Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa
File: M44JPdw_cgojyV-HVbd6oZ9tB30.roa (raw, json)
Hash identifier: q3F9OJ41Ik6P76Dz9VNHl/Kz/cfuCgs81wQKSJC0ebQ=
Subject key identifier: 33:8E:09:3D:DC:3F:72:0A:23:C9:5F:87:55:B7:7A:A1:9F:6D:07:7D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186EFF9201447DA7D3A149DE164F4A96ECD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa
Signing time: Fri 17 Mar 2023 14:28:46 +0000
ROA not before: Fri 17 Mar 2023 14:28:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 85.209.132.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Mar 2023 09:42:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:f9:20:14:47:da:7d:3a:14:9d:e1:64:f4:a9:6e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 14:28:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=338e093ddc3f720a23c95f8755b77aa19f6d077d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:88:44:68:25:c5:46:f1:2e:e3:26:6c:65:9c:
40:ea:85:ae:5f:3f:5f:6c:a7:74:75:d6:7d:42:9b:
56:b1:80:e5:74:0d:b6:6a:d9:2d:12:4e:30:0e:61:
d8:39:ab:70:e0:78:4c:2c:e5:30:f1:85:db:c8:2d:
5e:ec:bd:e5:8d:33:76:c5:33:eb:9b:7e:e5:09:a1:
ed:a5:4b:31:9c:53:ee:30:33:1c:13:45:ef:14:fe:
71:ad:4e:70:bb:ef:e4:e4:c7:27:1d:f3:38:ec:78:
6d:61:fd:61:e5:2c:19:54:48:24:82:d0:55:36:79:
7b:0c:88:61:e9:ba:a8:0c:13:3e:9f:db:77:16:f0:
6b:a5:a4:a4:13:92:98:56:a5:45:bf:d7:16:cc:bd:
b3:be:44:84:3f:b1:4d:f5:f9:f6:6d:48:73:5f:56:
5b:06:4d:ae:6e:15:a8:7c:25:97:19:c2:43:af:45:
ec:89:a8:da:28:ac:64:1f:a7:ac:f5:67:bb:d1:24:
60:05:1b:a3:33:e7:59:fb:41:ce:9e:d4:76:7d:ab:
2f:af:30:f7:45:f1:de:31:06:f6:cd:6f:e5:df:c7:
86:c4:54:ac:66:18:93:68:b1:e6:4e:d5:ea:ed:6e:
16:f6:34:3f:86:ef:83:98:5d:10:58:45:cc:79:d9:
92:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8E:09:3D:DC:3F:72:0A:23:C9:5F:87:55:B7:7A:A1:9F:6D:07:7D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/M44JPdw_cgojyV-HVbd6oZ9tB30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
176.125.255.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
00:ac:6a:fc:89:47:fa:ed:ac:d4:3d:4f:c9:ee:c5:65:99:bd:
5d:34:20:36:65:35:42:ab:85:02:1d:88:43:1d:25:11:4c:06:
95:af:01:74:19:8e:ef:b3:85:7f:46:4c:a7:f7:fc:d1:de:bd:
cd:e2:de:e4:07:22:cc:51:bd:9d:fa:66:9b:7f:ff:61:66:34:
16:2d:6e:50:00:26:be:6a:f9:ec:27:5f:ed:a1:a2:34:a3:09:
51:61:21:f7:a3:ed:a9:a2:dc:43:69:ec:5b:a1:ce:32:18:0b:
ce:01:85:ea:46:17:68:f6:75:b8:86:0e:5d:48:74:7b:a5:b0:
8c:33:1a:5e:2a:2d:b2:e9:63:1b:d5:ec:99:d3:dd:38:a1:db:
3e:a2:b8:4e:9b:b4:00:2a:f4:98:4f:30:1c:4a:51:8a:79:7d:
5f:67:fe:b9:91:13:cc:81:df:23:8b:a6:55:04:73:58:f0:77:
99:10:87:e2:98:6b:18:cb:43:88:96:75:4d:ba:68:a6:fc:43:
29:de:9f:0c:ad:81:bc:9f:c8:f4:aa:8a:ca:79:8d:a8:70:22:
83:b4:a8:66:48:21:f9:32:a4:04:ed:6e:e8:0b:61:7c:90:3a:
ed:cf:12:37:07:90:83:73:c9:a1:d3:8f:21:c8:b3:96:a0:cb:
27:1d:a7:ab
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbv+SAUR9p9OhSd4WT0qW7NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE3MTQyODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhlMDkzZGRjM2Y3MjBhMjNjOTVmODc1NWI3N2FhMTlmNmQwNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IhEaCXFRvEu4yZsZZxA6oWuXz9f
bKd0ddZ9QptWsYDldA22atktEk4wDmHYOatw4HhMLOUw8YXbyC1e7L3ljTN2xTPr
m37lCaHtpUsxnFPuMDMcE0XvFP5xrU5wu+/k5McnHfM47HhtYf1h5SwZVEgkgtBV
Nnl7DIhh6bqoDBM+n9t3FvBrpaSkE5KYVqVFv9cWzL2zvkSEP7FN9fn2bUhzX1Zb
Bk2ubhWofCWXGcJDr0XsiajaKKxkH6es9We70SRgBRujM+dZ+0HOntR2fasvrzD3
RfHeMQb2zW/l38eGxFSsZhiTaLHmTtXq7W4W9jQ/hu+DmF0QWEXMedmSIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDOOCT3cP3IKI8lfh1W3eqGfbQd9MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTTQ0SlBkd19jZ29qeVYtSFZiZDZvWjl0QjMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVdGEAwQA
sH3/AwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQAArGr8iUf67azUPU/J7sVlmb1d
NCA2ZTVCq4UCHYhDHSURTAaVrwF0GY7vs4V/Rkyn9/zR3r3N4t7kByLMUb2d+mab
f/9hZjQWLW5QACa+avnsJ1/toaI0owlRYSH3o+2potxDaexboc4yGAvOAYXqRhdo
9nW4hg5dSHR7pbCMMxpeKi2y6WMb1eyZ0904ods+orhOm7QAKvSYTzAcSlGKeX1f
Z/65kRPMgd8ji6ZVBHNY8HeZEIfimGsYy0OIlnVNumim/EMp3p8MrYG8n8j0qorK
eY2ocCKDtKhmSCH5MqQE7W7oC2F8kDrtzxI3B5CDc8mh048hyLOWoMsnHaer
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org