Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/ml2AD-LBUXSINbPraRkNqw4xi5k.roa
File: ml2AD-LBUXSINbPraRkNqw4xi5k.roa (raw, json)
Hash identifier: u72QRZHeXNo/x4RdM1r6hMLyZZkVOXPmxIAHJr9mUkg=
Subject key identifier: 9A:5D:80:0F:E2:C1:51:74:88:35:B3:EB:69:19:0D:AB:0E:31:8B:99
Certificate issuer: /CN=c017a4a82172b206afee1c13d296ee260385b571
Certificate serial: 01856F26DBE6AC50A3058021F5ECFF389BDB
Authority key identifier: C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/ml2AD-LBUXSINbPraRkNqw4xi5k.roa
Signing time: Sun 01 Jan 2023 21:04:55 +0000
ROA not before: Sun 01 Jan 2023 21:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200874
IP address blocks: 185.89.116.0/22 maxlen: 24
2a03:8320::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:26:db:e6:ac:50:a3:05:80:21:f5:ec:ff:38:9b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c017a4a82172b206afee1c13d296ee260385b571
Validity
Not Before: Jan 1 21:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a5d800fe2c151748835b3eb69190dab0e318b99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:6c:15:82:0b:ba:ef:30:b6:7f:e1:cf:c0:e7:
7a:f9:6f:86:16:3a:8e:73:18:87:59:14:55:2e:69:
6a:26:50:69:67:8b:d5:3a:4b:5b:91:05:fe:5e:ec:
45:89:69:46:4d:24:48:2c:97:e9:76:16:9f:08:80:
9b:86:2f:43:3f:3d:96:54:36:11:0e:21:08:bd:77:
ca:df:7a:29:52:b3:18:b4:19:7f:ab:64:6e:b7:03:
97:51:40:e2:cd:d7:20:34:31:42:6d:cc:e0:e6:23:
09:81:6c:65:bd:22:83:17:04:ec:a7:c3:18:bc:5b:
98:8b:fd:62:63:89:ac:03:e9:82:76:8f:2c:ee:6b:
55:80:bf:d7:dd:e8:a0:d8:99:6c:39:8e:e2:75:76:
0c:d5:3f:06:23:01:25:60:26:e6:41:19:ff:6e:60:
0e:5e:f1:2d:33:d2:7d:62:78:97:55:c3:5b:58:b3:
b6:b7:bf:f6:87:91:77:dd:a6:fb:ee:52:90:6f:b9:
b2:78:4e:38:d4:06:9d:31:7b:82:08:c8:a5:e5:d6:
47:36:bd:f3:96:02:c2:91:7c:a5:24:db:97:e0:87:
d8:7e:52:d1:62:aa:ce:6e:e9:0f:43:7b:1d:09:a5:
aa:11:ad:aa:4e:0d:a1:3f:31:f4:5f:50:06:3e:e2:
c0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:5D:80:0F:E2:C1:51:74:88:35:B3:EB:69:19:0D:AB:0E:31:8B:99
X509v3 Authority Key Identifier:
keyid:C0:17:A4:A8:21:72:B2:06:AF:EE:1C:13:D2:96:EE:26:03:85:B5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wBekqCFysgav7hwT0pbuJgOFtXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/ml2AD-LBUXSINbPraRkNqw4xi5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/33051d-c2a0-4ac7-b7f3-90adec85dd85/1/wBekqCFysgav7hwT0pbuJgOFtXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.116.0/22
IPv6:
2a03:8320::/32
Signature Algorithm: sha256WithRSAEncryption
44:50:1d:21:8d:fd:54:15:fa:45:a2:20:b0:16:21:eb:c3:15:
