Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/7b997b-bea6-4891-95d1-94c6f744de46/1/exy_FoQCRncUPVEKmcn5vdpIpLs.roa
File: exy_FoQCRncUPVEKmcn5vdpIpLs.roa (raw, json)
Hash identifier: VEcgDcG6d5YorPRDD948OG6dTvtxnyHWfX36jqFdyNg=
Subject key identifier: 7B:1C:BF:16:84:02:46:77:14:3D:51:0A:99:C9:F9:BD:DA:48:A4:BB
Certificate issuer: /CN=f4897fdbdc7d2508dfcd14cff600ad43b927924b
Certificate serial: 01856B37C3513AE88B7FB9E8A16E789D3A14
Authority key identifier: F4:89:7F:DB:DC:7D:25:08:DF:CD:14:CF:F6:00:AD:43:B9:27:92:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Il_29x9JQjfzRTP9gCtQ7knkks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/7b997b-bea6-4891-95d1-94c6f744de46/1/exy_FoQCRncUPVEKmcn5vdpIpLs.roa
Signing time: Sun 01 Jan 2023 02:44:54 +0000
ROA not before: Sun 01 Jan 2023 02:44:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201841
IP address blocks: 185.63.157.0/24 maxlen: 24
185.63.158.0/23 maxlen: 23
185.63.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:37:c3:51:3a:e8:8b:7f:b9:e8:a1:6e:78:9d:3a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4897fdbdc7d2508dfcd14cff600ad43b927924b
Validity
Not Before: Jan 1 02:44:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7b1cbf1684024677143d510a99c9f9bdda48a4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d5:5c:dd:e5:80:bd:a2:13:30:15:6a:4a:a0:
b2:e0:0b:e2:84:d4:84:07:bd:10:76:58:b1:d3:bd:
64:de:96:b6:6c:0c:39:ab:c9:cd:73:9d:da:14:7b:
19:02:0d:2b:66:80:93:c5:8e:a5:df:7a:c3:8a:e3:
92:ff:26:ec:3c:5d:d8:20:93:7f:8f:50:de:db:05:
79:d8:18:c6:dc:7f:7e:77:65:5b:30:33:39:b6:fe:
9e:80:55:d5:e2:0a:49:a7:1a:ac:ec:40:3b:81:aa:
7e:7e:d2:7d:f6:20:e3:ea:79:f6:c3:50:8d:da:86:
55:4f:51:3d:72:67:79:cd:ae:da:03:44:0b:4f:76:
3e:57:d0:f8:80:8b:9c:f6:6b:96:a1:9b:26:43:92:
1b:95:cb:51:66:87:ec:45:bd:3f:70:ef:83:50:76:
55:95:98:5b:5f:16:c6:09:ad:a4:45:be:d4:44:d8:
37:42:93:53:28:cc:28:06:a6:04:17:d2:c8:87:c0:
8f:8a:47:5a:76:5c:4d:12:b4:25:20:84:84:79:ce:
98:fa:ea:fd:32:a2:05:70:76:af:f1:16:89:c8:da:
ea:94:1b:fd:92:c7:f1:8c:dc:ed:28:30:7c:e2:3c:
84:ac:98:d8:30:e1:d5:44:9a:27:cb:0e:aa:a7:c5:
b6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:1C:BF:16:84:02:46:77:14:3D:51:0A:99:C9:F9:BD:DA:48:A4:BB
X509v3 Authority Key Identifier:
keyid:F4:89:7F:DB:DC:7D:25:08:DF:CD:14:CF:F6:00:AD:43:B9:27:92:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Il_29x9JQjfzRTP9gCtQ7knkks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7b997b-bea6-4891-95d1-94c6f744de46/1/exy_FoQCRncUPVEKmcn5vdpIpLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/7b997b-bea6-4891-95d1-94c6f744de46/1/9Il_29x9JQjfzRTP9gCtQ7knkks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.156.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:d1:84:6a:96:36:49:47:1f:e7:78:25:41:a9:08:9d:f0:7b:
