Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/mK8XRj9lsmw8N2XegsDzWw3BMwU.roa
File: mK8XRj9lsmw8N2XegsDzWw3BMwU.roa (raw, json)
Hash identifier: CNQDCwkCOYEtxxMFH8qe2yxqT0m/YQE4xF9iHma0KI8=
Subject key identifier: 98:AF:17:46:3F:65:B2:6C:3C:37:65:DE:82:C0:F3:5B:0D:C1:33:05
Certificate issuer: /CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Certificate serial: 018CC5DC266BAD5C157E078CA81446C225FC
Authority key identifier: CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/mK8XRj9lsmw8N2XegsDzWw3BMwU.roa
Signing time: Mon 01 Jan 2024 16:29:48 +0000
ROA not before: Mon 01 Jan 2024 16:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 185.136.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Apr 2024 20:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:26:6b:ad:5c:15:7e:07:8c:a8:14:46:c2:25:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf44942a29fac612cd44f83ad317a1c0f5b8eea
Validity
Not Before: Jan 1 16:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98af17463f65b26c3c3765de82c0f35b0dc13305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:92:6e:09:d0:8b:7b:c4:0a:82:72:3b:31:97:
ba:5a:aa:77:48:1b:6b:5a:55:11:27:ed:f2:0d:60:
a8:0d:8a:57:03:80:5b:92:fc:6f:fa:f3:72:1a:ff:
a3:61:9e:e1:97:b9:52:71:0d:15:b5:c0:7d:66:b2:
4c:75:36:34:13:2f:0b:4d:f3:9b:5b:af:d9:b3:e9:
f2:59:87:7a:ea:b6:e6:a7:f5:27:55:94:21:1e:00:
9e:37:5b:d3:fb:5c:b1:99:1c:ee:2a:35:be:61:ce:
54:50:57:1f:ff:6c:6f:8f:02:43:52:95:c2:20:cc:
d5:d9:47:70:bb:0b:45:c4:6b:1f:cb:4e:87:14:62:
e8:fd:6c:1e:ec:90:8d:01:56:64:f6:82:c3:01:ff:
08:28:19:5d:6d:97:c1:8e:0a:0c:8a:6a:c3:2b:85:
4b:90:89:c8:a6:76:2a:d8:6b:8a:a4:d5:38:b7:42:
a2:1c:2d:fc:10:ca:f9:82:48:57:ea:cf:7f:bf:73:
e6:de:cb:8c:69:2a:4c:f9:01:63:96:6c:3c:fa:9e:
d0:dc:39:c4:db:88:73:2d:c0:c3:e7:c6:d1:66:c3:
b1:60:3f:2d:32:56:26:ce:d3:24:ce:59:2a:ac:08:
e5:73:1d:cd:dd:f0:da:0e:5b:bc:38:67:c1:7d:2f:
f4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AF:17:46:3F:65:B2:6C:3C:37:65:DE:82:C0:F3:5B:0D:C1:33:05
X509v3 Authority Key Identifier:
keyid:CA:F4:49:42:A2:9F:AC:61:2C:D4:4F:83:AD:31:7A:1C:0F:5B:8E:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvRJQqKfrGEs1E-DrTF6HA9bjuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/mK8XRj9lsmw8N2XegsDzWw3BMwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/02cb5f-c669-4fb0-92e5-4836bad61ba2/1/yvRJQqKfrGEs1E-DrTF6HA9bjuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.136.135.0/24
