Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/FJklzZ7dHwN5l5yjY5cXCg1TLsI.roa
File: FJklzZ7dHwN5l5yjY5cXCg1TLsI.roa (raw, json)
Hash identifier: 7pLF30jhRprOAZqIJErtAgBD0TplGvLelhmmiiNvERU=
Subject key identifier: 14:99:25:CD:9E:DD:1F:03:79:97:9C:A3:63:97:17:0A:0D:53:2E:C2
Certificate issuer: /CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Certificate serial: 01856F5DF4B3CDE7E5165A22D76AE97BA750
Authority key identifier: 65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/FJklzZ7dHwN5l5yjY5cXCg1TLsI.roa
Signing time: Sun 01 Jan 2023 22:05:06 +0000
ROA not before: Sun 01 Jan 2023 22:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61292
IP address blocks: 185.12.56.0/24 maxlen: 24
185.152.34.0/24 maxlen: 24
2a02:ed03::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:30:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f4:b3:cd:e7:e5:16:5a:22:d7:6a:e9:7b:a7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65bdcff77bf060d5da12de45e2072e1cff4560a7
Validity
Not Before: Jan 1 22:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=149925cd9edd1f0379979ca36397170a0d532ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3d:bd:65:3b:cf:af:c3:46:7e:a7:63:6b:50:
9f:77:fa:47:76:7f:12:a0:a2:c2:0b:6a:aa:0e:4c:
4d:74:de:d3:10:32:0b:a5:5c:96:f0:46:0a:45:34:
da:37:81:c9:91:be:4c:9d:ed:e0:04:6d:de:58:0d:
52:98:ca:09:e2:8a:1d:ad:a1:3a:73:0b:74:eb:27:
08:db:66:e3:9d:9d:20:43:fe:99:a7:65:71:89:b1:
a8:33:5f:16:15:4f:d0:db:f3:ed:13:28:f8:d9:17:
f2:29:29:a5:67:2f:41:b3:62:56:86:c9:ca:57:0f:
66:4e:b5:48:61:c4:80:40:d9:90:43:83:b9:6e:80:
83:85:9e:88:b0:c4:4f:8a:0b:03:e3:ea:8a:de:e3:
a8:0d:5a:90:fd:3a:57:c8:c7:e7:cd:e1:57:d4:22:
e1:30:23:69:5f:01:3c:e4:94:af:e4:d7:23:7a:e4:
16:47:54:41:0e:87:4c:0b:46:7d:2f:82:1c:b7:bc:
f8:fb:bd:ff:6c:1a:a1:7f:e4:cc:bc:92:50:c5:c5:
de:93:e0:29:92:b7:63:02:72:fc:be:d3:17:e3:90:
a6:82:26:71:7f:76:4c:7d:8a:8e:25:ea:b1:7f:8c:
13:2d:10:ba:52:8d:6e:49:8f:23:60:6e:f3:b0:09:
2c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:99:25:CD:9E:DD:1F:03:79:97:9C:A3:63:97:17:0A:0D:53:2E:C2
X509v3 Authority Key Identifier:
keyid:65:BD:CF:F7:7B:F0:60:D5:DA:12:DE:45:E2:07:2E:1C:FF:45:60:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zb3P93vwYNXaEt5F4gcuHP9FYKc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/FJklzZ7dHwN5l5yjY5cXCg1TLsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/195f3d-a851-455a-9b0f-d70cd97f4857/1/Zb3P93vwYNXaEt5F4gcuHP9FYKc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.56.0/24
