Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/MsZ7vQqTKGDfEUpPVJhWpQhq8Fg.roa
File: MsZ7vQqTKGDfEUpPVJhWpQhq8Fg.roa (raw, json)
Hash identifier: lScuLMpSjsRwiXvIjmLzH2U7COruvj7Uag1zpEaOryI=
Subject key identifier: 32:C6:7B:BD:0A:93:28:60:DF:11:4A:4F:54:98:56:A5:08:6A:F0:58
Certificate issuer: /CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Certificate serial: 01857169AC954F15E1B3190E722548E96221
Authority key identifier: 2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/MsZ7vQqTKGDfEUpPVJhWpQhq8Fg.roa
Signing time: Mon 02 Jan 2023 07:37:08 +0000
ROA not before: Mon 02 Jan 2023 07:37:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34762
IP address blocks: 185.190.86.0/23 maxlen: 24
2a0a:640::/32 maxlen: 64
Validation: Failed, certificate revoked on Fri 13 Jan 2023 10:40:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:ac:95:4f:15:e1:b3:19:0e:72:25:48:e9:62:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7c4264dacdfacb3b7a3aeeed565975aa52434c
Validity
Not Before: Jan 2 07:37:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32c67bbd0a932860df114a4f549856a5086af058
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:03:05:f3:b1:c0:a8:92:c8:47:57:3b:94:02:
7f:ad:a0:4f:cf:f7:58:77:06:bd:2a:f9:3e:31:1f:
9c:73:3c:ed:51:43:ea:71:25:f9:7f:26:9e:aa:48:
bf:8a:6f:50:3f:be:41:9c:2d:b6:2d:59:da:5e:4c:
00:7a:31:dc:58:99:36:df:1d:dd:ac:9e:f3:6e:fd:
b6:47:9b:85:f6:53:6e:d8:1a:31:47:f3:fd:25:28:
33:5b:90:1b:31:1a:71:86:47:d0:01:23:3f:7d:fd:
d2:de:af:b9:9d:c8:13:be:b0:cb:4c:cb:77:1d:eb:
af:53:6f:5b:4f:8e:81:d4:33:0f:b0:18:7d:dd:0f:
2b:46:3f:3d:5e:da:d7:15:5a:e4:15:6d:e8:66:40:
56:43:26:c5:77:cc:5f:9b:25:73:ad:8f:ab:a0:15:
50:6d:13:d9:f3:25:a8:f0:bc:6d:a1:83:c0:4a:28:
19:2d:41:18:18:b8:2c:7a:43:23:a0:0d:d4:48:26:
64:4a:5b:a4:b7:6e:66:2f:e4:0e:85:80:d1:01:11:
6f:31:08:4d:e8:59:ac:86:b2:74:1d:49:96:49:03:
c2:39:a4:d0:64:e2:72:ad:6a:dd:84:e1:5d:7f:c8:
5c:ad:3f:02:1d:3f:47:f7:fa:dd:f5:05:4e:16:b2:
c4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C6:7B:BD:0A:93:28:60:DF:11:4A:4F:54:98:56:A5:08:6A:F0:58
X509v3 Authority Key Identifier:
keyid:2B:7C:42:64:DA:CD:FA:CB:3B:7A:3A:EE:ED:56:59:75:AA:52:43:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3xCZNrN-ss7ejru7VZZdapSQ0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/MsZ7vQqTKGDfEUpPVJhWpQhq8Fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bbed40-6281-48bf-9e9d-31d5ac3ac9b5/1/K3xCZNrN-ss7ejru7VZZdapSQ0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.86.0/23