9b:77:c4:d7:3b:24:20:6f:9e:e0:ce:5e:b3:6e:86:86:45:39:
ac:6f:fc:a2:02:e6:10:73:2b:20:06:80:11:58:cb:ec:7c:00:
74:88:df:5b:43:bf:51:a0:cd:ff:aa:3a:4e:3f:c1:7a:f5:61:
44:e0:73:c5:c8:bc:82:36:e1:b8:48:76:23:f0:d6:83:5c:35:
ce:0d:7e:2a:ee:5c:6d:06:7d:97:19:90:47:db:3d:66:81:9c:
7c:80:2d:f4:75:6c:1f:93:6e:a3:2b:1f:09:26:13:08:72:57:
a7:01:f9:4b:9f:c1:d7:04:6c:b5:f1:ad:f3:9b:0e:82:b4:d1:
95:38:d5:38:24:48:86:26:62:c2:cc:ba:04:48:6c:bc:db:ee:
48:b6:a0:2e:87:5f:3a:dc:80:1f:a4:d3:df:00:27:94:64:da:
84:73:4d:6d:41:ab:e1:a4:d9:78:70:96:06:7e:69:84:05:35:
91:77:25:e5:13:a4:8f:8c:6a:b3:74:b5:02:6c:15:bf:25:21:
73:df:42:d7:98:15:ee:ce:38:dc:65:07:e5:a8:82:57:dd:f6:
f1:4b:dd:35:3e:8d:ee:fd:a3:dc:f6:bb:b2:d6:05:c1:6b:21:
f5:cd:c5:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrN8NROuiLf7nooW54nToUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0ODk3ZmRiZGM3ZDI1MDhkZmNkMTRjZmY2MDBhZDQzYjky
NzkyNGIwHhcNMjMwMTAxMDI0NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjFjYmYxNjg0MDI0Njc3MTQzZDUxMGE5OWM5ZjliZGRhNDhhNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtVc3eWAvaITMBVqSqCy4AvihNSE
B70Qdlix071k3pa2bAw5q8nNc53aFHsZAg0rZoCTxY6l33rDiuOS/ybsPF3YIJN/
j1De2wV52BjG3H9+d2VbMDM5tv6egFXV4gpJpxqs7EA7gap+ftJ99iDj6nn2w1CN
2oZVT1E9cmd5za7aA0QLT3Y+V9D4gIuc9muWoZsmQ5IblctRZofsRb0/cO+DUHZV
lZhbXxbGCa2kRb7URNg3QpNTKMwoBqYEF9LIh8CPikdadlxNErQlIISEec6Y+ur9
MqIFcHav8RaJyNrqlBv9ksfxjNztKDB84jyErJjYMOHVRJonyw6qp8W2CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHscvxaEAkZ3FD1RCpnJ+b3aSKS7MB8GA1UdIwQY
MBaAFPSJf9vcfSUI380Uz/YArUO5J5JLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUlsXzI5eDlKUWpmelJUUDlnQ3RRN2tua2tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83Yjk5N2ItYmVhNi00ODkxLTk1ZDEt
OTRjNmY3NDRkZTQ2LzEvZXh5X0ZvUUNSbmNVUFZFS21jbjV2ZHBJcExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83Yjk5N2ItYmVhNi00ODkxLTk1ZDEtOTRjNmY3NDRkZTQ2
LzEvOUlsXzI5eDlKUWpmelJUUDlnQ3RRN2tua2tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuT+cMA0G
CSqGSIb3DQEBCwUAA4IBAQAs0YRqljZJRx/neCVBqQid8Hubd8TXOyQgb57gzl6z
boaGRTmsb/yiAuYQcysgBoARWMvsfAB0iN9bQ79RoM3/qjpOP8F69WFE4HPFyLyC
NuG4SHYj8NaDXDXODX4q7lxtBn2XGZBH2z1mgZx8gC30dWwfk26jKx8JJhMIclen
AflLn8HXBGy18a3zmw6CtNGVONU4JEiGJmLCzLoESGy82+5ItqAuh1863IAfpNPf
ACeUZNqEc01tQavhpNl4cJYGfmmEBTWRdyXlE6SPjGqzdLUCbBW/JSFz30LXmBXu
zjjcZQflqIJX3fbxS901Po3u/aPc9ruy1gXBayH1zcVS
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:55 2024 by rpki-client on console-fra.rpki-client.org