Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa
File: mpCLG-zkQ-geR3iS9XANQD2KO0k.roa (raw, json)
Hash identifier: pQowx4jiI1LY83CdxvlONQ3NU+Gx+0/kRMaDGMCBmhE=
Subject key identifier: 9A:90:8B:1B:EC:E4:43:E8:1E:47:78:92:F5:70:0D:40:3D:8A:3B:49
Certificate issuer: /CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a
Certificate serial: 01856D4ACC8BD876702963F180C37DB059CA
Authority key identifier: B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa
Signing time: Sun 01 Jan 2023 12:24:56 +0000
ROA not before: Sun 01 Jan 2023 12:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205010
IP address blocks: 185.226.32.0/22 maxlen: 22
2a0c:2600::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:cc:8b:d8:76:70:29:63:f1:80:c3:7d:b0:59:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7bd8eae1669deb3a3fa4186491e05cb32ce092a
Validity
Not Before: Jan 1 12:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a908b1bece443e81e477892f5700d403d8a3b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:de:30:94:13:49:ab:b4:17:c9:79:ec:04:3d:
62:8b:e8:da:dd:9f:63:2a:56:b4:9f:a7:84:ba:3f:
06:ef:c5:6d:d7:77:1e:f9:fe:56:64:13:bf:7f:7c:
13:c1:89:4d:17:24:38:15:3a:e3:b3:74:4b:0a:c8:
25:b5:6e:8c:83:5e:c7:2b:34:62:75:9d:5e:62:84:
8b:b3:0a:e3:2f:6a:87:b5:8d:aa:55:c0:b9:78:07:
d7:72:69:b6:66:c6:6f:33:cb:44:af:6c:4b:4a:25:
15:58:46:4d:a1:00:ef:19:f8:1c:0a:d8:b5:84:bb:
94:e0:2c:30:17:2f:88:bd:7e:7c:84:86:8f:ed:0e:
4e:ec:bd:60:7f:10:3c:d4:ea:e0:46:f7:a2:75:ac:
4f:01:c8:52:95:72:fe:1d:da:37:ff:ec:f7:4d:5e:
4a:b0:e2:0e:07:a9:1a:ab:b1:7d:78:ec:a0:61:94:
a6:57:6d:55:35:95:9e:5a:4a:bc:be:d1:07:52:db:
31:1f:d8:df:a5:1e:a0:c0:1e:21:fd:c8:01:6c:88:
14:2b:e5:2e:83:30:ee:ee:5b:96:50:89:ad:95:db:
20:36:07:1c:14:ca:6a:6c:57:2d:ce:d3:25:2a:66:
14:10:79:e9:9f:91:6c:ad:9b:72:da:2b:cd:77:3d:
bc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:90:8B:1B:EC:E4:43:E8:1E:47:78:92:F5:70:0D:40:3D:8A:3B:49
X509v3 Authority Key Identifier:
keyid:B7:BD:8E:AE:16:69:DE:B3:A3:FA:41:86:49:1E:05:CB:32:CE:09:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t72OrhZp3rOj-kGGSR4FyzLOCSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/mpCLG-zkQ-geR3iS9XANQD2KO0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/b0bdbd-801c-4b0b-9fbe-ae15d507590e/1/t72OrhZp3rOj-kGGSR4FyzLOCSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.32.0/22
IPv6:
2a0c:2600::/29
Signature Algorithm: sha256WithRSAEncryption
