Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/6dcedb-ca0b-483a-a664-66a5ecc84616/1/mdccD0H5qkAuEoMPt6urxVKPjG4.roa
File: mdccD0H5qkAuEoMPt6urxVKPjG4.roa (raw, json)
Hash identifier: uBaBxcvIh2kvGHIwkUKNtU1iOkKsDVGplg1FujZdH48=
Subject key identifier: 99:D7:1C:0F:41:F9:AA:40:2E:12:83:0F:B7:AB:AB:C5:52:8F:8C:6E
Certificate issuer: /CN=c8289535e7e4d23e63e178e3fb5bf056fe8ae277
Certificate serial: 01856F300EB658551761DE95F9CF2271DB4A
Authority key identifier: C8:28:95:35:E7:E4:D2:3E:63:E1:78:E3:FB:5B:F0:56:FE:8A:E2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yCiVNefk0j5j4Xjj-1vwVv6K4nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/6dcedb-ca0b-483a-a664-66a5ecc84616/1/mdccD0H5qkAuEoMPt6urxVKPjG4.roa
Signing time: Sun 01 Jan 2023 21:14:58 +0000
ROA not before: Sun 01 Jan 2023 21:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202675
IP address blocks: 185.221.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:30:0e:b6:58:55:17:61:de:95:f9:cf:22:71:db:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8289535e7e4d23e63e178e3fb5bf056fe8ae277
Validity
Not Before: Jan 1 21:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99d71c0f41f9aa402e12830fb7ababc5528f8c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:66:04:81:23:f8:a6:9e:1f:68:7b:69:ca:9d:
8f:37:90:92:7f:ad:8d:f5:53:3c:e5:de:01:31:15:
b8:a6:09:4b:fc:2b:87:7b:d4:38:f9:25:21:8e:2a:
6e:62:df:90:3e:23:8b:2c:8a:94:18:28:da:35:63:
e2:7d:11:ab:3b:78:ff:47:cc:c8:1d:d9:86:69:4b:
e9:ae:66:01:4f:72:48:4d:c9:d8:82:0c:fc:90:d2:
ec:42:f0:4e:3e:73:06:5a:43:3a:4c:e3:66:ad:90:
82:cc:e7:71:aa:0e:a1:b5:d9:a3:4f:0f:4f:4b:33:
b1:7a:a0:fb:11:47:6f:66:fe:f9:b2:52:f3:37:33:
e6:ea:fa:64:13:29:ad:27:f0:0e:bc:d3:4c:28:71:
a3:b8:e1:9c:a1:ea:0a:45:a0:98:c8:d1:16:35:58:
e5:b9:90:72:12:ce:d1:b0:49:79:39:db:87:1f:c4:
f4:18:68:7b:65:e0:06:a4:78:f2:ee:cc:00:22:31:
9e:7e:ad:89:40:a6:29:67:f0:ec:52:d5:c4:76:ef:
82:2a:f5:87:01:ab:a7:6d:33:a4:ae:d5:12:bc:0a:
4c:f1:01:ea:6d:0e:85:4b:c8:bc:3a:b0:4c:b2:69:
d3:80:a6:e1:3f:91:70:b8:c5:6b:40:d1:ed:1d:db:
ca:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D7:1C:0F:41:F9:AA:40:2E:12:83:0F:B7:AB:AB:C5:52:8F:8C:6E
X509v3 Authority Key Identifier:
keyid:C8:28:95:35:E7:E4:D2:3E:63:E1:78:E3:FB:5B:F0:56:FE:8A:E2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yCiVNefk0j5j4Xjj-1vwVv6K4nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/6dcedb-ca0b-483a-a664-66a5ecc84616/1/mdccD0H5qkAuEoMPt6urxVKPjG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/6dcedb-ca0b-483a-a664-66a5ecc84616/1/yCiVNefk0j5j4Xjj-1vwVv6K4nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.172.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:5b:8f:b4:fc:b8:78:e3:3f:43:22:52:62:12:d9:28:c8:63:
