Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FTJ2NdRXqrF9iDsMKHZRBGpzWfA.roa
File: FTJ2NdRXqrF9iDsMKHZRBGpzWfA.roa (raw, json)
Hash identifier: 8dAmRjx0p0dJsKClM6XnEdV0xXwjY3ISNYTD4HMCzUs=
Subject key identifier: 15:32:76:35:D4:57:AA:B1:7D:88:3B:0C:28:76:51:04:6A:73:59:F0
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01887CEE4CF14241077D309B60BE27AC9E87
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FTJ2NdRXqrF9iDsMKHZRBGpzWfA.roa
Signing time: Fri 02 Jun 2023 16:26:12 +0000
ROA not before: Fri 02 Jun 2023 16:26:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 94.241.136.0/21 maxlen: 24
91.186.216.0/22 maxlen: 24
83.147.240.0/22 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7c:ee:4c:f1:42:41:07:7d:30:9b:60:be:27:ac:9e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jun 2 16:26:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15327635d457aab17d883b0c287651046a7359f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f7:04:f8:55:35:36:92:66:ab:81:2b:4f:98:
6b:98:8a:f7:fc:7d:c7:f0:15:6e:1a:1b:80:d7:6f:
72:70:2b:fd:5f:9b:ec:b9:d3:b2:eb:c1:21:59:6b:
b5:a9:42:a7:90:00:e2:f4:9e:52:7a:73:73:7e:94:
0d:d5:a2:3f:71:69:2b:8a:8b:89:96:d1:9f:e9:2b:
d4:a0:85:ed:cd:a5:b6:d4:51:4a:40:cf:13:d4:b6:
d4:3f:d5:19:d1:40:1e:97:53:82:94:1e:96:ea:3e:
f9:df:6c:9d:cc:59:df:0a:77:de:5d:60:6f:22:13:
0d:31:39:ca:a0:18:c4:d2:99:b9:0b:3b:b0:3a:50:
00:e5:dd:b0:01:1d:27:05:de:92:29:e5:3f:9b:cf:
cd:27:db:43:cc:4c:68:ec:64:2a:4b:02:e0:b6:88:
42:be:97:fb:48:cc:e9:15:4e:05:58:3d:10:47:16:
ff:0f:39:6f:ca:a2:fe:c7:9e:90:57:fa:db:91:7a:
f4:40:d3:0e:7a:d5:62:8b:18:54:66:01:ec:e5:f8:
07:72:6f:6e:3b:cb:77:77:80:ea:de:11:a0:cc:59:
96:dd:a7:82:7a:1e:f0:7c:e8:4f:9b:f9:12:04:05:
40:34:18:39:83:ac:1e:0c:04:e4:d9:6f:4b:f1:8e:
2c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:32:76:35:D4:57:AA:B1:7D:88:3B:0C:28:76:51:04:6A:73:59:F0
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/FTJ2NdRXqrF9iDsMKHZRBGpzWfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/22
83.147.252.0/22
91.186.216.0/22
94.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
30:a6:5d:29:99:1f:a4:db:d3:7b:b4:0b:37:4d:c8:8f:4c:fd:
f0:4b:0a:78:e1:54:4c:ee:9b:d3:22:43:59:41:8d:ea:3f:67:
9f:11:4c:63:09:ed:0a:19:ca:2f:fd:00:b3:6c:4a:ce:44:1e:
d2:54:f3:a8:d5:c1:bb:61:45:25:4c:a2:31:38:85:70:f4:97:
55:20:4e:6d:ef:b0:0e:6c:2c:fa:78:ae:c0:1d:81:41:7f:c2:
08:a8:2f:89:19:8a:75:9d:c3:88:5b:d0:6d:78:52:85:a6:d2:
42:48:d8:b9:ba:22:f1:e0:4d:71:16:79:00:b0:d8:31:0d:d7:
ec:ba:78:00:36:1c:6c:1a:c0:35:24:54:3e:9e:53:29:87:e3:
ea:14:f8:1c:e0:90:0c:10:f3:7d:c2:46:f4:11:30:79:03:17:
4c:e0:77:00:6d:b6:0e:0c:84:d9:00:74:cb:ac:15:6d:7d:eb:
eb:bf:1b:75:a9:52:70:b0:63:ac:1e:b0:70:00:cc:d2:19:23:
51:f6:90:fc:66:7c:db:3c:aa:b4:ba:2a:12:e8:af:47:01:d8:
67:0f:eb:04:6b:c8:64:80:26:48:b4:fe:32:f2:51:04:ee:60:
80:a4:4b:3b:f8:32:44:e3:49:61:d7:ba:52:07:21:a9:86:95:
f7:3d:ff:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYh87kzxQkEHfTCbYL4nrJ6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjMwNjAyMTYyNjEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTMyNzYzNWQ0NTdhYWIxN2Q4ODNiMGMyODc2NTEwNDZhNzM1OWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifcE+FU1NpJmq4ErT5hrmIr3/H3H
8BVuGhuA129ycCv9X5vsudOy68EhWWu1qUKnkADi9J5SenNzfpQN1aI/cWkriouJ
ltGf6SvUoIXtzaW21FFKQM8T1LbUP9UZ0UAel1OClB6W6j7532ydzFnfCnfeXWBv
IhMNMTnKoBjE0pm5CzuwOlAA5d2wAR0nBd6SKeU/m8/NJ9tDzExo7GQqSwLgtohC
vpf7SMzpFU4FWD0QRxb/DzlvyqL+x56QV/rbkXr0QNMOetViixhUZgHs5fgHcm9u
O8t3d4Dq3hGgzFmW3aeCeh7wfOhPm/kSBAVANBg5g6weDATk2W9L8Y4sMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUydjXUV6qxfYg7DCh2UQRqc1nwMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvRlRKMk5kUlhxckY5aURzTUtIWlJCR3B6V2ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCU5PwAwQC
U5P8AwQCW7rYAwQDXvGIMA0GCSqGSIb3DQEBCwUAA4IBAQAwpl0pmR+k29N7tAs3
TciPTP3wSwp44VRM7pvTIkNZQY3qP2efEUxjCe0KGcov/QCzbErORB7SVPOo1cG7
YUUlTKIxOIVw9JdVIE5t77AObCz6eK7AHYFBf8IIqC+JGYp1ncOIW9BteFKFptJC
SNi5uiLx4E1xFnkAsNgxDdfsungANhxsGsA1JFQ+nlMph+PqFPgc4JAMEPN9wkb0
ETB5AxdM4HcAbbYODITZAHTLrBVtfevrvxt1qVJwsGOsHrBwAMzSGSNR9pD8Znzb
PKq0uioS6K9HAdhnD+sEa8hkgCZItP4y8lEE7mCApEs7+DJE40lh17pSByGphpX3
Pf91
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org