Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/1-_x4LvT85e-S4zv_oXdbdRfWC7E.roa
File: 1-_x4LvT85e-S4zv_oXdbdRfWC7E.roa (raw, json)
Hash identifier: vs6YhCJpV0X6PrHlK74gj8ta567HoT/Zi3CWJWLcy7I=
Subject key identifier: FB:FC:78:2E:F4:FC:E5:EF:92:E3:3B:FF:A1:77:5B:75:17:D6:0B:B1
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 018B008517B978FBA7230F0A190CD7F38AAF
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/1-_x4LvT85e-S4zv_oXdbdRfWC7E.roa
Signing time: Thu 05 Oct 2023 15:46:44 +0000
ROA not before: Thu 05 Oct 2023 15:46:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50272
IP address blocks: 185.41.64.0/22 maxlen: 24
62.24.32.0/19 maxlen: 19
62.24.32.0/20 maxlen: 20
62.24.48.0/20 maxlen: 20
185.155.140.0/22 maxlen: 24
185.155.140.0/24 maxlen: 24
185.155.143.0/24 maxlen: 24
185.155.142.0/24 maxlen: 24
185.155.141.0/24 maxlen: 24
2a03:1400::/32 maxlen: 32
2a07:33c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:00:85:17:b9:78:fb:a7:23:0f:0a:19:0c:d7:f3:8a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Oct 5 15:46:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbfc782ef4fce5ef92e33bffa1775b7517d60bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9a:07:5d:28:75:e5:13:63:3d:f1:d2:dd:79:
e8:26:dc:2c:73:7e:6c:0c:52:d8:df:a8:ca:49:f5:
08:9a:33:5a:dd:c2:63:bf:18:9d:97:c9:0d:39:40:
be:2f:a1:9e:85:77:7a:59:fb:ff:84:bf:c4:1e:be:
c0:f6:de:39:6e:c6:08:02:2b:a5:da:f1:34:d7:85:
4a:a9:03:c3:6f:68:fe:7f:07:96:a0:9a:d8:6d:b5:
ee:4f:fc:34:00:fc:93:7c:75:84:10:c4:89:ba:9a:
24:14:af:9a:c9:37:6c:8b:b0:fe:2a:9b:39:30:8b:
fb:a2:87:3f:ca:82:ae:ec:a3:82:aa:c1:91:e2:25:
70:36:17:7e:d1:4f:c8:8b:93:42:73:51:cf:2f:5d:
4f:ae:34:6f:e1:ef:cb:8e:50:00:ea:51:84:9c:03:
56:46:e5:b8:77:ef:97:85:14:23:8f:7a:3f:4b:4f:
11:c6:09:62:f5:56:13:29:15:4a:7a:de:a1:49:8d:
49:52:0b:1c:6b:c4:50:57:58:81:30:fc:a9:cb:8f:
3f:6a:e9:a0:59:1b:13:d0:f8:24:56:80:25:61:8e:
27:45:88:d6:1f:8f:4a:d4:40:33:b1:62:9f:42:cb:
82:a8:48:ea:a4:46:97:62:d8:54:25:05:44:95:22:
23:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FC:78:2E:F4:FC:E5:EF:92:E3:3B:FF:A1:77:5B:75:17:D6:0B:B1
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/1-_x4LvT85e-S4zv_oXdbdRfWC7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.32.0/19
185.41.64.0/22
185.155.140.0/22
IPv6:
2a03:1400::/32
2a07:33c0::/29
Signature Algorithm: sha256WithRSAEncryption
96:9b:4e:ca:d5:e9:c4:40:51:39:05:77:89:a0:74:6d:9c:93:
e0:52:f2:88:de:5f:6a:23:98:bd:9e:ca:97:74:4d:97:c6:e6:
63:05:a2:0b:b6:42:5b:f0:fe:7b:aa:bb:2e:34:3c:21:b3:c8:
3f:05:13:bb:e0:4f:5a:7b:f0:ef:29:e5:41:d9:ff:91:13:b0:
e3:b5:74:3e:40:5a:ac:c1:bc:9c:53:81:2b:9d:d5:90:a0:43:
8b:ca:be:e9:44:fd:7c:a6:c4:cf:c2:b9:36:e3:51:af:4a:64:
c7:2a:1e:83:f9:0f:73:a8:4b:67:76:1c:65:a7:9e:5b:83:d9:
ab:c8:40:41:6a:d9:8e:19:47:4d:48:4c:ff:0e:dc:5a:05:42:
a1:04:33:10:9b:86:33:71:6b:96:16:3a:1a:30:fb:aa:06:af:
ae:bc:fa:a7:29:d6:40:1d:d4:c5:2f:f5:d3:09:0a:9b:96:5b:
08:70:08:86:58:57:a4:85:ab:ab:a0:b1:97:62:d1:a6:0d:1e:
9e:56:88:82:49:d4:d4:2b:8d:9c:27:d2:42:c0:c3:04:ec:b3:
be:8d:d8:29:1b:00:42:9e:ec:b9:b9:c5:f6:b1:7d:c2:a2:88:
76:8d:8b:31:71:c0:fc:53:bd:26:d0:8e:68:d3:af:5a:e3:27:
d8:d0:bd:01
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYsAhRe5ePunIw8KGQzX84qvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjMxMDA1MTU0NjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZjNzgyZWY0ZmNlNWVmOTJlMzNiZmZhMTc3NWI3NTE3ZDYwYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZoHXSh15RNjPfHS3XnoJtwsc35s
DFLY36jKSfUImjNa3cJjvxidl8kNOUC+L6GehXd6Wfv/hL/EHr7A9t45bsYIAiul
2vE014VKqQPDb2j+fweWoJrYbbXuT/w0APyTfHWEEMSJupokFK+ayTdsi7D+Kps5
MIv7ooc/yoKu7KOCqsGR4iVwNhd+0U/Ii5NCc1HPL11PrjRv4e/LjlAA6lGEnANW
RuW4d++XhRQjj3o/S08Rxgli9VYTKRVKet6hSY1JUgsca8RQV1iBMPypy48/aumg
WRsT0PgkVoAlYY4nRYjWH49K1EAzsWKfQsuCqEjqpEaXYthUJQVElSIjewIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPv8eC70/OXvkuM7/6F3W3UX1guxMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvMS1feDRMdlQ4NWUtUzR6dl9vWGRiZFJmV0M3RS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvOTcxZTczLWZhODMtNDU3OS04NTMyLTU4ZjBmMzI1YzJi
OC8xL19LbUxIUTdNekU5djhhZm4yNFMwdXk5VnNJMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBBBggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEBT4YIAME
ArkpQAMEArmbjDAUBAIAAjAOAwUAKgMUAAMFAyoHM8AwDQYJKoZIhvcNAQELBQAD
ggEBAJabTsrV6cRAUTkFd4mgdG2ck+BS8ojeX2ojmL2eypd0TZfG5mMFogu2Qlvw
/nuquy40PCGzyD8FE7vgT1p78O8p5UHZ/5ETsOO1dD5AWqzBvJxTgSud1ZCgQ4vK
vulE/XymxM/CuTbjUa9KZMcqHoP5D3OoS2d2HGWnnluD2avIQEFq2Y4ZR01ITP8O
3FoFQqEEMxCbhjNxa5YWOhow+6oGr668+qcp1kAd1MUv9dMJCpuWWwhwCIZYV6SF
q6ugsZdi0aYNHp5WiIJJ1NQrjZwn0kLAwwTss76N2CkbAEKe7Lm5xfaxfcKiiHaN
izFxwPxTvSbQjmjTr1rjJ9jQvQE=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net