Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/4a273c-f053-41f8-8715-3c0b9254a6f8/1/mhqaCDoGFKZqHqRUx3qJDqQ4ztM.roa
File: mhqaCDoGFKZqHqRUx3qJDqQ4ztM.roa (raw, json)
Hash identifier: TrkbOSU061Ek/wOpIlkQKeuG48royaI6W1BQ4fIVo+M=
Subject key identifier: 9A:1A:9A:08:3A:06:14:A6:6A:1E:A4:54:C7:7A:89:0E:A4:38:CE:D3
Certificate issuer: /CN=089fcf2ab6e6dbc1634ee591fc1b74a41de3ea5f
Certificate serial: 018570B06992304E52136FEA4F5690DD514C
Authority key identifier: 08:9F:CF:2A:B6:E6:DB:C1:63:4E:E5:91:FC:1B:74:A4:1D:E3:EA:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJ_PKrbm28FjTuWR_Bt0pB3j6l8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/4a273c-f053-41f8-8715-3c0b9254a6f8/1/mhqaCDoGFKZqHqRUx3qJDqQ4ztM.roa
Signing time: Mon 02 Jan 2023 04:14:47 +0000
ROA not before: Mon 02 Jan 2023 04:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205494
IP address blocks: 185.212.228.0/22 maxlen: 22
2a0b:7dc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:69:92:30:4e:52:13:6f:ea:4f:56:90:dd:51:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089fcf2ab6e6dbc1634ee591fc1b74a41de3ea5f
Validity
Not Before: Jan 2 04:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1a9a083a0614a66a1ea454c77a890ea438ced3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ca:c8:cc:a5:46:f4:3c:02:78:32:0f:f5:d0:
83:82:39:eb:5f:41:d7:82:ad:e4:77:49:48:b6:c0:
45:a5:90:b4:ad:a8:54:fe:44:47:93:9a:42:b4:21:
4d:1f:b9:a1:43:fa:cf:9e:c6:01:db:1c:c5:41:2f:
1b:59:5b:39:fe:8f:ae:72:cc:69:08:3b:aa:02:54:
a6:9e:e6:ea:30:d8:bc:88:cd:55:4f:df:f4:01:42:
ba:e4:4c:88:6b:16:3f:3c:d3:cf:92:84:70:22:db:
bd:ca:c3:db:35:29:98:05:64:37:ba:e3:1b:f7:c5:
a2:ef:05:09:44:34:0e:4e:94:2c:82:ea:ff:47:49:
28:72:4f:2c:b8:6b:e4:79:32:c2:94:a1:b8:4e:5e:
68:ea:34:77:29:c8:9a:96:d1:2f:b1:5d:d5:d9:79:
2e:e8:3b:d7:f3:f5:16:e7:88:cf:16:f8:b8:b5:21:
11:7c:5f:61:06:28:33:4a:44:a0:a6:24:96:b5:48:
7f:f2:e0:cb:25:4b:82:46:2d:cf:a4:07:7f:09:90:
0e:c9:ab:bc:16:d0:ef:4f:6e:9f:71:7e:c7:2c:7f:
29:3c:86:b2:ab:75:fa:66:e7:8b:79:5f:b7:e2:a6:
3b:f3:c9:4d:bb:3f:3a:c7:5d:10:62:d2:c8:5e:de:
7f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:9A:08:3A:06:14:A6:6A:1E:A4:54:C7:7A:89:0E:A4:38:CE:D3
X509v3 Authority Key Identifier:
keyid:08:9F:CF:2A:B6:E6:DB:C1:63:4E:E5:91:FC:1B:74:A4:1D:E3:EA:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJ_PKrbm28FjTuWR_Bt0pB3j6l8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a273c-f053-41f8-8715-3c0b9254a6f8/1/mhqaCDoGFKZqHqRUx3qJDqQ4ztM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/4a273c-f053-41f8-8715-3c0b9254a6f8/1/CJ_PKrbm28FjTuWR_Bt0pB3j6l8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.228.0/22
