Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/17e82a-0e0c-426b-a170-75fea6a70eb7/1/misbzEGHsggHCXv73brhSfbSHBA.roa
File: misbzEGHsggHCXv73brhSfbSHBA.roa (raw, json)
Hash identifier: GPnXRfTSuPS3/BhE3yK/uWd8UAD5Z4PECoMUKi0wDPg=
Subject key identifier: 9A:2B:1B:CC:41:87:B2:08:07:09:7B:FB:DD:BA:E1:49:F6:D2:1C:10
Certificate issuer: /CN=aa060a63da29d7f95617a6ffbb4f51cccbc78651
Certificate serial: 0185738FC2FE5257A1CB5019898F748A8375
Authority key identifier: AA:06:0A:63:DA:29:D7:F9:56:17:A6:FF:BB:4F:51:CC:CB:C7:86:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qgYKY9op1_lWF6b_u09RzMvHhlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/17e82a-0e0c-426b-a170-75fea6a70eb7/1/misbzEGHsggHCXv73brhSfbSHBA.roa
Signing time: Mon 02 Jan 2023 17:37:59 +0000
ROA not before: Mon 02 Jan 2023 17:37:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204094
IP address blocks: 185.113.141.0/24 maxlen: 24
185.113.143.0/24 maxlen: 24
185.113.140.0/24 maxlen: 24
185.113.142.0/24 maxlen: 24
185.231.233.0/24 maxlen: 24
2a03::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:c2:fe:52:57:a1:cb:50:19:89:8f:74:8a:83:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa060a63da29d7f95617a6ffbb4f51cccbc78651
Validity
Not Before: Jan 2 17:37:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a2b1bcc4187b20807097bfbddbae149f6d21c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6c:ce:42:a2:2a:fc:f6:a4:df:4b:a6:8d:a9:
d6:c3:99:68:59:b1:7d:eb:e4:86:a2:65:84:89:d1:
75:c3:e6:23:a0:da:4e:b4:20:cb:c6:76:be:fc:8c:
07:16:c7:d2:79:1c:99:f3:87:a1:6b:1d:2e:55:7c:
f7:fc:96:c1:87:a5:f5:56:17:d2:c9:5c:44:9a:d4:
75:7f:44:06:b6:70:f9:f3:ca:8f:a9:60:40:16:41:
16:f0:9b:04:60:c8:8f:a9:bf:b9:9c:4e:9f:b0:fb:
1f:96:a8:0a:a9:4b:56:76:07:d6:1c:67:f6:99:db:
98:cc:45:9f:45:6a:90:55:02:80:fb:e3:e0:3e:c2:
90:69:54:50:2a:14:aa:ae:0c:45:60:a9:65:33:4d:
f6:5e:25:62:4c:f1:95:0e:6b:0c:1b:d2:fd:1e:54:
ff:86:40:19:3b:14:4c:7d:11:96:5f:56:ae:ab:15:
6c:7a:f9:3f:29:88:f9:e6:2b:c9:79:91:a5:e2:5d:
46:9f:6a:b3:f1:08:26:ab:fa:51:e6:99:8e:fb:d8:
52:ae:81:f9:3d:ee:1f:85:16:20:0a:5b:28:13:1f:
c5:6b:e9:6a:4c:e7:de:6a:7c:a7:14:ec:dc:52:78:
45:02:84:11:1c:59:60:bb:60:0b:ae:eb:dd:54:bc:
9b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2B:1B:CC:41:87:B2:08:07:09:7B:FB:DD:BA:E1:49:F6:D2:1C:10
X509v3 Authority Key Identifier:
keyid:AA:06:0A:63:DA:29:D7:F9:56:17:A6:FF:BB:4F:51:CC:CB:C7:86:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qgYKY9op1_lWF6b_u09RzMvHhlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/17e82a-0e0c-426b-a170-75fea6a70eb7/1/misbzEGHsggHCXv73brhSfbSHBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/17e82a-0e0c-426b-a170-75fea6a70eb7/1/qgYKY9op1_lWF6b_u09RzMvHhlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.140.0/22
