Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/fEGIScMD4d1nv3biodRvVnbvvPc.roa
File: fEGIScMD4d1nv3biodRvVnbvvPc.roa (raw, json)
Hash identifier: X8xH8fafZD/fOa0KLME892hl7rXoUCueonmOL8RovJw=
Subject key identifier: 7C:41:88:49:C3:03:E1:DD:67:BF:76:E2:A1:D4:6F:56:76:EF:BC:F7
Certificate issuer: /CN=b65918f25d56000f881da98de323d91a064e0087
Certificate serial: 018572558E3E33174F84AC550DACB8B2A693
Authority key identifier: B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/fEGIScMD4d1nv3biodRvVnbvvPc.roa
Signing time: Mon 02 Jan 2023 11:54:47 +0000
ROA not before: Mon 02 Jan 2023 11:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207125
IP address blocks: 185.165.117.0/24 maxlen: 24
185.165.116.0/23 maxlen: 23
185.165.116.0/24 maxlen: 24
185.165.118.0/23 maxlen: 23
185.165.118.0/24 maxlen: 24
185.165.119.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:8e:3e:33:17:4f:84:ac:55:0d:ac:b8:b2:a6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b65918f25d56000f881da98de323d91a064e0087
Validity
Not Before: Jan 2 11:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c418849c303e1dd67bf76e2a1d46f5676efbcf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:0c:e9:93:15:03:c6:d1:b7:c7:2c:c8:a4:2d:
e5:52:e0:ae:27:5e:e3:fc:1e:8f:14:30:25:de:82:
6e:4d:a2:19:b9:c2:9e:fb:97:ca:f5:96:2a:10:88:
a5:45:ca:1a:a0:43:59:0f:eb:29:d0:35:f7:80:07:
1f:5e:5b:2f:e8:9e:7f:dc:45:54:5f:b2:ab:c9:3d:
d4:d1:9b:c5:49:b1:5b:a6:8f:ec:2a:73:0d:d7:d8:
b4:25:69:43:f5:37:3c:d9:5a:a3:19:fe:6a:4d:e6:
47:5a:e6:52:df:45:0a:97:11:2a:23:17:24:52:50:
e9:5c:4e:f6:5e:ed:bc:1f:39:ef:4a:7b:38:be:61:
cb:aa:22:e2:ac:09:6b:89:23:db:c3:b5:4a:dc:5d:
5c:44:d4:6a:1d:3d:4d:5b:c4:6c:85:6f:25:e4:ec:
e5:9b:e9:e6:62:0f:19:84:6b:ff:c6:8b:f9:4d:63:
d2:4a:4c:db:a1:b0:bb:25:0a:23:91:f9:b6:ff:35:
8d:5e:ca:cd:5a:c1:c0:38:d1:69:50:9f:c7:f0:8b:
04:0a:97:3f:55:12:0a:57:6b:e0:d9:7f:89:a1:e7:
9f:f9:3b:97:8a:60:7a:20:40:dd:81:9a:5d:22:6e:
0c:79:32:d9:fe:74:22:69:b4:02:b5:63:0a:a8:48:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:41:88:49:C3:03:E1:DD:67:BF:76:E2:A1:D4:6F:56:76:EF:BC:F7
X509v3 Authority Key Identifier:
keyid:B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/fEGIScMD4d1nv3biodRvVnbvvPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.116.0/22
Signature Algorithm: sha256WithRSAEncryption
29:9e:4e:68:2f:14:c7:05:89:23:40:8a:a8:a9:85:4c:38:4d:
92:29:e9:10:ae:c3:05:75:9f:2f:66:d9:41:b7:6d:d3:a4:a7:
7a:70:bf:43:cf:fb:ac:d7:5b:99:18:97:0f:a2:2f:45:9a:11:
b3:ce:76:e2:c0:59:e9:f2:06:cf:f3:13:43:cf:7b:60:f6:0e:
b4:4f:3f:1f:22:5a:74:2c:a9:a6:85:69:38:09:1f:48:4e:26:
3f:fc:d1:4c:4d:8b:ac:e7:15:83:52:63:4b:f4:40:2f:f6:45:
ca:7a:4f:93:85:8b:ce:75:d4:ec:8f:17:f2:9f:20:85:43:f3:
87:92:2b:d5:58:4e:25:c0:f0:0d:95:ad:8c:2c:f8:ed:84:90:
69:43:2e:0c:c9:68:29:3e:1f:2c:90:6c:86:cd:71:7b:8e:d5:
0c:67:8a:25:6b:90:46:85:51:04:aa:44:7c:bd:72:27:b3:c2:
ae:db:8c:e3:71:c5:0e:a7:8b:51:a1:27:3b:b8:a7:72:d1:45:
17:21:24:29:a3:d6:3c:a6:f4:0d:b1:90:c0:f9:cc:93:8d:f2:
94:5e:87:4b:90:46:42:e3:c9:48:cd:59:fa:9e:bd:13:b6:e9:
87:bc:b7:2d:f8:9c:4a:b1:c6:f8:ff:57:fd:d4:64:8d:32:36:
86:ce:10:bf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyVY4+MxdPhKxVDay4sqaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NTkxOGYyNWQ1NjAwMGY4ODFkYTk4ZGUzMjNkOTFhMDY0
ZTAwODcwHhcNMjMwMTAyMTE1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzQxODg0OWMzMDNlMWRkNjdiZjc2ZTJhMWQ0NmY1Njc2ZWZiY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwzpkxUDxtG3xyzIpC3lUuCuJ17j
/B6PFDAl3oJuTaIZucKe+5fK9ZYqEIilRcoaoENZD+sp0DX3gAcfXlsv6J5/3EVU
X7KryT3U0ZvFSbFbpo/sKnMN19i0JWlD9Tc82VqjGf5qTeZHWuZS30UKlxEqIxck
UlDpXE72Xu28HznvSns4vmHLqiLirAlriSPbw7VK3F1cRNRqHT1NW8RshW8l5Ozl
m+nmYg8ZhGv/xov5TWPSSkzbobC7JQojkfm2/zWNXsrNWsHAONFpUJ/H8IsECpc/
VRIKV2vg2X+Joeef+TuXimB6IEDdgZpdIm4MeTLZ/nQiabQCtWMKqEgYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxBiEnDA+HdZ7924qHUb1Z277z3MB8GA1UdIwQY
MBaAFLZZGPJdVgAPiB2pjeMj2RoGTgCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEt
YTUyMGQ0MzQ2NTRhLzEvZkVHSVNjTUQ0ZDFudjNiaW9kUnZWbmJ2dlBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEtYTUyMGQ0MzQ2NTRh
LzEvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaV0MA0G
CSqGSIb3DQEBCwUAA4IBAQApnk5oLxTHBYkjQIqoqYVMOE2SKekQrsMFdZ8vZtlB
t23TpKd6cL9Dz/us11uZGJcPoi9FmhGzznbiwFnp8gbP8xNDz3tg9g60Tz8fIlp0
LKmmhWk4CR9ITiY//NFMTYus5xWDUmNL9EAv9kXKek+ThYvOddTsjxfynyCFQ/OH
kivVWE4lwPANla2MLPjthJBpQy4MyWgpPh8skGyGzXF7jtUMZ4ola5BGhVEEqkR8
vXIns8Ku24zjccUOp4tRoSc7uKdy0UUXISQpo9Y8pvQNsZDA+cyTjfKUXodLkEZC
48lIzVn6nr0TtumHvLct+JxKscb4/1f91GSNMjaGzhC/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:44 2024 by rpki-client on console-fra.rpki-client.org