Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/mr9BDip2Afza7p_NW6ppk835z9o.roa
File: mr9BDip2Afza7p_NW6ppk835z9o.roa (raw, json)
Hash identifier: STlGZawbL4XAKdXRqqIUWqrcXMomqQVMz7lk5e8HxDY=
Subject key identifier: 9A:BF:41:0E:2A:76:01:FC:DA:EE:9F:CD:5B:AA:69:93:CD:F9:CF:DA
Certificate issuer: /CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Certificate serial: 01856E1D31AAF7CFADA2120870B4EB958F23
Authority key identifier: FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/mr9BDip2Afza7p_NW6ppk835z9o.roa
Signing time: Sun 01 Jan 2023 16:14:44 +0000
ROA not before: Sun 01 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206819
IP address blocks: 185.175.100.0/22 maxlen: 32
2a0b:e500::/31 maxlen: 31
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:1d:31:aa:f7:cf:ad:a2:12:08:70:b4:eb:95:8f:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4f06bff3a5b85151b65705b4308e9afb1fd8f7
Validity
Not Before: Jan 1 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9abf410e2a7601fcdaee9fcd5baa6993cdf9cfda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:68:d9:2e:b9:74:fb:87:13:a6:b1:5c:46:4e:
80:51:af:53:fb:f7:af:56:93:73:7e:17:f1:a1:0b:
61:50:8f:b6:49:55:15:45:03:87:08:e9:f0:de:c1:
a3:19:f0:19:3e:3a:b9:89:31:1e:50:ac:02:79:be:
9e:03:28:41:2f:01:c1:2a:6a:d4:34:17:71:6f:14:
09:b1:a8:89:c5:ac:17:34:1a:5f:c8:fc:60:5c:8b:
fe:5d:fb:da:c9:c5:43:ce:c6:97:47:ab:2c:74:12:
ac:72:ca:2c:14:78:b1:9c:f5:0c:cf:bc:65:45:7f:
cd:60:81:da:9a:99:5a:90:56:bc:1f:4c:d8:50:ce:
80:c7:29:86:7e:7e:b1:a0:d2:f7:9e:e9:d8:5a:04:
78:e9:f9:78:45:d0:f2:26:ec:5f:e3:8a:89:42:ea:
26:39:52:34:5f:3d:ce:e5:f6:6f:8e:31:5f:2d:30:
10:bf:9f:bc:48:3a:3c:d6:c3:c7:66:16:b7:98:a5:
af:2d:c6:5f:f6:5b:a8:56:a7:62:2f:35:25:b7:cb:
b4:cb:4d:4a:a4:b6:d5:8f:84:3f:5a:c2:7a:9f:3a:
3a:26:7a:36:77:39:8a:81:c8:8c:d3:44:7f:84:13:
44:80:c3:50:05:2d:cf:1d:cd:ab:02:cf:c2:10:4f:
31:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BF:41:0E:2A:76:01:FC:DA:EE:9F:CD:5B:AA:69:93:CD:F9:CF:DA
X509v3 Authority Key Identifier:
keyid:FF:4F:06:BF:F3:A5:B8:51:51:B6:57:05:B4:30:8E:9A:FB:1F:D8:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_08Gv_OluFFRtlcFtDCOmvsf2Pc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/mr9BDip2Afza7p_NW6ppk835z9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/2fb8bd-e1a0-454c-8bca-25effdd796dc/1/_08Gv_OluFFRtlcFtDCOmvsf2Pc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.175.100.0/22
IPv6:
2a0b:e500::/31
Signature Algorithm: sha256WithRSAEncryption
