Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/fF_FT6P0h56g6IsLjzkEM6df-MY.roa
File: fF_FT6P0h56g6IsLjzkEM6df-MY.roa (raw, json)
Hash identifier: EmsJNFilKVS9gZEbwtHHLKqBgz4QauQvX6VBCPtkDwo=
Subject key identifier: 7C:5F:C5:4F:A3:F4:87:9E:A0:E8:8B:0B:8F:39:04:33:A7:5F:F8:C6
Certificate issuer: /CN=aba81f07a493a3e643752e66bd8146f5771adf88
Certificate serial: 0185719E61A613ABB4ED4969F284D8BE0919
Authority key identifier: AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/fF_FT6P0h56g6IsLjzkEM6df-MY.roa
Signing time: Mon 02 Jan 2023 08:34:43 +0000
ROA not before: Mon 02 Jan 2023 08:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6663
IP address blocks: 185.63.4.0/22 maxlen: 24
93.114.100.0/22 maxlen: 24
85.204.32.0/22 maxlen: 24
5.154.239.0/24 maxlen: 24
89.238.192.0/18 maxlen: 24
81.24.16.0/20 maxlen: 24
93.113.104.0/22 maxlen: 24
85.204.100.0/22 maxlen: 24
2a02:2720::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:61:a6:13:ab:b4:ed:49:69:f2:84:d8:be:09:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba81f07a493a3e643752e66bd8146f5771adf88
Validity
Not Before: Jan 2 08:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c5fc54fa3f4879ea0e88b0b8f390433a75ff8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f8:5e:9a:a8:2e:8e:da:97:b7:9b:e4:21:2c:
98:97:de:fa:59:8c:b6:5e:95:bd:47:b5:c8:5b:1d:
a0:1b:6b:2c:9f:7a:25:c7:12:34:38:3c:ea:60:93:
d0:03:f9:d5:30:0f:59:f9:4c:5c:23:62:c2:2c:f4:
cc:71:e7:7b:7e:21:bb:de:ae:2c:10:c1:18:36:96:
45:6b:e8:a3:9a:4d:33:e8:7b:9c:12:0d:26:2d:68:
10:23:07:a6:78:ad:6a:3c:29:b7:c5:f3:37:4d:97:
bb:52:2e:19:8e:a8:92:62:7f:3c:af:1f:7e:77:36:
f9:8b:36:b7:8e:9c:eb:56:9f:94:ae:3b:7a:c7:07:
81:86:31:b5:a2:7e:7f:76:02:c3:e5:35:d9:e5:0b:
3b:05:ef:43:43:da:e3:92:8e:b9:e1:6e:3f:14:74:
fd:72:82:93:df:b4:be:88:e3:40:e7:a2:9a:30:ca:
38:2f:a6:58:71:4f:35:bc:9c:97:36:b1:09:3d:04:
35:2f:a9:1f:f7:04:43:bd:b8:e5:88:d8:31:f3:92:
3d:54:1d:87:ce:b9:2f:fe:94:2f:38:da:40:25:05:
67:1c:6d:5c:6b:b0:cc:5c:d9:79:d0:96:9c:1a:ca:
ba:6c:ac:50:bc:6b:0e:a8:20:c1:f0:f4:a7:3c:3e:
cd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5F:C5:4F:A3:F4:87:9E:A0:E8:8B:0B:8F:39:04:33:A7:5F:F8:C6
X509v3 Authority Key Identifier:
keyid:AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/fF_FT6P0h56g6IsLjzkEM6df-MY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.239.0/24
81.24.16.0/20
85.204.32.0/22
85.204.100.0/22
89.238.192.0/18
93.113.104.0/22
93.114.100.0/22
185.63.4.0/22
IPv6:
2a02:2720::/32
Signature Algorithm: sha256WithRSAEncryption
ca:3b:e9:ab:43:52:ab:9e:5a:c4:a0:4d:0f:9d:03:53:d8:65:
