Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/mZhNAMzK9i2g0GRI23e_64jyh_o.roa
File: mZhNAMzK9i2g0GRI23e_64jyh_o.roa (raw, json)
Hash identifier: r1XDneuUFzSIhy47gOBNNV9eIW4M5BRiwlp14Fe615w=
Subject key identifier: 99:98:4D:00:CC:CA:F6:2D:A0:D0:64:48:DB:77:BF:EB:88:F2:87:FA
Certificate issuer: /CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Certificate serial: 01856FC28BB94AB78440959D4CD55EB5F9F0
Authority key identifier: 9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/mZhNAMzK9i2g0GRI23e_64jyh_o.roa
Signing time: Sun 01 Jan 2023 23:54:58 +0000
ROA not before: Sun 01 Jan 2023 23:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 185.28.38.0/24 maxlen: 24
185.28.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:8b:b9:4a:b7:84:40:95:9d:4c:d5:5e:b5:f9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b97c22d0b338a8a45aa1345b0917ba0dc973390
Validity
Not Before: Jan 1 23:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99984d00cccaf62da0d06448db77bfeb88f287fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ff:c6:81:7e:f7:19:be:bb:7f:00:e9:0e:80:
83:9b:25:02:35:50:b9:11:00:81:c6:eb:50:99:27:
7c:1f:fa:b5:c4:3f:e8:da:c5:f6:9d:85:64:67:fa:
6e:01:4d:5c:62:26:c8:60:72:0f:fc:1f:15:25:de:
27:79:b8:c5:75:8b:64:a6:17:b9:34:09:f5:85:5a:
7f:d0:88:87:a6:4d:ac:0b:ca:26:44:c4:97:15:8f:
22:be:55:cf:81:b8:e7:47:43:2a:96:72:e6:84:cb:
33:64:bf:0b:fd:58:5b:f3:82:0d:fb:de:88:0f:6c:
30:e6:b2:6c:62:f3:8b:ec:89:6b:78:e2:0a:0e:3a:
4e:e8:43:5c:23:25:0b:a0:a2:55:20:50:a6:2b:73:
be:08:8a:3b:04:3a:97:2a:e2:6f:e7:92:1e:6c:c7:
9c:99:89:a3:cf:70:7b:24:3b:25:ff:9f:97:70:b0:
b8:bd:44:e0:64:f6:65:70:30:d5:68:3c:ee:30:7b:
d9:db:dc:1e:e1:d1:28:74:af:5e:f4:74:2d:f0:81:
9f:c1:e4:0f:61:df:84:ff:0e:d5:80:29:5a:a8:e3:
7a:e9:9f:02:c8:e3:2a:b5:59:01:9a:e1:15:2c:1c:
f1:3a:6a:2b:0c:03:2f:03:68:ab:ab:0c:52:77:e8:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:98:4D:00:CC:CA:F6:2D:A0:D0:64:48:DB:77:BF:EB:88:F2:87:FA
X509v3 Authority Key Identifier:
keyid:9B:97:C2:2D:0B:33:8A:8A:45:AA:13:45:B0:91:7B:A0:DC:97:33:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m5fCLQsziopFqhNFsJF7oNyXM5A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/mZhNAMzK9i2g0GRI23e_64jyh_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/e2258d-8bc5-44ed-8073-ae999ed7c5d4/1/m5fCLQsziopFqhNFsJF7oNyXM5A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.36.0/24
