Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/8yI9oeOrv7TFp_3xzQcl_iThG78.roa
File: 8yI9oeOrv7TFp_3xzQcl_iThG78.roa (raw, json)
Hash identifier: RuFrqvODUynigbJ5/MV1rCXfbbiAxCzuJ/CwymfVUL8=
Subject key identifier: F3:22:3D:A1:E3:AB:BF:B4:C5:A7:FD:F1:CD:07:25:FE:24:E1:1B:BF
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0187B7B0AF4708F23A85116474AE6327C6E8
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/8yI9oeOrv7TFp_3xzQcl_iThG78.roa
Signing time: Tue 25 Apr 2023 09:13:42 +0000
ROA not before: Tue 25 Apr 2023 09:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205585
IP address blocks: 185.220.226.0/24 maxlen: 24
185.143.232.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.143.233.0/24 maxlen: 24
185.143.234.0/24 maxlen: 24
185.143.235.0/24 maxlen: 24
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/46 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:b7:b0:af:47:08:f2:3a:85:11:64:74:ae:63:27:c6:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Apr 25 09:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f3223da1e3abbfb4c5a7fdf1cd0725fe24e11bbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e5:f5:fd:72:e1:a6:f0:05:3e:80:e6:51:11:
4c:0e:a0:d4:86:bd:09:d6:1e:2e:df:64:f8:bf:3a:
9c:52:f8:82:84:d3:f7:3d:8c:7d:55:87:6d:e6:d7:
fa:dc:19:fb:11:b3:52:6a:1d:d5:9d:b6:3a:de:0b:
f8:17:ad:3b:32:5d:bc:c1:5b:96:c9:69:b6:a4:31:
98:ef:22:f7:13:2b:64:ce:c8:83:bf:2c:4f:dc:ab:
c0:ab:1d:d7:b4:61:be:7e:aa:fa:d2:b4:a4:3c:35:
59:ff:da:05:74:cf:46:9d:2a:92:40:19:fa:76:50:
49:74:48:e7:1f:1d:06:54:ab:38:63:ee:fe:ae:cd:
8a:ca:4a:a3:26:89:96:c6:ca:ee:de:52:7d:ff:8d:
af:1f:cf:2e:83:15:0a:b0:8d:88:05:c3:34:42:14:
b2:ef:1d:8f:7c:43:a5:23:8e:78:bc:f1:f5:82:2e:
36:e2:69:b8:f0:3d:cc:7a:0c:52:16:1a:94:6f:e8:
2b:22:b5:eb:40:14:93:54:8f:87:c8:64:21:d3:53:
b6:93:b0:e6:a1:2c:44:37:22:f5:67:54:34:65:3b:
aa:3a:44:a2:29:56:c6:6f:26:54:05:c7:99:45:ba:
52:cf:19:f5:42:10:4c:fd:e2:e4:92:e3:9f:8c:dc:
f5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:22:3D:A1:E3:AB:BF:B4:C5:A7:FD:F1:CD:07:25:FE:24:E1:1B:BF
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/8yI9oeOrv7TFp_3xzQcl_iThG78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.232.0/22
185.220.226.0/24
IPv6:
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
47:85:7f:ff:e8:33:92:3c:8a:d9:e2:a8:10:34:8f:64:88:9e:
06:6d:0f:3a:7f:d5:4f:f8:81:ec:5c:84:73:ad:1c:e5:c8:23:
96:2f:d0:1f:cd:9d:67:00:32:12:f8:d5:6e:1b:2c:cb:a7:52:
fa:75:e2:d8:10:8f:a9:65:b5:c0:c3:c9:9f:e5:e6:8c:7e:fe:
df:09:cb:8b:43:04:19:39:7f:b7:2a:d1:e2:81:50:9a:c5:ee:
d1:ae:10:b5:de:b3:10:7f:4d:85:28:3b:34:fa:7c:2d:d6:3a:
51:1d:37:fc:a6:8f:5b:91:85:f9:c1:bc:75:69:76:e8:1b:75:
e4:9d:4a:c2:72:66:8e:b7:77:7f:68:40:ed:4f:b6:c9:d3:ce:
b5:f0:68:19:ba:a3:c1:99:73:8b:7d:54:7a:14:6a:5b:48:df:
77:ec:b1:70:47:a5:26:96:00:76:7a:57:48:51:2f:1e:83:79:
b5:58:d2:1c:6a:07:95:98:fc:ab:e9:81:be:3f:e2:10:0d:fe:
31:7e:4f:d5:49:2e:07:2c:76:1f:44:c3:27:cf:8f:39:de:0c:
bc:92:72:08:63:c6:85:d0:ef:f2:db:6a:34:e9:73:50:b2:4e:
e7:25:83:78:5d:69:82:b8:ea:ac:2a:ac:07:79:b1:fa:47:c6:
e4:78:8f:d3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYe3sK9HCPI6hRFkdK5jJ8boMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjMwNDI1MDkxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzIyM2RhMWUzYWJiZmI0YzVhN2ZkZjFjZDA3MjVmZTI0ZTExYmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+X1/XLhpvAFPoDmURFMDqDUhr0J
1h4u32T4vzqcUviChNP3PYx9VYdt5tf63Bn7EbNSah3VnbY63gv4F607Ml28wVuW
yWm2pDGY7yL3EytkzsiDvyxP3KvAqx3XtGG+fqr60rSkPDVZ/9oFdM9GnSqSQBn6
dlBJdEjnHx0GVKs4Y+7+rs2KykqjJomWxsru3lJ9/42vH88ugxUKsI2IBcM0QhSy
7x2PfEOlI454vPH1gi424mm48D3MegxSFhqUb+grIrXrQBSTVI+HyGQh01O2k7Dm
oSxENyL1Z1Q0ZTuqOkSiKVbGbyZUBceZRbpSzxn1QhBM/eLkkuOfjNz1LwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPMiPaHjq7+0xaf98c0HJf4k4Ru/MB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvOHlJOW9lT3J2N1RGcF8zeHpRY2xfaVRoRzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuY/oAwQA
udziMA8EAgACMAkDBwIqDKfAAAAwDQYJKoZIhvcNAQELBQADggEBAEeFf//oM5I8
itniqBA0j2SIngZtDzp/1U/4gexchHOtHOXII5Yv0B/NnWcAMhL41W4bLMunUvp1
4tgQj6lltcDDyZ/l5ox+/t8Jy4tDBBk5f7cq0eKBUJrF7tGuELXesxB/TYUoOzT6
fC3WOlEdN/ymj1uRhfnBvHVpdugbdeSdSsJyZo63d39oQO1PtsnTzrXwaBm6o8GZ
c4t9VHoUaltI33fssXBHpSaWAHZ6V0hRLx6DebVY0hxqB5WY/Kvpgb4/4hAN/jF+
T9VJLgcsdh9EwyfPjzneDLyScghjxoXQ7/LbajTpc1CyTuclg3hdaYK46qwqrAd5
sfpHxuR4j9M=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:50 2024 by rpki-client on console-fra.rpki-client.org