16:2f:a8:b4:cf:4c:95:1d:1b:3b:7b:33:f1:31:92:3d:f2:82:
ca:ea:24:f4:5f:1e:fb:6a:94:a4:0e:4c:ac:03:0d:c6:a7:46:
d4:c3:f4:28:92:6b:76:5b:20:e5:bf:83:db:fa:01:a0:c9:36:
19:35:77:d7:88:3e:ac:75:9e:43:56:88:b3:99:bf:a8:4a:21:
a8:a4:7c:59:36:3e:e0:bd:b7:b7:4a:ae:df:dd:2f:24:93:b9:
a7:33:7b:6d:f2:f3:68:16:54:3a:0c:f7:5b:8e:92:dd:85:b6:
5d:56:31:71:fa:54:dc:53:b6:da:e0:3f:0a:55:19:b1:07:89:
fb:96:43:43:56:d7:6c:20:ff:e9:b0:5b:2a:2d:68:58:3b:c2:
62:68:35:0a:a7:c4:f5:6c:f4:75:db:ea:7a:18:3a:42:9c:d2:
8b:d2:b1:a1:ab:cb:a2:5a:91:30:91:0b:99:a3:8b:63:0e:3f:
56:96:96:e7:99:8f:07:98:67:83:e2:64:cb:02:d2:c8:35:54:
3f:9f:df:64:b4:eb:20:9f:27:7b:5f:1a:e5:23:52:16:e1:2a:
30:4b:b9:79:ca:59:d3:df:96:f7:56:40:cf:5b:f9:19:d1:99:
4b:61:de:37
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVxnmGmE6u07Ulp8oTYvgkZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYTgxZjA3YTQ5M2EzZTY0Mzc1MmU2NmJkODE0NmY1Nzcx
YWRmODgwHhcNMjMwMTAyMDgzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzVmYzU0ZmEzZjQ4NzllYTBlODhiMGI4ZjM5MDQzM2E3NWZmOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvhemqgujtqXt5vkISyYl976WYy2
XpW9R7XIWx2gG2ssn3olxxI0ODzqYJPQA/nVMA9Z+UxcI2LCLPTMced7fiG73q4s
EMEYNpZFa+ijmk0z6HucEg0mLWgQIwemeK1qPCm3xfM3TZe7Ui4ZjqiSYn88rx9+
dzb5iza3jpzrVp+Urjt6xweBhjG1on5/dgLD5TXZ5Qs7Be9DQ9rjko654W4/FHT9
coKT37S+iONA56KaMMo4L6ZYcU81vJyXNrEJPQQ1L6kf9wRDvbjliNgx85I9VB2H
zrkv/pQvONpAJQVnHG1ca7DMXNl50JacGsq6bKxQvGsOqCDB8PSnPD7N7wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFHxfxU+j9IeeoOiLC485BDOnX/jGMB8GA1UdIwQY
MBaAFKuoHwekk6PmQ3UuZr2BRvV3Gt+IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTZnZkI2U1RvLVpEZFM1bXZZRkc5WGNhMzRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84NGUyY2UtMWVhYy00ZTEyLWFjNTgt
NTFjM2NjY2U3MmRmLzEvZkZfRlQ2UDBoNTZnNklzTGp6a0VNNmRmLU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84NGUyY2UtMWVhYy00ZTEyLWFjNTgtNTFjM2NjY2U3MmRm
LzEvcTZnZkI2U1RvLVpEZFM1bXZZRkc5WGNhMzRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQABZrvAwQE
URgQAwQCVcwgAwQCVcxkAwQGWe7AAwQCXXFoAwQCXXJkAwQCuT8EMA0EAgACMAcD
BQAqAicgMA0GCSqGSIb3DQEBCwUAA4IBAQDKO+mrQ1KrnlrEoE0PnQNT2GUWL6i0
z0yVHRs7ezPxMZI98oLK6iT0Xx77apSkDkysAw3Gp0bUw/Qokmt2WyDlv4Pb+gGg
yTYZNXfXiD6sdZ5DVoizmb+oSiGopHxZNj7gvbe3Sq7f3S8kk7mnM3tt8vNoFlQ6
DPdbjpLdhbZdVjFx+lTcU7ba4D8KVRmxB4n7lkNDVtdsIP/psFsqLWhYO8JiaDUK
p8T1bPR12+p6GDpCnNKL0rGhq8uiWpEwkQuZo4tjDj9WlpbnmY8HmGeD4mTLAtLI
NVQ/n99ktOsgnyd7XxrlI1IW4SowS7l5ylnT35b3VkDPW/kZ0ZlLYd43
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:32 2024 by rpki-client on console-fra.rpki-client.org