Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AFsbTwyDy2zQwosIJS4mfWIEDpc.roa
File: AFsbTwyDy2zQwosIJS4mfWIEDpc.roa (raw, json)
Hash identifier: bty7oP5yIzDbiPd2TgH9ns4x2nq46gZ4HMHsGWWMDAk=
Subject key identifier: 00:5B:1B:4F:0C:83:CB:6C:D0:C2:8B:08:25:2E:26:7D:62:04:0E:97
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018837D85667604F4B9A067D22423BE5DE37
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AFsbTwyDy2zQwosIJS4mfWIEDpc.roa
Signing time: Sat 20 May 2023 06:28:24 +0000
ROA not before: Sat 20 May 2023 06:28:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 87.246.28.0/22 maxlen: 22
87.246.8.0/22 maxlen: 22
87.246.12.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:37:d8:56:67:60:4f:4b:9a:06:7d:22:42:3b:e5:de:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: May 20 06:28:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=005b1b4f0c83cb6cd0c28b08252e267d62040e97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2c:9a:47:fb:05:ef:4c:67:73:8c:52:5c:63:
68:90:60:7e:da:d6:b3:78:92:0d:18:87:b1:e9:ae:
09:6c:1e:af:6e:0b:8b:d8:86:14:79:4d:1b:aa:81:
fe:99:4c:47:33:6e:81:c4:4e:9a:81:d5:5f:a0:26:
86:74:14:44:c9:59:e9:d5:90:7e:a6:a3:18:e0:b1:
24:44:d1:a3:b0:01:89:fc:4d:2b:af:eb:e8:51:2e:
88:94:b1:fb:9d:58:77:b4:4c:50:29:78:2f:91:60:
87:c5:9a:4f:bb:39:9e:f0:53:10:96:04:cf:ac:3c:
9d:8c:e8:c4:f2:83:a5:6b:97:3e:db:66:ae:5c:7c:
51:08:01:43:7e:61:6e:3b:08:c2:23:01:67:68:a8:
89:a5:44:85:86:1e:54:0e:81:9e:4d:48:b3:16:db:
0d:5e:f9:d3:10:d0:78:6e:7d:fa:30:0b:25:2d:6f:
da:ea:5b:05:f8:05:73:f0:b0:7c:b9:d4:84:96:85:
53:f9:6d:f5:d9:ee:97:8f:02:e7:38:ce:f5:39:2d:
26:9a:ef:7c:b3:43:69:00:66:6c:1c:5e:ca:11:e6:
cb:50:13:a9:f7:3d:76:05:b8:8d:d9:a5:f2:b4:d3:
be:c2:a2:64:cc:c2:0d:02:01:bf:d4:c4:73:c8:33:
d9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5B:1B:4F:0C:83:CB:6C:D0:C2:8B:08:25:2E:26:7D:62:04:0E:97
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/AFsbTwyDy2zQwosIJS4mfWIEDpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.8.0/21
87.246.28.0/22
Signature Algorithm: sha256WithRSAEncryption
99:1a:3a:b0:44:d8:ae:2d:16:9f:54:34:01:2e:30:f7:b6:dd:
b9:13:8e:9e:c2:1a:95:7b:ee:5a:c7:53:e0:1c:d2:bd:a3:a9:
9d:53:13:fb:64:db:fb:bf:be:50:db:b3:4c:9e:cd:9c:ff:69:
f9:0e:34:b1:b5:db:52:66:89:f1:27:4c:97:6f:cd:32:02:d0:
49:4e:ec:8a:18:a7:87:9c:77:b2:6f:92:93:7b:da:61:76:8c:
9a:0e:93:91:2a:94:69:cd:fb:85:e1:46:12:1d:cb:8e:7b:de:
85:51:b8:82:58:f8:24:78:03:8d:87:4f:54:74:39:78:aa:c8:
a7:45:b8:49:bc:f6:e8:f3:f3:1c:fb:1e:b3:54:21:05:e5:e1:
1b:1f:13:6b:68:0f:c8:e5:70:e4:d0:3d:35:12:11:7e:e4:7b:
65:ab:09:7b:e8:66:b7:6a:e7:dc:b1:59:50:9c:c1:13:7f:64:
37:a1:f8:7b:9e:e0:7e:4f:93:f5:81:ef:9b:c5:39:8d:b7:71:
60:63:8a:ab:0d:0b:4b:2e:fa:2e:a5:d5:39:ee:9b:a2:29:d9:
87:aa:6f:fb:95:c6:20:d6:aa:21:53:c3:66:34:ad:db:95:6c:
31:85:4c:52:e2:29:c7:9e:d7:1c:1b:fb:26:62:c1:ac:da:0e:
69:67:b6:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYg32FZnYE9LmgZ9IkI75d43MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwNTIwMDYyODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDViMWI0ZjBjODNjYjZjZDBjMjhiMDgyNTJlMjY3ZDYyMDQwZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiyaR/sF70xnc4xSXGNokGB+2taz
eJINGIex6a4JbB6vbguL2IYUeU0bqoH+mUxHM26BxE6agdVfoCaGdBREyVnp1ZB+
pqMY4LEkRNGjsAGJ/E0rr+voUS6IlLH7nVh3tExQKXgvkWCHxZpPuzme8FMQlgTP
rDydjOjE8oOla5c+22auXHxRCAFDfmFuOwjCIwFnaKiJpUSFhh5UDoGeTUizFtsN
XvnTENB4bn36MAslLW/a6lsF+AVz8LB8udSEloVT+W312e6XjwLnOM71OS0mmu98
s0NpAGZsHF7KEebLUBOp9z12BbiN2aXytNO+wqJkzMINAgG/1MRzyDPZtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABbG08Mg8ts0MKLCCUuJn1iBA6XMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvQUZzYlR3eUR5MnpRd29zSUpTNG1mV0lFRHBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV/YIAwQC
V/YcMA0GCSqGSIb3DQEBCwUAA4IBAQCZGjqwRNiuLRafVDQBLjD3tt25E46ewhqV
e+5ax1PgHNK9o6mdUxP7ZNv7v75Q27NMns2c/2n5DjSxtdtSZonxJ0yXb80yAtBJ
TuyKGKeHnHeyb5KTe9phdoyaDpORKpRpzfuF4UYSHcuOe96FUbiCWPgkeAONh09U
dDl4qsinRbhJvPbo8/Mc+x6zVCEF5eEbHxNraA/I5XDk0D01EhF+5Htlqwl76Ga3
aufcsVlQnMETf2Q3ofh7nuB+T5P1ge+bxTmNt3FgY4qrDQtLLvoupdU57puiKdmH
qm/7lcYg1qohU8NmNK3blWwxhUxS4inHntccG/smYsGs2g5pZ7YP
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:42 2024 by rpki-client on console-fra.rpki-client.org