Signature Algorithm: sha256WithRSAEncryption
28:3b:16:b6:f0:2d:0f:39:29:14:89:31:eb:0e:b9:78:27:f4:
01:f2:eb:e5:c0:46:ab:a9:61:f2:2a:88:d8:d9:47:77:d1:87:
c3:05:4b:77:f5:2f:7b:34:41:30:45:c1:de:9a:cb:1a:1b:65:
50:ef:4c:04:d0:d7:3f:47:e5:ca:4f:32:b7:f4:13:fd:fe:b7:
68:0d:29:5f:f9:00:dd:ca:29:cb:5e:70:1e:38:57:82:37:60:
26:61:76:f0:31:9d:59:13:36:ce:1d:8b:9e:b8:18:08:1e:0b:
c7:fa:a1:8f:ca:c4:a5:cf:f3:ff:b5:c6:88:53:15:49:40:22:
5b:1b:43:25:34:aa:d1:7b:10:b4:82:a7:89:9b:e3:09:24:eb:
3b:57:6f:d9:e6:af:51:d5:e7:98:45:0a:60:c0:db:26:a8:ef:
ec:07:8d:ee:88:c3:64:f9:60:6d:5e:48:74:7e:6e:09:03:a3:
fe:ca:bb:51:10:8d:79:38:90:12:6f:ed:a8:6a:a1:87:d7:55:
8c:91:49:16:c3:e6:44:ff:d7:f8:74:51:0c:e2:80:b6:07:55:
10:4a:41:3a:29:6c:0b:bb:4b:f5:14:55:a2:a7:d4:81:b4:0e:
1b:d5:f1:20:a1:0e:c5:23:39:7f:ba:a4:6d:f1:c2:d4:f7:4c:
24:c8:c1:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3CZrrVwVfgeMqBRGwiX8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjQ0OTQyYTI5ZmFjNjEyY2Q0NGY4M2FkMzE3YTFjMGY1
YjhlZWEwHhcNMjQwMTAxMTYyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFmMTc0NjNmNjViMjZjM2MzNzY1ZGU4MmMwZjM1YjBkYzEzMzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZJuCdCLe8QKgnI7MZe6Wqp3SBtr
WlURJ+3yDWCoDYpXA4Bbkvxv+vNyGv+jYZ7hl7lScQ0VtcB9ZrJMdTY0Ey8LTfOb
W6/Zs+nyWYd66rbmp/UnVZQhHgCeN1vT+1yxmRzuKjW+Yc5UUFcf/2xvjwJDUpXC
IMzV2UdwuwtFxGsfy06HFGLo/Wwe7JCNAVZk9oLDAf8IKBldbZfBjgoMimrDK4VL
kInIpnYq2GuKpNU4t0KiHC38EMr5gkhX6s9/v3Pm3suMaSpM+QFjlmw8+p7Q3DnE
24hzLcDD58bRZsOxYD8tMlYmztMkzlkqrAjlcx3N3fDaDlu8OGfBfS/03wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJivF0Y/ZbJsPDdl3oLA81sNwTMFMB8GA1UdIwQY
MBaAFMr0SUKin6xhLNRPg60xehwPW47qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUt
NDgzNmJhZDYxYmEyLzEvbUs4WFJqOWxzbXc4TjJYZWdzRHpXdzNCTXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wMmNiNWYtYzY2OS00ZmIwLTkyZTUtNDgzNmJhZDYxYmEy
LzEveXZSSlFxS2ZyR0VzMUUtRHJURjZIQTlianVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYiHMA0G
CSqGSIb3DQEBCwUAA4IBAQAoOxa28C0POSkUiTHrDrl4J/QB8uvlwEarqWHyKojY
2Ud30YfDBUt39S97NEEwRcHemssaG2VQ70wE0Nc/R+XKTzK39BP9/rdoDSlf+QDd
yinLXnAeOFeCN2AmYXbwMZ1ZEzbOHYueuBgIHgvH+qGPysSlz/P/tcaIUxVJQCJb
G0MlNKrRexC0gqeJm+MJJOs7V2/Z5q9R1eeYRQpgwNsmqO/sB43uiMNk+WBtXkh0
fm4JA6P+yrtREI15OJASb+2oaqGH11WMkUkWw+ZE/9f4dFEM4oC2B1UQSkE6KWwL
u0v1FFWip9SBtA4b1fEgoQ7FIzl/uqRt8cLU90wkyMEO
Generated at Sun Apr 28 20:50:51 2024 by rpki-client on console-ams.rpki-client.org