Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/mQDZgAM1eerkVa5MOdEhiTDEkjE.roa
File: mQDZgAM1eerkVa5MOdEhiTDEkjE.roa (raw, json)
Hash identifier: XxOGFIwDuP4IopoDsEkUvJZtWerWJJZ+aTfygmzIQtM=
Subject key identifier: 99:00:D9:80:03:35:79:EA:E4:55:AE:4C:39:D1:21:89:30:C4:92:31
Certificate issuer: /CN=940b9e18eeb094d912deb595dc7aac8661b0d6c7
Certificate serial: 01856B80E37811F414CF7C1FFB045672AA03
Authority key identifier: 94:0B:9E:18:EE:B0:94:D9:12:DE:B5:95:DC:7A:AC:86:61:B0:D6:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lAueGO6wlNkS3rWV3HqshmGw1sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/mQDZgAM1eerkVa5MOdEhiTDEkjE.roa
Signing time: Sun 01 Jan 2023 04:04:46 +0000
ROA not before: Sun 01 Jan 2023 04:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208735
IP address blocks: 185.121.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:e3:78:11:f4:14:cf:7c:1f:fb:04:56:72:aa:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=940b9e18eeb094d912deb595dc7aac8661b0d6c7
Validity
Not Before: Jan 1 04:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9900d980033579eae455ae4c39d1218930c49231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:d1:6e:4b:a0:1e:7a:97:b0:76:68:82:42:bb:
c9:01:21:ee:13:60:fc:c7:8a:64:ea:69:b1:4a:3d:
61:b2:65:40:ae:b0:1e:80:cc:8a:d9:a9:7c:4d:72:
e1:8a:05:24:a0:94:ff:2d:8c:89:b4:ae:90:ff:94:
c9:18:89:d6:33:45:49:9f:9d:50:74:ae:13:92:a7:
ef:7e:2b:ed:8b:ab:82:b4:d7:39:95:eb:fc:4c:68:
4b:ed:9a:5d:ef:55:61:b9:89:2d:aa:7b:b9:68:6f:
f4:9a:07:5b:13:4b:a7:02:2a:5f:4b:af:41:32:9a:
71:f6:46:4e:05:9d:bb:90:91:bc:2f:67:40:e5:ac:
34:73:b0:1d:17:37:de:f3:d7:27:35:4e:9c:8d:c5:
c9:a8:23:18:14:6d:24:cf:28:5c:e5:e0:53:65:3a:
4a:d2:08:c5:e7:82:cc:e3:43:c9:3f:5a:23:3f:43:
f1:ee:aa:60:63:92:9d:96:f3:a3:14:3c:1b:cf:34:
85:8e:b3:50:b8:9b:2e:d9:68:7b:5d:87:5b:ad:2d:
20:a9:d2:92:9a:f9:76:dd:b2:57:65:ad:22:69:e2:
4a:70:33:0d:91:7c:fb:2a:b6:74:3f:b1:4d:f3:4c:
ee:94:37:ca:ff:cf:b6:dd:da:f9:77:43:d2:29:c2:
92:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:00:D9:80:03:35:79:EA:E4:55:AE:4C:39:D1:21:89:30:C4:92:31
X509v3 Authority Key Identifier:
keyid:94:0B:9E:18:EE:B0:94:D9:12:DE:B5:95:DC:7A:AC:86:61:B0:D6:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lAueGO6wlNkS3rWV3HqshmGw1sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/mQDZgAM1eerkVa5MOdEhiTDEkjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8a707a-5ced-4c75-ae38-56596beed1c7/1/lAueGO6wlNkS3rWV3HqshmGw1sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:64:fd:44:af:34:26:04:0b:fd:2c:b8:e1:1a:81:43:62:ac:
