Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/M-nFZJaApllCRyxQ75cYBWV19lo.roa
File: M-nFZJaApllCRyxQ75cYBWV19lo.roa (raw, json)
Hash identifier: 5ebLNR/OXDu3GNziDpOBeWqCY18MpHdgOW7JjsJL1A0=
Subject key identifier: 33:E9:C5:64:96:80:A6:59:42:47:2C:50:EF:97:18:05:65:75:F6:5A
Certificate issuer: /CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Certificate serial: 01857039660B846EFB94B72B7DCCAE06B849
Authority key identifier: 12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/M-nFZJaApllCRyxQ75cYBWV19lo.roa
Signing time: Mon 02 Jan 2023 02:04:47 +0000
ROA not before: Mon 02 Jan 2023 02:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.114.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:39:66:0b:84:6e:fb:94:b7:2b:7d:cc:ae:06:b8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1214a7e2a8c7012325ae973ed1a2bba05b2bb9c1
Validity
Not Before: Jan 2 02:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33e9c5649680a65942472c50ef9718056575f65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7e:c2:e8:95:de:e0:a1:ce:56:dd:e1:ec:06:
97:79:ee:64:9c:f7:b3:da:6e:14:00:67:3e:ac:47:
36:74:6f:c3:c9:2d:33:24:f8:bc:1b:c1:73:7c:5b:
71:4c:41:77:da:e5:53:8e:f1:2c:2a:d7:4f:5d:bb:
a4:36:fc:05:3c:d5:ce:81:79:3b:77:92:e8:4c:7e:
6b:01:24:0f:05:f4:ca:1c:dd:5e:86:e0:6a:06:9c:
0c:93:a6:f9:1b:0b:3d:31:02:8d:3a:10:55:74:bc:
6c:e2:02:1e:d2:1d:3f:06:55:d5:71:2f:62:43:24:
7e:ce:eb:5d:8a:a7:e0:12:72:02:fb:7c:22:04:53:
2b:7c:6d:d5:17:0c:d7:50:cc:02:11:c0:f8:26:75:
2a:70:fa:33:a0:de:af:b0:c2:7b:46:08:71:f7:3e:
5b:47:90:9b:a2:fa:19:30:aa:a1:69:ff:c1:a5:d6:
fe:c9:8b:df:16:a6:66:bf:f2:8b:8f:d2:d1:3a:56:
34:cf:f5:ec:90:f4:0f:7f:4e:ca:66:e8:f8:ab:86:
1b:31:18:a8:eb:5f:e2:cd:b5:6c:da:e7:ca:43:e4:
d7:9a:5b:5f:fd:6a:16:53:5b:8a:77:74:7b:49:02:
d1:20:8a:a8:d5:79:38:0b:90:c9:34:58:74:56:ba:
59:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E9:C5:64:96:80:A6:59:42:47:2C:50:EF:97:18:05:65:75:F6:5A
X509v3 Authority Key Identifier:
keyid:12:14:A7:E2:A8:C7:01:23:25:AE:97:3E:D1:A2:BB:A0:5B:2B:B9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhSn4qjHASMlrpc-0aK7oFsrucE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/M-nFZJaApllCRyxQ75cYBWV19lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/a68dbc-3f94-4fed-8d9d-e9c3649c1218/1/EhSn4qjHASMlrpc-0aK7oFsrucE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.33.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:34:ae:78:29:bc:77:90:e4:43:e7:ef:73:8c:68:46:99:05:
8f:94:9a:03:fd:ca:db:f2:39:92:a9:6d:ce:c1:7e:f7:e2:ba:
02:47:1d:3f:b9:01:5f:b5:d9:84:87:38:4b:d7:02:b7:2d:4d:
a5:7e:90:1a:29:5c:97:1f:c6:94:60:30:4d:7b:17:4e:4f:b0:
10:37:10:ac:3f:2e:a9:0f:8d:10:af:fa:fe:e9:b9:bd:92:64:
5b:61:e4:a1:1f:e6:85:83:95:01:49:2f:ea:46:5a:fd:e2:87:
6e:47:8d:b9:cb:a6:0a:9f:19:51:04:80:cf:44:49:33:fd:68:
4b:af:08:8b:9c:0d:ae:7e:cd:00:e7:da:22:56:0a:0b:da:f3:
bf:99:45:e6:ce:3e:44:0f:d3:e6:04:c5:50:42:05:41:38:07:
8f:88:59:99:75:c1:cd:44:e2:a1:5c:31:ef:e4:c1:4a:c5:35:
bb:a7:75:ed:8a:c4:06:e6:fc:81:32:7f:e1:6c:af:cc:28:27:
f1:1e:a0:04:29:d5:06:e5:21:fc:03:8d:fa:e0:6a:a8:bc:31:
8c:d0:31:09:16:e1:18:0e:38:8b:e0:45:7b:4a:3b:b6:11:02:
2c:c0:33:bd:26:0e:e0:7c:9f:4d:4d:bf:b0:14:62:60:6e:19:
8e:cd:2c:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwOWYLhG77lLcrfcyuBrhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTRhN2UyYThjNzAxMjMyNWFlOTczZWQxYTJiYmEwNWIy
YmI5YzEwHhcNMjMwMTAyMDIwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U5YzU2NDk2ODBhNjU5NDI0NzJjNTBlZjk3MTgwNTY1NzVmNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmX7C6JXe4KHOVt3h7AaXee5knPez
2m4UAGc+rEc2dG/DyS0zJPi8G8FzfFtxTEF32uVTjvEsKtdPXbukNvwFPNXOgXk7
d5LoTH5rASQPBfTKHN1ehuBqBpwMk6b5Gws9MQKNOhBVdLxs4gIe0h0/BlXVcS9i
QyR+zutdiqfgEnIC+3wiBFMrfG3VFwzXUMwCEcD4JnUqcPozoN6vsMJ7Rghx9z5b
R5CbovoZMKqhaf/Bpdb+yYvfFqZmv/KLj9LROlY0z/XskPQPf07KZuj4q4YbMRio
61/izbVs2ufKQ+TXmltf/WoWU1uKd3R7SQLRIIqo1Xk4C5DJNFh0VrpZ6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPpxWSWgKZZQkcsUO+XGAVldfZaMB8GA1UdIwQY
MBaAFBIUp+KoxwEjJa6XPtGiu6BbK7nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQt
ZTljMzY0OWMxMjE4LzEvTS1uRlpKYUFwbGxDUnl4UTc1Y1lCV1YxOWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9hNjhkYmMtM2Y5NC00ZmVkLThkOWQtZTljMzY0OWMxMjE4
LzEvRWhTbjRxakhBU01scnBjLTBhSzdvRnNydWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXIhMA0G
CSqGSIb3DQEBCwUAA4IBAQCzNK54Kbx3kORD5+9zjGhGmQWPlJoD/crb8jmSqW3O
wX734roCRx0/uQFftdmEhzhL1wK3LU2lfpAaKVyXH8aUYDBNexdOT7AQNxCsPy6p
D40Qr/r+6bm9kmRbYeShH+aFg5UBSS/qRlr94oduR425y6YKnxlRBIDPREkz/WhL
rwiLnA2ufs0A59oiVgoL2vO/mUXmzj5ED9PmBMVQQgVBOAePiFmZdcHNROKhXDHv
5MFKxTW7p3XtisQG5vyBMn/hbK/MKCfxHqAEKdUG5SH8A4364GqovDGM0DEJFuEY
DjiL4EV7Sju2EQIswDO9Jg7gfJ9NTb+wFGJgbhmOzSx+
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:03 2024 by rpki-client on console-fra.rpki-client.org