IPv6:
2a0a:640::/32
Signature Algorithm: sha256WithRSAEncryption
d0:ab:f2:44:ea:d7:47:50:c4:e0:56:be:ea:34:66:d0:0f:66:
86:d1:d7:ba:05:c5:59:e0:6d:b4:e9:80:50:24:70:46:89:f4:
c1:10:a3:9e:2b:e4:65:df:6a:7a:66:93:21:cf:87:f7:10:0c:
05:61:1b:68:a8:92:95:a5:4a:73:e4:32:2c:70:b4:d8:d4:a7:
c0:49:93:1b:a3:3b:a2:91:4a:50:14:55:ef:e1:a6:37:ca:af:
04:a9:da:ce:34:cd:f2:1e:3d:c0:3a:04:0c:6b:53:f8:06:c8:
00:0c:06:56:19:8b:3e:6c:8b:79:7c:02:c4:2f:f5:aa:c3:3a:
e1:74:ab:c6:94:48:19:cf:a1:35:4a:30:b8:85:4b:06:28:6b:
a0:b3:95:40:9a:97:5a:bd:e6:2c:83:d9:70:8d:6d:09:91:7f:
34:c2:55:0b:9d:70:0a:4c:a3:30:e5:3d:b5:62:b0:e7:9e:8b:
33:e0:a9:79:34:04:27:98:c6:7f:ac:0b:30:79:db:aa:f4:06:
b7:2d:5b:c6:1e:67:bf:52:02:7e:8c:7e:11:82:4b:1c:69:26:
6a:78:6a:93:9e:d5:dc:05:c5:af:b6:84:59:f9:1a:30:a8:f5:
44:1f:29:1a:cb:51:23:00:24:6e:96:b3:1a:6f:1d:3f:33:a9:
8d:8b:bf:f6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaayVTxXhsxkOciVI6WIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2M0MjY0ZGFjZGZhY2IzYjdhM2FlZWVkNTY1OTc1YWE1
MjQzNGMwHhcNMjMwMTAyMDczNzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmM2N2JiZDBhOTMyODYwZGYxMTRhNGY1NDk4NTZhNTA4NmFmMDU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwMF87HAqJLIR1c7lAJ/raBPz/dY
dwa9Kvk+MR+cczztUUPqcSX5fyaeqki/im9QP75BnC22LVnaXkwAejHcWJk23x3d
rJ7zbv22R5uF9lNu2BoxR/P9JSgzW5AbMRpxhkfQASM/ff3S3q+5ncgTvrDLTMt3
HeuvU29bT46B1DMPsBh93Q8rRj89XtrXFVrkFW3oZkBWQybFd8xfmyVzrY+roBVQ
bRPZ8yWo8LxtoYPASigZLUEYGLgsekMjoA3USCZkSlukt25mL+QOhYDRARFvMQhN
6FmshrJ0HUmWSQPCOaTQZOJyrWrdhOFdf8hcrT8CHT9H9/rd9QVOFrLEawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDLGe70Kkyhg3xFKT1SYVqUIavBYMB8GA1UdIwQY
MBaAFCt8QmTazfrLO3o67u1WWXWqUkNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQt
MzFkNWFjM2FjOWI1LzEvTXNaN3ZRcVRLR0RmRVVwUFZKaFdwUWhxOEZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYmVkNDAtNjI4MS00OGJmLTllOWQtMzFkNWFjM2FjOWI1
LzEvSzN4Q1pOck4tc3M3ZWpydTdWWlpkYXBTUTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBub5WMA0E
AgACMAcDBQAqCgZAMA0GCSqGSIb3DQEBCwUAA4IBAQDQq/JE6tdHUMTgVr7qNGbQ
D2aG0de6BcVZ4G206YBQJHBGifTBEKOeK+Rl32p6ZpMhz4f3EAwFYRtoqJKVpUpz
5DIscLTY1KfASZMbozuikUpQFFXv4aY3yq8EqdrONM3yHj3AOgQMa1P4BsgADAZW
GYs+bIt5fALEL/WqwzrhdKvGlEgZz6E1SjC4hUsGKGugs5VAmpdaveYsg9lwjW0J
kX80wlULnXAKTKMw5T21YrDnnosz4Kl5NAQnmMZ/rAsweduq9Aa3LVvGHme/UgJ+
jH4RgkscaSZqeGqTntXcBcWvtoRZ+RowqPVEHykay1EjACRulrMabx0/M6mNi7/2
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:08 2024 by rpki-client on console-ams.rpki-client.org