18:a5:09:0b:0a:b8:4c:92:37:b7:f5:f0:98:ba:44:82:0f:43:
a9:2f:d5:bf:35:e4:63:2b:f6:94:49:a3:a1:b4:e5:5c:a7:cd:
8e:75:d8:33:62:ae:da:f3:59:f1:47:3d:ed:5e:0b:34:dd:02:
5f:31:1a:b5:0b:99:9f:63:2a:3b:f1:05:67:9f:ca:8c:a7:27:
7e:d9:10:f9:9a:88:65:01:3f:f8:d0:89:9b:fd:4c:ec:a9:28:
55:30:03:a8:9f:91:dd:f5:b6:9e:2a:a8:1e:a4:b1:fa:a7:eb:
3e:ea:f7:e9:69:42:67:b2:2b:af:2f:4e:02:4c:6b:14:7e:b8:
c4:80:b9:21:87:7f:ac:86:4d:cf:22:26:9b:b3:a7:1e:c1:35:
47:d0:63:17:a2:00:ec:5c:4e:e3:bb:52:d2:16:bc:5b:31:5d:
14:4e:e0:b8:0e:a6:6f:8c:3e:82:e9:99:20:4c:6a:fd:06:22:
6d:e5:e6:b4:3e:d8:02:2b:17:e5:88:bc:57:5f:1f:e6:a6:24:
95:a5:ef:3c:1a:e8:29:f8:36:fe:94:0d:ea:52:a1:b3:06:b7:
c2:d1:03:48:81:52:8f:fd:d5:74:69:4c:5f:5c:9b:d0:39:5a:
85:9d:c3:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgON4EfQUz3wf+wRWcqoDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MGI5ZTE4ZWViMDk0ZDkxMmRlYjU5NWRjN2FhYzg2NjFi
MGQ2YzcwHhcNMjMwMTAxMDQwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTAwZDk4MDAzMzU3OWVhZTQ1NWFlNGMzOWQxMjE4OTMwYzQ5MjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4tFuS6AeepewdmiCQrvJASHuE2D8
x4pk6mmxSj1hsmVArrAegMyK2al8TXLhigUkoJT/LYyJtK6Q/5TJGInWM0VJn51Q
dK4Tkqfvfivti6uCtNc5lev8TGhL7Zpd71VhuYktqnu5aG/0mgdbE0unAipfS69B
Mppx9kZOBZ27kJG8L2dA5aw0c7AdFzfe89cnNU6cjcXJqCMYFG0kzyhc5eBTZTpK
0gjF54LM40PJP1ojP0Px7qpgY5KdlvOjFDwbzzSFjrNQuJsu2Wh7XYdbrS0gqdKS
mvl23bJXZa0iaeJKcDMNkXz7KrZ0P7FN80zulDfK/8+23dr5d0PSKcKS3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJkA2YADNXnq5FWuTDnRIYkwxJIxMB8GA1UdIwQY
MBaAFJQLnhjusJTZEt61ldx6rIZhsNbHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEF1ZUdPNndsTmtTM3JXVjNIcXNobUd3MXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84YTcwN2EtNWNlZC00Yzc1LWFlMzgt
NTY1OTZiZWVkMWM3LzEvbVFEWmdBTTFlZXJrVmE1TU9kRWhpVERFa2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC84YTcwN2EtNWNlZC00Yzc1LWFlMzgtNTY1OTZiZWVkMWM3
LzEvbEF1ZUdPNndsTmtTM3JXVjNIcXNobUd3MXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXloMA0G
CSqGSIb3DQEBCwUAA4IBAQCfZP1ErzQmBAv9LLjhGoFDYqwYpQkLCrhMkje39fCY
ukSCD0OpL9W/NeRjK/aUSaOhtOVcp82OddgzYq7a81nxRz3tXgs03QJfMRq1C5mf
Yyo78QVnn8qMpyd+2RD5mohlAT/40Imb/UzsqShVMAOon5Hd9baeKqgepLH6p+s+
6vfpaUJnsiuvL04CTGsUfrjEgLkhh3+shk3PIiabs6cewTVH0GMXogDsXE7ju1LS
FrxbMV0UTuC4DqZvjD6C6ZkgTGr9BiJt5ea0PtgCKxfliLxXXx/mpiSVpe88Gugp
+Db+lA3qUqGzBrfC0QNIgVKP/dV0aUxfXJvQOVqFncMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org