af:71:d2:c9:3c:ca:2f:5a:44:cb:64:6a:c4:02:57:09:8b:97:
2c:24:23:b5:63:08:c9:bc:99:ef:77:f2:40:b4:1b:36:f5:42:
c4:d8:8a:62:9b:55:c5:78:57:94:6f:01:6e:d5:9b:26:7b:b3:
96:f4:30:00:af:06:84:e8:c2:22:96:b5:ec:d7:ae:6e:cc:b4:
55:4a:76:74:cb:45:fe:e5:a2:87:67:50:61:e4:96:b9:ed:41:
5e:0e:4c:78:84:ee:13:b4:11:26:fc:3f:aa:ea:95:92:e0:53:
40:32:91:d0:a7:88:08:d0:58:2c:f7:46:ce:6e:03:a5:a7:76:
32:56:9e:b0:7a:74:88:6c:9f:c4:2c:c5:af:bc:de:cc:eb:3a:
a4:73:37:a7:ba:c0:e1:aa:20:d7:31:9c:57:51:59:a7:ad:46:
e8:11:94:5c:06:7a:f5:f1:af:83:a8:af:e2:6f:14:25:ab:9d:
33:4e:1b:84:59:ed:a4:87:bd:73:66:b8:6c:0c:d7:18:43:aa:
0f:8a:4a:ac:01:52:e1:30:57:fa:e6:45:94:48:b2:8c:8e:8c:
59:4a:ea:dc:a8:7a:7a:2b:2a:a7:b0:61:6d:e4:60:a0:32:04:
dd:09:a4:fe:05:74:37:84:25:59:9d:cc:2b:21:6b:fe:86:3a:
82:af:fa:ed
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtSsyL2HZwKWPxgMN9sFnKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YmQ4ZWFlMTY2OWRlYjNhM2ZhNDE4NjQ5MWUwNWNiMzJj
ZTA5MmEwHhcNMjMwMTAxMTIyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTkwOGIxYmVjZTQ0M2U4MWU0Nzc4OTJmNTcwMGQ0MDNkOGEzYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN4wlBNJq7QXyXnsBD1ii+ja3Z9j
Kla0n6eEuj8G78Vt13ce+f5WZBO/f3wTwYlNFyQ4FTrjs3RLCsgltW6Mg17HKzRi
dZ1eYoSLswrjL2qHtY2qVcC5eAfXcmm2ZsZvM8tEr2xLSiUVWEZNoQDvGfgcCti1
hLuU4CwwFy+IvX58hIaP7Q5O7L1gfxA81OrgRveidaxPAchSlXL+Hdo3/+z3TV5K
sOIOB6kaq7F9eOygYZSmV21VNZWeWkq8vtEHUtsxH9jfpR6gwB4h/cgBbIgUK+Uu
gzDu7luWUImtldsgNgccFMpqbFctztMlKmYUEHnpn5FsrZty2ivNdz28GwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJqQixvs5EPoHkd4kvVwDUA9ijtJMB8GA1UdIwQY
MBaAFLe9jq4Wad6zo/pBhkkeBcsyzgkqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUt
YWUxNWQ1MDc1OTBlLzEvbXBDTEctemtRLWdlUjNpUzlYQU5RRDJLTzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iMGJkYmQtODAxYy00YjBiLTlmYmUtYWUxNWQ1MDc1OTBl
LzEvdDcyT3JoWnAzck9qLWtHR1NSNEZ5ekxPQ1NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueIgMA0E
AgACMAcDBQMqDCYAMA0GCSqGSIb3DQEBCwUAA4IBAQCvcdLJPMovWkTLZGrEAlcJ
i5csJCO1YwjJvJnvd/JAtBs29ULE2Ipim1XFeFeUbwFu1Zsme7OW9DAArwaE6MIi
lrXs165uzLRVSnZ0y0X+5aKHZ1Bh5Ja57UFeDkx4hO4TtBEm/D+q6pWS4FNAMpHQ
p4gI0Fgs90bObgOlp3YyVp6wenSIbJ/ELMWvvN7M6zqkczenusDhqiDXMZxXUVmn
rUboEZRcBnr18a+DqK/ibxQlq50zThuEWe2kh71zZrhsDNcYQ6oPikqsAVLhMFf6
5kWUSLKMjoxZSurcqHp6KyqnsGFt5GCgMgTdCaT+BXQ3hCVZncwrIWv+hjqCr/rt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:05 2024 by rpki-client on console-fra.rpki-client.org