3e:31:e0:ea:6a:e4:ab:f0:41:fd:c1:06:20:2b:2b:67:03:61:
c3:58:eb:3d:a8:cc:9a:c9:c9:fb:ea:f0:a8:5f:32:7a:fa:e0:
ae:6d:56:5e:cf:f0:20:68:9f:ff:51:3d:c7:18:d3:df:88:d5:
43:d0:46:a6:9f:f7:a7:d8:49:5a:8e:51:34:d7:97:18:b4:9b:
96:56:d5:cb:1d:95:35:b1:8a:76:f0:31:92:27:de:c6:fb:d4:
27:ac:03:96:b6:11:1f:d2:02:e4:2e:b8:10:e2:0e:ac:40:55:
92:e7:c5:36:f5:19:01:08:e7:ad:fd:9b:5d:b2:b0:25:2a:e2:
85:91:21:28:d2:d1:7a:c7:1f:ea:0f:41:12:58:34:79:d1:8e:
45:67:31:3d:68:34:0c:98:67:88:c9:cf:84:98:15:41:27:9f:
1d:26:62:c9:7a:87:ea:7e:f0:5b:91:13:ca:df:2a:ca:d7:a2:
36:94:f5:c2:9e:9c:23:f8:f7:58:ad:8f:e6:07:9c:0e:a0:14:
2e:9a:3f:f8:e1:e8:0b:f2:88:dc:e8:34:07:eb:ee:f2:60:5a:
d5:0a:89:45:05:a9:22:e1:1c:99:ff:08:b0:55:d5:48:3f:2a:
17:1e:01:64:3c:f2:70:d8:de:3e:35:fc:16:e8:38:40:b6:8d:
ef:9d:98:69
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuHTGq98+tohIIcLTrlY8jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNGYwNmJmZjNhNWI4NTE1MWI2NTcwNWI0MzA4ZTlhZmIx
ZmQ4ZjcwHhcNMjMwMTAxMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJmNDEwZTJhNzYwMWZjZGFlZTlmY2Q1YmFhNjk5M2NkZjljZmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWjZLrl0+4cTprFcRk6AUa9T+/ev
VpNzfhfxoQthUI+2SVUVRQOHCOnw3sGjGfAZPjq5iTEeUKwCeb6eAyhBLwHBKmrU
NBdxbxQJsaiJxawXNBpfyPxgXIv+XfvaycVDzsaXR6ssdBKscsosFHixnPUMz7xl
RX/NYIHamplakFa8H0zYUM6AxymGfn6xoNL3nunYWgR46fl4RdDyJuxf44qJQuom
OVI0Xz3O5fZvjjFfLTAQv5+8SDo81sPHZha3mKWvLcZf9luoVqdiLzUlt8u0y01K
pLbVj4Q/WsJ6nzo6Jno2dzmKgciM00R/hBNEgMNQBS3PHc2rAs/CEE8xxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJq/QQ4qdgH82u6fzVuqaZPN+c/aMB8GA1UdIwQY
MBaAFP9PBr/zpbhRUbZXBbQwjpr7H9j3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzA4R3ZfT2x1RkZSdGxjRnREQ09tdnNmMlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yZmI4YmQtZTFhMC00NTRjLThiY2Et
MjVlZmZkZDc5NmRjLzEvbXI5QkRpcDJBZnphN3BfTlc2cHBrODM1ejlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yZmI4YmQtZTFhMC00NTRjLThiY2EtMjVlZmZkZDc5NmRj
LzEvXzA4R3ZfT2x1RkZSdGxjRnREQ09tdnNmMlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua9kMA0E
AgACMAcDBQEqC+UAMA0GCSqGSIb3DQEBCwUAA4IBAQA+MeDqauSr8EH9wQYgKytn
A2HDWOs9qMyaycn76vCoXzJ6+uCubVZez/AgaJ//UT3HGNPfiNVD0Eamn/en2Ela
jlE015cYtJuWVtXLHZU1sYp28DGSJ97G+9QnrAOWthEf0gLkLrgQ4g6sQFWS58U2
9RkBCOet/ZtdsrAlKuKFkSEo0tF6xx/qD0ESWDR50Y5FZzE9aDQMmGeIyc+EmBVB
J58dJmLJeofqfvBbkRPK3yrK16I2lPXCnpwj+PdYrY/mB5wOoBQumj/44egL8ojc
6DQH6+7yYFrVColFBaki4RyZ/wiwVdVIPyoXHgFkPPJw2N4+NfwW6DhAto3vnZhp
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:08 2024 by rpki-client on console-fra.rpki-client.org