Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/kMMasNgWxtX8vyoCQp4grxouSjQ.roa
File: kMMasNgWxtX8vyoCQp4grxouSjQ.roa (raw, json)
Hash identifier: D5s5wvUg655th/zrqcWFn+Y6jMnQ36AZXeWn2/3RaGg=
Subject key identifier: 90:C3:1A:B0:D8:16:C6:D5:FC:BF:2A:02:42:9E:20:AF:1A:2E:4A:34
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 01856C78117AE128759AE67BA9CB528A3834
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/kMMasNgWxtX8vyoCQp4grxouSjQ.roa
Signing time: Sun 01 Jan 2023 08:34:46 +0000
ROA not before: Sun 01 Jan 2023 08:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 262287
IP address blocks: 185.236.94.0/23 maxlen: 23
185.236.92.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:11:7a:e1:28:75:9a:e6:7b:a9:cb:52:8a:38:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Jan 1 08:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=90c31ab0d816c6d5fcbf2a02429e20af1a2e4a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3f:c7:a5:f4:6b:15:ff:74:19:a4:65:00:a4:
ce:28:64:02:a4:d0:30:72:48:33:4d:a9:52:fa:2b:
0a:4d:34:c0:4f:06:fa:55:ad:85:ef:a0:60:79:d8:
11:c6:94:41:da:5a:23:e1:bf:48:6d:dd:1f:f7:00:
63:ea:33:06:59:bd:4b:06:30:f8:34:ad:f6:20:f9:
66:cf:8b:a0:a3:eb:a8:dd:86:35:fe:bb:78:9c:e7:
90:45:62:c8:76:88:17:2d:1f:82:6d:52:59:4a:0d:
ca:43:e6:3e:14:25:b9:14:98:91:99:75:52:b3:a5:
bb:68:18:76:38:47:52:b7:c5:32:70:4a:41:03:c5:
de:bc:56:17:3e:3e:a2:9d:34:3f:b7:d1:ca:24:19:
b1:61:1c:83:1e:62:0b:53:f2:9f:34:f1:26:b0:3c:
83:2d:1c:aa:a8:c1:1e:c0:93:db:44:e8:88:bc:c6:
54:ec:b8:f2:76:2a:5e:12:1a:56:75:d3:d5:83:d7:
ca:72:2f:ca:90:3e:13:99:88:5c:6d:36:41:f6:3a:
2c:71:93:e6:24:12:dd:53:f5:09:8b:7f:c4:09:54:
ef:99:12:3a:04:c0:37:97:98:4b:fd:36:bc:56:26:
f3:a8:96:56:1c:fc:6a:e0:75:a0:f2:31:50:79:95:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C3:1A:B0:D8:16:C6:D5:FC:BF:2A:02:42:9E:20:AF:1A:2E:4A:34
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/kMMasNgWxtX8vyoCQp4grxouSjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.92.0/22
Signature Algorithm: sha256WithRSAEncryption
81:11:64:78:c0:cb:78:b2:dd:cb:9b:5c:aa:2f:c6:53:48:11:
d2:f6:47:37:f6:bb:fd:4d:c3:22:24:f5:be:0e:eb:49:8b:df:
3c:8e:a1:55:12:06:bd:cc:d0:97:0d:a2:fe:03:0c:0f:50:00:
0f:64:79:43:28:c3:ee:e0:39:3a:39:c5:52:c4:af:77:75:fe:
63:eb:7f:d1:a4:41:a3:05:98:f1:55:c1:e7:1a:32:a1:7d:73:
41:df:a2:6c:16:ce:48:dd:b3:a1:23:db:c8:fa:e8:b0:ff:66:
59:ec:e1:1d:95:ac:e0:73:cc:e4:c4:d1:4d:05:79:78:ef:41:
13:62:c7:f7:4d:a6:52:7a:18:aa:41:e0:65:38:10:b1:6e:71:
b2:e1:83:c0:db:c7:e1:f9:12:af:31:f1:54:03:3e:08:9a:9b:
cc:72:8b:11:7c:72:d8:f3:85:f6:8f:75:7c:dd:12:db:3c:68:
87:fe:0d:04:10:e8:36:07:1c:a8:0d:88:1f:9e:72:41:2e:d3:
26:e5:68:83:48:d1:de:33:c0:34:b6:2e:3f:1d:55:20:1f:81:
8e:34:f4:bd:60:5a:56:2f:e1:83:35:09:27:59:1f:5e:5c:d9:
ca:3f:63:b8:dc:b9:aa:b2:b9:89:66:b4:13:56:de:1e:8a:e3:
55:a1:08:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseBF64Sh1muZ7qctSijg0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjMwMTAxMDgzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGMzMWFiMGQ4MTZjNmQ1ZmNiZjJhMDI0MjllMjBhZjFhMmU0YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj/HpfRrFf90GaRlAKTOKGQCpNAw
ckgzTalS+isKTTTATwb6Va2F76BgedgRxpRB2loj4b9Ibd0f9wBj6jMGWb1LBjD4
NK32IPlmz4ugo+uo3YY1/rt4nOeQRWLIdogXLR+CbVJZSg3KQ+Y+FCW5FJiRmXVS
s6W7aBh2OEdSt8UycEpBA8XevFYXPj6inTQ/t9HKJBmxYRyDHmILU/KfNPEmsDyD
LRyqqMEewJPbROiIvMZU7LjydipeEhpWddPVg9fKci/KkD4TmYhcbTZB9joscZPm
JBLdU/UJi3/ECVTvmRI6BMA3l5hL/Ta8VibzqJZWHPxq4HWg8jFQeZUglQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDDGrDYFsbV/L8qAkKeIK8aLko0MB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEva01NYXNOZ1d4dFg4dnlvQ1FwNGdyeG91U2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuexcMA0G
CSqGSIb3DQEBCwUAA4IBAQCBEWR4wMt4st3Lm1yqL8ZTSBHS9kc39rv9TcMiJPW+
DutJi988jqFVEga9zNCXDaL+AwwPUAAPZHlDKMPu4Dk6OcVSxK93df5j63/RpEGj
BZjxVcHnGjKhfXNB36JsFs5I3bOhI9vI+uiw/2ZZ7OEdlazgc8zkxNFNBXl470ET
Ysf3TaZSehiqQeBlOBCxbnGy4YPA28fh+RKvMfFUAz4ImpvMcosRfHLY84X2j3V8
3RLbPGiH/g0EEOg2BxyoDYgfnnJBLtMm5WiDSNHeM8A0ti4/HVUgH4GONPS9YFpW
L+GDNQknWR9eXNnKP2O43LmqsrmJZrQTVt4eiuNVoQhK
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:34 2024 by rpki-client on console-fra.rpki-client.org