Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FvEllHy226w-y4NmILROO8b6LpA.roa
File: FvEllHy226w-y4NmILROO8b6LpA.roa (raw, json)
Hash identifier: P7OndhNm+/SFnWVM+vonNhJqitXMEJEMA8r1wYPZu6c=
Subject key identifier: 16:F1:25:94:7C:B6:DB:AC:3E:CB:83:66:20:B4:4E:3B:C6:FA:2E:90
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018610D001AFB047FBB8EFAA5CF7E3DF4F26
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FvEllHy226w-y4NmILROO8b6LpA.roa
Signing time: Thu 02 Feb 2023 06:28:32 +0000
ROA not before: Thu 02 Feb 2023 06:28:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203458
IP address blocks: 93.115.254.0/23 maxlen: 24
87.247.148.0/23 maxlen: 24
185.255.170.0/23 maxlen: 24
91.188.206.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:10:d0:01:af:b0:47:fb:b8:ef:aa:5c:f7:e3:df:4f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 2 06:28:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=16f125947cb6dbac3ecb836620b44e3bc6fa2e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:13:e7:91:2f:cc:55:fe:f0:e4:76:0f:f6:b3:
a1:82:ea:68:0d:f0:13:1f:10:a2:f8:27:cf:c0:35:
cd:64:46:22:e4:22:92:47:a6:8c:6f:95:c5:1d:24:
a5:e5:5c:71:6c:7e:46:7f:38:48:e7:ea:11:5d:bb:
d7:8d:f7:4e:32:43:54:fc:d6:7c:00:d9:23:b1:10:
f4:46:6f:d8:88:4c:0f:77:ee:ec:17:f1:bf:e0:0a:
65:c5:1c:d0:f0:f1:a4:32:26:df:01:02:35:c6:ff:
0c:f0:7d:3c:19:46:06:76:9b:89:c7:ab:b5:26:ef:
a6:2e:e2:41:d7:41:b9:5d:f7:64:ce:64:eb:9e:72:
7c:17:94:86:41:07:b3:4b:a0:f9:bf:24:c3:56:84:
c8:b5:77:fc:0c:d8:c2:9e:a1:ea:4c:b8:2a:c0:5a:
12:1e:a0:5e:ef:06:ca:e0:50:52:04:cb:42:73:2a:
6b:32:c5:d1:a9:c9:12:e8:30:a8:91:37:2b:da:48:
61:45:af:97:f6:3a:46:5a:e8:59:69:f7:e7:c2:bf:
1d:9c:c5:70:8c:63:b9:fe:e0:55:1c:7d:93:f5:ab:
d6:11:4c:c9:e2:e5:ed:4f:a1:b6:d6:77:bf:5e:8c:
72:cb:0e:5c:bd:39:af:2b:f8:35:a9:3f:26:60:7b:
27:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:F1:25:94:7C:B6:DB:AC:3E:CB:83:66:20:B4:4E:3B:C6:FA:2E:90
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/FvEllHy226w-y4NmILROO8b6LpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.148.0/23
91.188.206.0/24
93.115.254.0/23
185.255.170.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:77:cf:97:54:ba:f2:25:23:7a:04:58:de:eb:d3:0f:74:fe:
7d:a9:1b:be:c8:66:d1:69:d8:96:de:4f:53:51:54:4c:59:54:
67:4f:19:da:8b:ab:9f:50:32:8b:98:2d:f1:e3:34:b4:36:7d:
bb:03:29:ed:2f:cc:8f:f1:fd:f2:7c:d6:4c:da:ad:bc:f5:5e:
23:8e:c6:31:0d:62:06:98:c1:88:1c:3e:b0:4c:3d:97:8f:fd:
8c:f2:97:bb:e3:94:79:85:57:12:2a:3b:ca:f7:d8:ce:4a:1c:
43:27:2c:a3:6e:8b:d2:3c:42:95:4f:29:09:1d:b3:43:00:6b:
83:5f:7b:3d:6c:25:07:96:90:da:0d:89:e7:96:76:75:a2:e0:
85:32:e9:12:c4:1e:e3:f3:e5:14:95:18:88:b3:63:62:52:37:
cf:a9:e4:7c:f2:7c:65:6b:0f:de:7c:4e:28:2a:ee:05:4f:23:
f5:fc:60:4c:de:b8:22:f8:cb:90:6d:4a:3c:6d:75:51:3d:d7:
da:31:52:dc:a8:04:44:a2:82:8c:e1:12:87:7f:68:d2:af:90:
3f:ae:85:2b:b4:f3:f5:48:7d:23:99:06:04:8e:f7:e3:ca:dd:
18:4e:bf:d3:1a:07:44:64:7e:b6:a1:c2:b2:66:00:12:f4:db:
39:3f:c6:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYQ0AGvsEf7uO+qXPfj308mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjAyMDYyODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmYxMjU5NDdjYjZkYmFjM2VjYjgzNjYyMGI0NGUzYmM2ZmEyZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBPnkS/MVf7w5HYP9rOhgupoDfAT
HxCi+CfPwDXNZEYi5CKSR6aMb5XFHSSl5VxxbH5GfzhI5+oRXbvXjfdOMkNU/NZ8
ANkjsRD0Rm/YiEwPd+7sF/G/4AplxRzQ8PGkMibfAQI1xv8M8H08GUYGdpuJx6u1
Ju+mLuJB10G5XfdkzmTrnnJ8F5SGQQezS6D5vyTDVoTItXf8DNjCnqHqTLgqwFoS
HqBe7wbK4FBSBMtCcyprMsXRqckS6DCokTcr2khhRa+X9jpGWuhZaffnwr8dnMVw
jGO5/uBVHH2T9avWEUzJ4uXtT6G21ne/Xoxyyw5cvTmvK/g1qT8mYHsnKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBbxJZR8ttusPsuDZiC0TjvG+i6QMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvRnZFbGxIeTIyNncteTRObUlMUk9POGI2THBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBV/eUAwQA
W7zOAwQBXXP+AwQBuf+qMA0GCSqGSIb3DQEBCwUAA4IBAQCLd8+XVLryJSN6BFje
69MPdP59qRu+yGbRadiW3k9TUVRMWVRnTxnai6ufUDKLmC3x4zS0Nn27AyntL8yP
8f3yfNZM2q289V4jjsYxDWIGmMGIHD6wTD2Xj/2M8pe745R5hVcSKjvK99jOShxD
JyyjbovSPEKVTykJHbNDAGuDX3s9bCUHlpDaDYnnlnZ1ouCFMukSxB7j8+UUlRiI
s2NiUjfPqeR88nxlaw/efE4oKu4FTyP1/GBM3rgi+MuQbUo8bXVRPdfaMVLcqARE
ooKM4RKHf2jSr5A/roUrtPP1SH0jmQYEjvfjyt0YTr/TGgdEZH62ocKyZgAS9Ns5
P8bO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org