a6:44:5c:9c:34:55:8e:6c:30:47:ef:be:de:7e:86:65:e5:20:
71:41:5c:2f:97:e0:9d:7a:94:5c:ba:cc:52:b3:80:74:4f:f2:
5b:0e:4a:af:90:e5:73:bf:27:da:58:bc:aa:03:68:bc:ef:64:
26:68:d9:80:fb:08:8f:5a:23:c2:a6:be:f2:bc:43:09:33:57:
cc:5a:43:3a:76:6c:0e:93:6b:91:7c:1f:e3:b9:66:78:cf:10:
22:e5:bf:47:62:30:08:82:22:75:98:58:74:96:a7:77:28:7b:
66:02:e1:6d:47:61:91:6c:f6:28:4b:b1:a0:f0:3f:de:d7:c8:
ad:e2:ab:35:b6:fa:6d:cd:6a:d1:46:15:ae:aa:b8:24:2c:5a:
e7:b7:d0:58:0b:e6:ac:ec:fa:30:89:fe:9d:c4:10:31:aa:1a:
b4:41:26:ad:7c:43:cb:82:25:c9:96:d6:35:83:5f:3a:a5:2a:
00:c1:4d:0c:a5:cc:cc:bd:bf:d8:7f:1e:3e:94:b4:c2:ca:a2:
67:83:2b:8b:29:f4:6f:cf:f8:6c:0d:6d:dd:4f:6d:53:cc:65:
65:87:e0:5e:2b:c0:4d:37:e1:23:1c:2d:0b:b1:b1:45:ef:2e:
51:a6:30:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvMA62WFUXYd6V+c8icdtKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4Mjg5NTM1ZTdlNGQyM2U2M2UxNzhlM2ZiNWJmMDU2ZmU4
YWUyNzcwHhcNMjMwMTAxMjExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ3MWMwZjQxZjlhYTQwMmUxMjgzMGZiN2FiYWJjNTUyOGY4YzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWYEgSP4pp4faHtpyp2PN5CSf62N
9VM85d4BMRW4pglL/CuHe9Q4+SUhjipuYt+QPiOLLIqUGCjaNWPifRGrO3j/R8zI
HdmGaUvprmYBT3JITcnYggz8kNLsQvBOPnMGWkM6TONmrZCCzOdxqg6htdmjTw9P
SzOxeqD7EUdvZv75slLzNzPm6vpkEymtJ/AOvNNMKHGjuOGcoeoKRaCYyNEWNVjl
uZByEs7RsEl5OduHH8T0GGh7ZeAGpHjy7swAIjGefq2JQKYpZ/DsUtXEdu+CKvWH
AaunbTOkrtUSvApM8QHqbQ6FS8i8OrBMsmnTgKbhP5FwuMVrQNHtHdvKawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnXHA9B+apALhKDD7erq8VSj4xuMB8GA1UdIwQY
MBaAFMgolTXn5NI+Y+F44/tb8Fb+iuJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUNpVk5lZmswajVqNFhqai0xdndWdjZLNG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82ZGNlZGItY2EwYi00ODNhLWE2NjQt
NjZhNWVjYzg0NjE2LzEvbWRjY0QwSDVxa0F1RW9NUHQ2dXJ4VktQakc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82ZGNlZGItY2EwYi00ODNhLWE2NjQtNjZhNWVjYzg0NjE2
LzEveUNpVk5lZmswajVqNFhqai0xdndWdjZLNG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud2sMA0G
CSqGSIb3DQEBCwUAA4IBAQCLW4+0/Lh44z9DIlJiEtkoyGOmRFycNFWObDBH777e
foZl5SBxQVwvl+CdepRcusxSs4B0T/JbDkqvkOVzvyfaWLyqA2i872QmaNmA+wiP
WiPCpr7yvEMJM1fMWkM6dmwOk2uRfB/juWZ4zxAi5b9HYjAIgiJ1mFh0lqd3KHtm
AuFtR2GRbPYoS7Gg8D/e18it4qs1tvptzWrRRhWuqrgkLFrnt9BYC+as7Powif6d
xBAxqhq0QSatfEPLgiXJltY1g186pSoAwU0MpczMvb/Yfx4+lLTCyqJngyuLKfRv
z/hsDW3dT21TzGVlh+BeK8BNN+EjHC0LsbFF7y5RpjCu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:08 2024 by rpki-client on console-fra.rpki-client.org