Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mYiBAEZ2bgEgNiKEKDePWEh_Z7s.roa
File: mYiBAEZ2bgEgNiKEKDePWEh_Z7s.roa (raw, json)
Hash identifier: UFXkn+hQ4Rzwc459WyoMqZMypC331nBCDQdOzcsyHsE=
Subject key identifier: 99:88:81:00:46:76:6E:01:20:36:22:84:28:37:8F:58:48:7F:67:BB
Certificate issuer: /CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Certificate serial: 018A36F9417BFBC3DCE93530865751D9724C
Authority key identifier: 28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mYiBAEZ2bgEgNiKEKDePWEh_Z7s.roa
Signing time: Sun 27 Aug 2023 12:30:19 +0000
ROA not before: Sun 27 Aug 2023 12:30:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203377
IP address blocks: 194.147.216.0/24 maxlen: 24
2a0a:37c0::/48 maxlen: 48
2a0a:37c0:1::/48 maxlen: 48
2a0a:37c0:2::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:36:f9:41:7b:fb:c3:dc:e9:35:30:86:57:51:d9:72:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28fd66e43a104633b27bac539b98bdf8ebfac9ae
Validity
Not Before: Aug 27 12:30:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9988810046766e012036228428378f58487f67bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:42:55:ee:dd:c2:f6:7c:f8:87:74:3c:9c:
90:34:a5:61:18:0c:4f:5e:db:00:08:2f:8b:59:07:
10:2c:70:1a:9e:4e:13:86:e0:cb:43:b8:b0:18:a3:
db:e0:07:d6:65:87:37:5a:7d:05:8a:c7:b3:5b:1d:
3d:2c:26:12:e0:c0:7e:46:47:94:df:7c:4b:27:61:
99:31:50:c2:c8:81:29:f1:67:bb:5b:a8:90:14:af:
5f:2a:c9:c2:4a:39:6f:f0:3d:cc:bc:d4:14:bb:53:
7c:7b:04:fd:c8:36:a4:f3:0a:2a:ee:6e:f4:56:aa:
6d:69:c9:b2:13:67:f3:43:ea:d0:6d:0d:2e:48:cb:
fc:89:ca:da:80:bb:ee:8f:87:2e:ff:1d:e5:8e:4f:
29:93:8d:31:41:be:0e:86:03:3e:1b:64:50:8f:23:
60:ec:bc:35:0a:ab:ad:62:60:74:44:25:84:98:d2:
f2:10:e8:ed:86:69:e0:bb:7b:a9:73:9d:ed:ca:10:
9e:c2:4d:a1:db:c0:dd:b7:c9:d0:28:d7:ea:04:cb:
af:4c:c2:11:f5:1f:01:1f:6f:65:5b:bf:c7:5e:46:
e5:d7:f4:43:aa:03:4d:52:95:53:f6:f5:67:a1:99:
44:0b:aa:87:e3:89:26:f2:83:ba:8f:f3:f6:7c:30:
38:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:88:81:00:46:76:6E:01:20:36:22:84:28:37:8F:58:48:7F:67:BB
X509v3 Authority Key Identifier:
keyid:28:FD:66:E4:3A:10:46:33:B2:7B:AC:53:9B:98:BD:F8:EB:FA:C9:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KP1m5DoQRjOye6xTm5i9-Ov6ya4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/mYiBAEZ2bgEgNiKEKDePWEh_Z7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/8ed3b7-bb2d-4f4d-9db6-267669f35648/1/KP1m5DoQRjOye6xTm5i9-Ov6ya4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.216.0/24
IPv6:
