8:08:dc:a2:bd:
a7:8e:ce:cb:de:d1:6f:ab:02:a2:87:79:98:e4:b9:92:1f:de:
12:22:8e:07:14:b3:92:c6:99:10:66:22:05:3c:0f:62:3a:57:
32:af:de:7b:c4:de:8e:77:3f:86:32:96:ad:a5:2d:eb:1f:e6:
74:cb:c2:99:61:39:98:bb:45:db:38:1e:15:d0:30:f4:a0:bd:
48:a1:56:c8:90:88:55:39:1e:7d:c4:58:fa:5e:24:9d:56:5d:
57:6d:c5:c2:a3:88:5f:74:d9:42:04:46:bc:b0:0b:1b:51:a4:
62:a9:53:e4:03:e5:e3:53:c8:ae:71:eb:26:0f:d3:e4:60:d6:
e7:9c:66:45:75:f0:68:4f:cd:26:61:c3:75:78:32:bf:93:da:
ef:5e:99:a8:4e:f5:62:aa:d0:8b:e8:62:f1:b1:bf:48:ac:e8:
d9:8e:c3:c0:bd:74:83:77:65:94:0e:90:9b:b5:2e:c5:e2:70:
42:3a:6b:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvy4ueXafnetpFnNldfPW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDU4YzQzNzRiZWVmMTNkMDE0YWRkNjUyODQxNTJiOGJjZWVhNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmy0xrQq1cYQn1voE8ZXamsrIoFWC
fdOmD8lcJ/B6lQwOCSvgLRIhxrhuMT/UyLCeQEJreJoAexOqa/Vr1ez17/UqybMU
xiLfSRLiJpzlCv/lXDeVF+rf/4qViJhjTzbLZCv0rx9FCMStReByr2YHqmomWbJ0
++Z78J38l7QNnpP2p0K7N2cks8X4p89J3mgSufRAaUA9rcjIbCjPQ9LMBKZNIVkX
sWN/Rey+zuQjq/fMQBS6MAbd4Wey/BjSXYhLPtBI5qK5qksLVS4Uz9M06/0OhQzj
fjoUtDcN1Zty3JToLBsul1RzTavTu1cxi98C74e6bQYAMHJ+7EJ3HP9bPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBRYxDdL7vE9AUrdZShBUri87qZwMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvRkZqRU4wdnU4VDBCU3QxbEtFRlN1THp1cG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX56QAwQB
uRLmMA0GCSqGSIb3DQEBCwUAA4IBAQAz7UteYoMGG3/xozzSmQDtjCHwu1L+7D4j
BMggVf0ImaMYp2iLkcJu/NJz+lBfN1YLCrxBZ+KmG0L7OUD/HSRHubXw2Ajcor2n
js7L3tFvqwKih3mY5LmSH94SIo4HFLOSxpkQZiIFPA9iOlcyr957xN6Odz+GMpat
pS3rH+Z0y8KZYTmYu0XbOB4V0DD0oL1IoVbIkIhVOR59xFj6XiSdVl1XbcXCo4hf
dNlCBEa8sAsbUaRiqVPkA+XjU8iucesmD9PkYNbnnGZFdfBoT80mYcN1eDK/k9rv
XpmoTvViqtCL6GLxsb9IrOjZjsPAvXSDd2WUDpCbtS7F4nBCOmuq
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:29 2024 by rpki-client on console-fra.rpki-client.org