a2:49:73:98:40:f2:41:fd:50:16:85:6b:be:d7:4f:fa:2b:60:
c5:c9:bc:92:15:27:c7:8b:0f:de:1d:01:19:8a:d2:5c:81:57:
6e:20:be:cd:41:94:7b:4e:97:f5:6d:a5:e4:4b:51:ee:01:36:
9f:91:c2:18:49:50:d1:e1:b1:db:ca:b7:05:7b:01:c1:f8:08:
87:ba:d8:89:49:65:63:29:38:c7:6b:d3:ad:01:2a:a7:1d:80:
54:8c:7f:7b:e0:ff:95:7a:cd:43:70:f3:af:1d:a5:05:bb:20:
3f:16:88:ee:91:47:3a:36:16:18:bc:b1:70:8d:07:62:d0:f4:
16:8b:40:14:b8:6a:a5:16:ec:a8:d0:7c:d6:0b:f5:ac:40:93:
64:d0:47:66:ca:ea:16:28:a1:63:52:09:0f:67:d2:8d:a0:06:
59:76:d0:0e:6f:5a:9a:93:26:00:48:79:21:d6:a9:3e:c8:80:
ca:6c:e5:fd:a0:19:4f:95:a6:47:24:93:52:5d:a9:8b:44:de:
0c:08:e4:a3:8a:e2:ed:a4:eb:81:88:b3:4a:94:92:d3:46:e9:
85:bb:26:84:eb:f8:6b:b7:fe:9d:c7:f7:d1:51:43:e6:e7:76:
87:2d:16:37
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvJtvmrFCjBYAh9ez/OJvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMTdhNGE4MjE3MmIyMDZhZmVlMWMxM2QyOTZlZTI2MDM4
NWI1NzEwHhcNMjMwMTAxMjEwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTVkODAwZmUyYzE1MTc0ODgzNWIzZWI2OTE5MGRhYjBlMzE4Yjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA72wVggu67zC2f+HPwOd6+W+GFjqO
cxiHWRRVLmlqJlBpZ4vVOktbkQX+XuxFiWlGTSRILJfpdhafCICbhi9DPz2WVDYR
DiEIvXfK33opUrMYtBl/q2RutwOXUUDizdcgNDFCbczg5iMJgWxlvSKDFwTsp8MY
vFuYi/1iY4msA+mCdo8s7mtVgL/X3eig2JlsOY7idXYM1T8GIwElYCbmQRn/bmAO
XvEtM9J9YniXVcNbWLO2t7/2h5F33ab77lKQb7myeE441AadMXuCCMil5dZHNr3z
lgLCkXylJNuX4IfYflLRYqrObukPQ3sdCaWqEa2qTg2hPzH0X1AGPuLApwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJpdgA/iwVF0iDWz62kZDasOMYuZMB8GA1UdIwQY
MBaAFMAXpKghcrIGr+4cE9KW7iYDhbVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0Jla3FDRnlzZ2F2N2h3VDBwYnVKZ09GdFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8zMzA1MWQtYzJhMC00YWM3LWI3ZjMt
OTBhZGVjODVkZDg1LzEvbWwyQUQtTEJVWFNJTmJQcmFSa05xdzR4aTVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8zMzA1MWQtYzJhMC00YWM3LWI3ZjMtOTBhZGVjODVkZDg1
LzEvd0Jla3FDRnlzZ2F2N2h3VDBwYnVKZ09GdFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVl0MA0E
AgACMAcDBQAqA4MgMA0GCSqGSIb3DQEBCwUAA4IBAQBEUB0hjf1UFfpFoiCwFiHr
wxWiSXOYQPJB/VAWhWu+10/6K2DFybySFSfHiw/eHQEZitJcgVduIL7NQZR7Tpf1
baXkS1HuATafkcIYSVDR4bHbyrcFewHB+AiHutiJSWVjKTjHa9OtASqnHYBUjH97
4P+Ves1DcPOvHaUFuyA/FojukUc6NhYYvLFwjQdi0PQWi0AUuGqlFuyo0HzWC/Ws
QJNk0EdmyuoWKKFjUgkPZ9KNoAZZdtAOb1qakyYASHkh1qk+yIDKbOX9oBlPlaZH
JJNSXamLRN4MCOSjiuLtpOuBiLNKlJLTRumFuyaE6/hrt/6dx/fRUUPm53aHLRY3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:20 2024 by rpki-client on console-fra.rpki-client.org