2a0a:37c0::-2a0a:37c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a9:1a:66:22:c9:84:99:89:88:5b:f2:ee:fe:cb:45:b3:15:5c:
bd:58:c8:98:1c:4d:28:f8:72:40:aa:a1:bd:47:71:19:f3:d5:
7a:de:96:52:02:7f:9f:9a:02:1d:d9:c0:d1:65:64:a2:bd:19:
bb:c1:2a:dc:cd:fe:4b:6f:5c:31:ea:8f:48:40:7b:cb:4e:13:
ce:26:32:f4:63:8b:70:60:73:ba:8c:53:d5:b2:42:67:fc:1b:
74:e2:3c:c4:6e:1f:a9:ee:5c:3e:94:d3:c1:4c:95:6c:e6:dd:
e8:18:c4:f3:33:ad:6a:31:e7:6e:8b:2c:99:fa:cf:f6:5e:f0:
bf:bf:b3:1f:97:22:39:e9:74:9e:f0:69:d6:33:cf:ad:77:71:
8d:65:e2:ac:39:ed:1b:8d:86:9d:69:ed:d6:dd:43:05:c3:b5:
f8:dc:a1:44:64:73:ff:d5:1f:28:fa:a3:51:d1:74:d8:d3:5e:
3e:36:fd:30:88:6c:3e:32:29:ae:a5:c7:f5:1a:3a:fa:72:c3:
46:e7:63:c8:b7:f4:48:14:5b:03:ff:a7:04:48:ab:3a:52:c0:
b9:dd:43:a6:fa:20:89:e7:8d:82:b5:2e:90:25:96:71:8d:ef:
24:c4:77:fc:db:67:df:2a:9d:39:a8:ca:e7:c6:17:f8:10:8b:
27:51:e8:2b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYo2+UF7+8Pc6TUwhldR2XJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4ZmQ2NmU0M2ExMDQ2MzNiMjdiYWM1MzliOThiZGY4ZWJm
YWM5YWUwHhcNMjMwODI3MTIzMDE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTg4ODEwMDQ2NzY2ZTAxMjAzNjIyODQyODM3OGY1ODQ4N2Y2N2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7pCVe7dwvZ8+Id0PJyQNKVhGAxP
XtsACC+LWQcQLHAank4ThuDLQ7iwGKPb4AfWZYc3Wn0FisezWx09LCYS4MB+RkeU
33xLJ2GZMVDCyIEp8We7W6iQFK9fKsnCSjlv8D3MvNQUu1N8ewT9yDak8woq7m70
VqptacmyE2fzQ+rQbQ0uSMv8icragLvuj4cu/x3ljk8pk40xQb4OhgM+G2RQjyNg
7Lw1CqutYmB0RCWEmNLyEOjthmngu3upc53tyhCewk2h28Ddt8nQKNfqBMuvTMIR
9R8BH29lW7/HXkbl1/RDqgNNUpVT9vVnoZlEC6qH44km8oO6j/P2fDA4IQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJmIgQBGdm4BIDYihCg3j1hIf2e7MB8GA1UdIwQY
MBaAFCj9ZuQ6EEYzsnusU5uYvfjr+smuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYt
MjY3NjY5ZjM1NjQ4LzEvbVlpQkFFWjJiZ0VnTmlLRUtEZVBXRWhfWjdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi84ZWQzYjctYmIyZC00ZjRkLTlkYjYtMjY3NjY5ZjM1NjQ4
LzEvS1AxbTVEb1FSak95ZTZ4VG01aTktT3Y2eWE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwpPYMBgE
AgACMBIwEAMFBioKN8ADBwAqCjfAAAIwDQYJKoZIhvcNAQELBQADggEBAKkaZiLJ
hJmJiFvy7v7LRbMVXL1YyJgcTSj4ckCqob1HcRnz1XrellICf5+aAh3ZwNFlZKK9
GbvBKtzN/ktvXDHqj0hAe8tOE84mMvRji3Bgc7qMU9WyQmf8G3TiPMRuH6nuXD6U
08FMlWzm3egYxPMzrWox526LLJn6z/Ze8L+/sx+XIjnpdJ7wadYzz613cY1l4qw5
7RuNhp1p7dbdQwXDtfjcoURkc//VHyj6o1HRdNjTXj42/TCIbD4yKa6lx/UaOvpy
w0bnY8i39EgUWwP/pwRIqzpSwLndQ6b6IInnjYK1LpAllnGN7yTEd/zbZ98qnTmo
yufGF/gQiydR6Cs=
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:15:37 2024 by rpki-client on console-ams.rpki-client.org