Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/FTBcZQl9bOixsIEfahPRd5fcxnY.roa
File: FTBcZQl9bOixsIEfahPRd5fcxnY.roa (raw, json)
Hash identifier: nTLTFJ1HMZJ2OmhlQNhlrE1kL3P1M9nUOibBNjC6qUo=
Subject key identifier: 15:30:5C:65:09:7D:6C:E8:B1:B0:81:1F:6A:13:D1:77:97:DC:C6:76
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 01856C8A55D47068CB3030C1757991435A8C
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/FTBcZQl9bOixsIEfahPRd5fcxnY.roa
Signing time: Sun 01 Jan 2023 08:54:43 +0000
ROA not before: Sun 01 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203324
IP address blocks: 185.238.84.0/23 maxlen: 23
185.238.86.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:55:d4:70:68:cb:30:30:c1:75:79:91:43:5a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Jan 1 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15305c65097d6ce8b1b0811f6a13d17797dcc676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:80:f3:1f:6c:31:fd:04:f8:d3:ec:83:ae:69:
a7:f6:ae:0d:48:84:75:82:a8:ac:b4:c6:51:ed:17:
bf:29:ce:53:d9:81:90:c7:26:8a:0b:1d:d0:fb:a7:
c1:38:55:2e:95:67:b0:b6:a1:e0:d3:cc:32:51:1e:
52:55:d6:5e:ea:de:87:38:6b:a3:05:5a:f3:26:07:
c4:8b:76:16:3d:b4:8e:6c:40:b2:d9:e6:c9:b8:20:
4f:1e:5d:dc:a3:d9:b0:36:6c:1c:f7:8a:cb:e2:e1:
7a:7f:8a:17:dc:e9:26:cd:f5:4d:c5:d7:71:c8:bf:
25:4a:be:17:e8:bf:88:d0:a3:b9:67:33:1d:43:9c:
71:b8:59:a4:1a:a3:43:c0:f7:c4:ac:60:97:7f:88:
b2:8e:a1:06:0d:0c:84:0c:59:37:e5:91:85:dc:64:
7c:6d:3b:6d:99:63:58:ed:db:95:a8:af:11:07:4e:
45:62:5f:01:4e:6d:4f:6a:fd:c5:19:42:db:34:34:
49:27:ec:71:97:03:46:f2:cd:76:74:0a:70:8d:35:
14:92:e1:09:7c:51:d1:0b:ee:39:0f:b6:94:e0:91:
3a:b2:9a:e5:ff:dc:46:02:ff:27:c9:ba:40:14:5a:
7c:df:37:35:c8:70:ec:04:b4:b2:57:80:12:14:28:
cb:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:30:5C:65:09:7D:6C:E8:B1:B0:81:1F:6A:13:D1:77:97:DC:C6:76
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/FTBcZQl9bOixsIEfahPRd5fcxnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.84.0-185.238.86.255
Signature Algorithm: sha256WithRSAEncryption
54:8b:a6:99:50:90:c6:f2:ac:f0:86:a0:b8:7a:de:a6:14:df:
d7:e6:a4:6c:16:3e:cb:db:21:75:a9:23:97:cf:fb:27:7f:76:
c1:49:59:b7:75:e0:48:63:50:9f:62:5e:d3:48:95:82:41:46:
93:77:95:93:f9:29:07:3a:d0:4a:78:f3:00:be:38:c7:bd:6f:
e3:b9:d8:e5:5f:88:70:45:8a:0d:21:b0:6b:14:a5:07:6b:18:
f7:b5:28:47:0b:70:55:41:af:dc:33:66:a8:a7:c1:31:de:60:
5f:d9:77:61:09:de:b1:a3:57:be:4d:92:2c:2f:d5:ee:15:97:
64:7a:a8:bc:72:a4:cf:fc:e1:e2:76:7b:87:d4:04:2a:a5:b6:
e1:da:3b:f2:a7:9f:0d:5e:0b:ad:32:f9:23:d3:18:6e:8e:fe:
57:e6:72:f5:61:bd:e9:9a:ee:7c:99:ce:87:96:47:33:15:15:
46:e3:fc:ef:32:c7:f1:fa:5f:e3:29:dc:00:a4:8a:dd:8f:05:
b6:42:c2:25:63:6a:6e:4a:6e:cb:ee:0c:3b:37:e5:23:e0:ea:
b1:29:fb:35:a6:0f:32:f3:e5:59:7f:52:29:ec:08:dd:26:8c:
00:ad:14:90:e3:cd:26:a4:17:2f:ae:c6:a1:ad:e2:14:51:14:
cc:7b:a7:f0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVsilXUcGjLMDDBdXmRQ1qMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjMwMTAxMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTMwNWM2NTA5N2Q2Y2U4YjFiMDgxMWY2YTEzZDE3Nzk3ZGNjNjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroDzH2wx/QT40+yDrmmn9q4NSIR1
gqistMZR7Re/Kc5T2YGQxyaKCx3Q+6fBOFUulWewtqHg08wyUR5SVdZe6t6HOGuj
BVrzJgfEi3YWPbSObECy2ebJuCBPHl3co9mwNmwc94rL4uF6f4oX3OkmzfVNxddx
yL8lSr4X6L+I0KO5ZzMdQ5xxuFmkGqNDwPfErGCXf4iyjqEGDQyEDFk35ZGF3GR8
bTttmWNY7duVqK8RB05FYl8BTm1Pav3FGULbNDRJJ+xxlwNG8s12dApwjTUUkuEJ
fFHRC+45D7aU4JE6sprl/9xGAv8nybpAFFp83zc1yHDsBLSyV4ASFCjLEQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBUwXGUJfWzosbCBH2oT0XeX3MZ2MB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvRlRCY1pRbDliT2l4c0lFZmFoUFJkNWZjeG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK57lQD
BAC57lYwDQYJKoZIhvcNAQELBQADggEBAFSLpplQkMbyrPCGoLh63qYU39fmpGwW
PsvbIXWpI5fP+yd/dsFJWbd14EhjUJ9iXtNIlYJBRpN3lZP5KQc60Ep48wC+OMe9
b+O52OVfiHBFig0hsGsUpQdrGPe1KEcLcFVBr9wzZqinwTHeYF/Zd2EJ3rGjV75N
kiwv1e4Vl2R6qLxypM/84eJ2e4fUBCqltuHaO/Knnw1eC60y+SPTGG6O/lfmcvVh
vema7nyZzoeWRzMVFUbj/O8yx/H6X+Mp3ACkit2PBbZCwiVjam5KbsvuDDs35SPg
6rEp+zWmDzLz5Vl/UinsCN0mjACtFJDjzSakFy+uxqGt4hRRFMx7p/A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:22 2023 by rpki-client on console-fra.rpki-client.org