185.152.34.0/24
IPv6:
2a02:ed03::/32
Signature Algorithm: sha256WithRSAEncryption
11:e4:e4:28:1d:59:29:71:c7:9e:6e:f0:05:8c:86:2e:ed:12:
0b:6e:34:f8:c7:02:be:3e:03:91:50:41:6b:6a:3e:06:7f:be:
39:1d:d2:26:6c:2e:20:71:eb:2f:81:59:d5:fc:fa:69:db:f2:
fc:de:e7:46:57:79:75:56:68:97:ce:8a:07:41:99:30:78:e7:
98:2c:dd:39:7d:2a:0a:b6:3a:a0:72:13:54:ec:22:00:4a:bc:
4a:76:d8:8c:57:f1:c6:a0:e3:e5:df:c6:14:6f:89:22:f5:89:
03:ca:51:d9:8f:1d:da:a3:fc:37:8f:f6:8b:2e:16:fc:6e:3b:
1a:68:d0:45:18:b2:c9:ff:ef:6a:f7:3d:9b:6a:b9:02:2c:7d:
77:05:ee:c9:b8:8e:fc:9e:10:27:64:66:70:93:f3:76:86:2b:
db:c1:6f:5f:80:b4:46:99:ae:f7:a5:ab:ba:1c:a7:fc:06:64:
3d:a8:4f:62:cc:df:ab:b0:6a:30:cb:f8:a1:ad:79:b4:59:db:
18:9e:9c:50:0d:47:ba:09:08:8e:6b:b4:a0:f6:c8:45:03:42:
ff:6d:fc:5e:8e:62:80:da:05:85:41:f7:0f:6a:16:cb:4d:55:
7f:85:61:e7:ac:c4:f0:ec:fe:a0:c4:02:12:a1:50:4d:c8:ce:
04:38:a4:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvXfSzzeflFloi12rpe6dQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmRjZmY3N2JmMDYwZDVkYTEyZGU0NWUyMDcyZTFjZmY0
NTYwYTcwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDk5MjVjZDllZGQxZjAzNzk5NzljYTM2Mzk3MTcwYTBkNTMyZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT29ZTvPr8NGfqdja1Cfd/pHdn8S
oKLCC2qqDkxNdN7TEDILpVyW8EYKRTTaN4HJkb5Mne3gBG3eWA1SmMoJ4oodraE6
cwt06ycI22bjnZ0gQ/6Zp2VxibGoM18WFU/Q2/PtEyj42RfyKSmlZy9Bs2JWhsnK
Vw9mTrVIYcSAQNmQQ4O5boCDhZ6IsMRPigsD4+qK3uOoDVqQ/TpXyMfnzeFX1CLh
MCNpXwE85JSv5NcjeuQWR1RBDodMC0Z9L4Ict7z4+73/bBqhf+TMvJJQxcXek+Ap
krdjAnL8vtMX45CmgiZxf3ZMfYqOJeqxf4wTLRC6Uo1uSY8jYG7zsAksvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBSZJc2e3R8DeZeco2OXFwoNUy7CMB8GA1UdIwQY
MBaAFGW9z/d78GDV2hLeReIHLhz/RWCnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYt
ZDcwY2Q5N2Y0ODU3LzEvRkprbHpaN2RId041bDV5alk1Y1hDZzFUTHNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xOTVmM2QtYTg1MS00NTVhLTliMGYtZDcwY2Q5N2Y0ODU3
LzEvWmIzUDkzdndZTlhhRXQ1RjRnY3VIUDlGWUtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQw4AwQA
uZgiMA0EAgACMAcDBQAqAu0DMA0GCSqGSIb3DQEBCwUAA4IBAQAR5OQoHVkpccee
bvAFjIYu7RILbjT4xwK+PgORUEFraj4Gf745HdImbC4gcesvgVnV/Ppp2/L83udG
V3l1VmiXzooHQZkweOeYLN05fSoKtjqgchNU7CIASrxKdtiMV/HGoOPl38YUb4ki
9YkDylHZjx3ao/w3j/aLLhb8bjsaaNBFGLLJ/+9q9z2barkCLH13Be7JuI78nhAn
ZGZwk/N2hivbwW9fgLRGma73pau6HKf8BmQ9qE9izN+rsGowy/ihrXm0WdsYnpxQ
DUe6CQiOa7Sg9shFA0L/bfxejmKA2gWFQfcPahbLTVV/hWHnrMTw7P6gxAISoVBN
yM4EOKTF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:19 2024 by rpki-client on console-ams.rpki-client.org