185.28.38.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:12:92:da:f8:49:b7:ce:63:54:1f:80:7f:e1:43:b1:48:97:
5d:aa:8d:fe:4a:4e:b1:83:b2:71:3a:d7:bf:ec:84:e8:a0:0c:
b9:c2:94:be:13:60:04:ec:56:d1:4e:a1:a1:64:e1:f9:e8:3f:
2c:70:00:7f:2e:9a:68:e0:8a:9b:42:0b:90:fd:ba:a5:ca:50:
44:68:e4:dc:fd:0b:4c:1b:ce:40:09:9a:72:95:6a:a7:e3:b4:
c8:44:94:d7:2a:79:22:35:fb:04:02:36:38:f5:e9:d6:47:bb:
91:18:58:4b:f3:77:3e:b2:1a:1b:44:3a:12:86:8a:43:8b:ae:
44:49:27:d1:ee:28:ed:a1:0c:04:a6:1a:90:be:f4:cc:33:98:
0b:4f:03:f4:7b:fb:d6:e5:3b:ba:71:b8:0e:d2:bf:03:ec:a1:
f0:ee:3d:c2:fb:84:d9:64:84:82:97:a2:f8:0f:ae:15:5c:e8:
d9:fb:a2:4d:de:89:a4:b6:ad:36:74:79:ef:f5:9d:ac:2d:a4:
9c:7c:d3:61:2b:4b:d9:d0:8d:c8:9b:27:4d:ee:f1:f9:5d:e1:
c5:11:7a:e2:14:cd:13:e0:03:80:7b:51:7e:62:0e:dc:07:b1:
03:05:5c:d9:b3:f1:3f:db:0a:41:f8:64:e7:bf:50:60:ae:a6:
a6:5f:f2:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvwou5SreEQJWdTNVetfnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliOTdjMjJkMGIzMzhhOGE0NWFhMTM0NWIwOTE3YmEwZGM5
NzMzOTAwHhcNMjMwMTAxMjM1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk4NGQwMGNjY2FmNjJkYTBkMDY0NDhkYjc3YmZlYjg4ZjI4N2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhv/GgX73Gb67fwDpDoCDmyUCNVC5
EQCBxutQmSd8H/q1xD/o2sX2nYVkZ/puAU1cYibIYHIP/B8VJd4nebjFdYtkphe5
NAn1hVp/0IiHpk2sC8omRMSXFY8ivlXPgbjnR0MqlnLmhMszZL8L/Vhb84IN+96I
D2ww5rJsYvOL7IlreOIKDjpO6ENcIyULoKJVIFCmK3O+CIo7BDqXKuJv55IebMec
mYmjz3B7JDsl/5+XcLC4vUTgZPZlcDDVaDzuMHvZ29we4dEodK9e9HQt8IGfweQP
Yd+E/w7VgClaqON66Z8CyOMqtVkBmuEVLBzxOmorDAMvA2irqwxSd+jR3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJmYTQDMyvYtoNBkSNt3v+uI8of6MB8GA1UdIwQY
MBaAFJuXwi0LM4qKRaoTRbCRe6DclzOQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMt
YWU5OTllZDdjNWQ0LzEvbVpoTkFNeks5aTJnMEdSSTIzZV82NGp5aF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9lMjI1OGQtOGJjNS00NGVkLTgwNzMtYWU5OTllZDdjNWQ0
LzEvbTVmQ0xRc3ppb3BGcWhORnNKRjdvTnlYTTVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuRwkAwQA
uRwmMA0GCSqGSIb3DQEBCwUAA4IBAQDMEpLa+Em3zmNUH4B/4UOxSJddqo3+Sk6x
g7JxOte/7ITooAy5wpS+E2AE7FbRTqGhZOH56D8scAB/Lppo4IqbQguQ/bqlylBE
aOTc/QtMG85ACZpylWqn47TIRJTXKnkiNfsEAjY49enWR7uRGFhL83c+shobRDoS
hopDi65ESSfR7ijtoQwEphqQvvTMM5gLTwP0e/vW5Tu6cbgO0r8D7KHw7j3C+4TZ
ZISCl6L4D64VXOjZ+6JN3omktq02dHnv9Z2sLaScfNNhK0vZ0I3ImydN7vH5XeHF
EXriFM0T4AOAe1F+Yg7cB7EDBVzZs/E/2wpB+GTnv1BgrqamX/K2
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:02 2024 by rpki-client on console-ams.rpki-client.org