IPv6:
2a0b:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:dc:94:a2:76:9f:bf:28:ca:ea:be:10:ee:cc:84:a2:71:1d:
11:df:3a:77:1d:19:e9:f6:88:31:75:05:be:b8:86:4a:f5:ef:
63:fc:5e:6a:df:80:c4:84:3e:58:5b:16:d7:9b:65:f1:4a:ee:
89:da:33:98:39:95:9f:24:7b:16:c9:82:55:58:af:1b:fb:6e:
05:7d:1c:d8:18:3a:56:84:48:4a:f6:30:c6:c7:4c:42:b7:1c:
97:90:0e:c8:1d:4b:9a:d7:c1:e6:7e:3d:d5:56:5d:aa:63:b8:
16:93:a5:50:68:60:4b:56:67:e1:9c:2d:31:8e:cd:e4:fd:9b:
61:e2:8b:56:b2:c1:ee:bc:9c:76:a8:c2:61:aa:a9:45:a8:d9:
9f:1f:ec:ad:22:14:5d:c4:e3:71:dc:46:44:8f:88:ea:e7:55:
83:8a:73:45:ff:f0:1c:ee:e3:65:f7:8a:ed:02:4c:d7:ec:45:
6c:2d:a4:e0:bb:fc:e7:22:ca:03:fd:a5:0f:06:22:02:9b:92:
cf:e6:0a:7e:a9:9f:e8:68:09:16:fd:d5:62:1b:57:b4:7b:d1:
3f:48:c0:75:d4:bd:63:15:69:2e:8c:4e:7e:0b:d9:4d:4c:1b:
12:6b:8c:b1:68:22:68:1c:00:be:d5:78:4e:dc:68:89:d3:2f:
cf:8d:bc:61
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsGmSME5SE2/qT1aQ3VFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWZjZjJhYjZlNmRiYzE2MzRlZTU5MWZjMWI3NGE0MWRl
M2VhNWYwHhcNMjMwMTAyMDQxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFhOWEwODNhMDYxNGE2NmExZWE0NTRjNzdhODkwZWE0MzhjZWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksrIzKVG9DwCeDIP9dCDgjnrX0HX
gq3kd0lItsBFpZC0rahU/kRHk5pCtCFNH7mhQ/rPnsYB2xzFQS8bWVs5/o+ucsxp
CDuqAlSmnubqMNi8iM1VT9/0AUK65EyIaxY/PNPPkoRwItu9ysPbNSmYBWQ3uuMb
98Wi7wUJRDQOTpQsgur/R0kock8suGvkeTLClKG4Tl5o6jR3KcialtEvsV3V2Xku
6DvX8/UW54jPFvi4tSERfF9hBigzSkSgpiSWtUh/8uDLJUuCRi3PpAd/CZAOyau8
FtDvT26fcX7HLH8pPIayq3X6ZueLeV+34qY788lNuz86x10QYtLIXt5/AwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJoamgg6BhSmah6kVMd6iQ6kOM7TMB8GA1UdIwQY
MBaAFAifzyq25tvBY07lkfwbdKQd4+pfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pfUEtyYm0yOEZqVHVXUl9CdDBwQjNqNmw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi80YTI3M2MtZjA1My00MWY4LTg3MTUt
M2MwYjkyNTRhNmY4LzEvbWhxYUNEb0dGS1pxSHFSVXgzcUpEcVE0enRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi80YTI3M2MtZjA1My00MWY4LTg3MTUtM2MwYjkyNTRhNmY4
LzEvQ0pfUEtyYm0yOEZqVHVXUl9CdDBwQjNqNmw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudTkMA0E
AgACMAcDBQAqC33AMA0GCSqGSIb3DQEBCwUAA4IBAQAM3JSidp+/KMrqvhDuzISi
cR0R3zp3HRnp9ogxdQW+uIZK9e9j/F5q34DEhD5YWxbXm2XxSu6J2jOYOZWfJHsW
yYJVWK8b+24FfRzYGDpWhEhK9jDGx0xCtxyXkA7IHUua18Hmfj3VVl2qY7gWk6VQ
aGBLVmfhnC0xjs3k/Zth4otWssHuvJx2qMJhqqlFqNmfH+ytIhRdxONx3EZEj4jq
51WDinNF//Ac7uNl94rtAkzX7EVsLaTgu/znIsoD/aUPBiICm5LP5gp+qZ/oaAkW
/dViG1e0e9E/SMB11L1jFWkujE5+C9lNTBsSa4yxaCJoHAC+1XhO3GiJ0y/Pjbxh
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:39 2024 by rpki-client on console-fra.rpki-client.org