185.231.233.0/24
IPv6:
2a03::/32
Signature Algorithm: sha256WithRSAEncryption
9b:01:2a:16:a1:16:af:da:ae:52:82:9c:bb:6f:d8:36:91:a8:
f5:9b:0c:66:94:cb:d8:67:e7:f7:09:60:8a:e0:9e:bc:54:6a:
9a:c2:47:c7:94:44:7e:83:7f:a0:a9:e9:2f:20:23:3d:26:0e:
47:a4:cb:ab:02:7c:a3:d5:0f:3c:65:93:90:e2:ce:4e:7c:ff:
45:70:03:7e:93:d9:76:aa:65:da:54:d9:d4:6d:31:7c:87:91:
8b:7c:12:e2:05:c5:5d:c2:03:c4:32:9f:cc:73:c1:f4:46:c0:
06:15:1a:9c:3a:31:cd:51:a5:ca:05:34:9d:56:a1:03:1b:60:
65:ff:f5:4f:6a:43:05:c2:f0:b8:f5:e5:df:ef:3a:37:5f:c3:
5c:77:19:95:08:b8:24:79:1c:86:1a:83:86:2b:a9:85:88:14:
61:9e:3c:fa:56:78:aa:21:69:31:82:ea:24:fd:c7:be:eb:78:
f7:52:a0:a2:5a:45:6b:74:d7:e7:7e:19:bd:67:60:5f:8a:e0:
df:5c:12:64:8b:40:f4:82:c0:7c:c4:be:6d:5b:bb:55:07:59:
6f:6d:be:7f:b1:5a:b4:59:99:6f:8a:3a:9c:43:71:2f:3d:20:
60:a8:e6:d0:39:44:1a:ef:e3:78:9a:a1:a5:8a:20:d7:da:8d:
99:37:e8:9c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzj8L+Ulehy1AZiY90ioN1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMDYwYTYzZGEyOWQ3Zjk1NjE3YTZmZmJiNGY1MWNjY2Jj
Nzg2NTEwHhcNMjMwMTAyMTczNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJiMWJjYzQxODdiMjA4MDcwOTdiZmJkZGJhZTE0OWY2ZDIxYzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWzOQqIq/Pak30umjanWw5loWbF9
6+SGomWEidF1w+YjoNpOtCDLxna+/IwHFsfSeRyZ84ehax0uVXz3/JbBh6X1VhfS
yVxEmtR1f0QGtnD588qPqWBAFkEW8JsEYMiPqb+5nE6fsPsflqgKqUtWdgfWHGf2
mduYzEWfRWqQVQKA++PgPsKQaVRQKhSqrgxFYKllM032XiViTPGVDmsMG9L9HlT/
hkAZOxRMfRGWX1auqxVsevk/KYj55ivJeZGl4l1Gn2qz8Qgmq/pR5pmO+9hSroH5
Pe4fhRYgClsoEx/Fa+lqTOfeanynFOzcUnhFAoQRHFlgu2ALruvdVLybxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJorG8xBh7IIBwl7+9264Un20hwQMB8GA1UdIwQY
MBaAFKoGCmPaKdf5Vhem/7tPUczLx4ZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWdZS1k5b3AxX2xXRjZiX3UwOVJ6TXZIaGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xN2U4MmEtMGUwYy00MjZiLWExNzAt
NzVmZWE2YTcwZWI3LzEvbWlzYnpFR0hzZ2dIQ1h2NzNicmhTZmJTSEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xN2U4MmEtMGUwYy00MjZiLWExNzAtNzVmZWE2YTcwZWI3
LzEvcWdZS1k5b3AxX2xXRjZiX3UwOVJ6TXZIaGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXGMAwQA
uefpMA0EAgACMAcDBQAqAwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCbASoWoRav2q5S
gpy7b9g2kaj1mwxmlMvYZ+f3CWCK4J68VGqawkfHlER+g3+gqekvICM9Jg5HpMur
Anyj1Q88ZZOQ4s5OfP9FcAN+k9l2qmXaVNnUbTF8h5GLfBLiBcVdwgPEMp/Mc8H0
RsAGFRqcOjHNUaXKBTSdVqEDG2Bl//VPakMFwvC49eXf7zo3X8NcdxmVCLgkeRyG
GoOGK6mFiBRhnjz6VniqIWkxguok/ce+63j3UqCiWkVrdNfnfhm9Z2BfiuDfXBJk
i0D0gsB8xL5tW7tVB1lvbb5/sVq0WZlvijqcQ3EvPSBgqObQOUQa7+N4mqGliiDX
2o2ZN+ic
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:15:59 2024 by rpki-client on console-ams.rpki-client.org