Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/3MqG6fjQ5Fb32WWdpCqGxa6PHew.roa
File: 3MqG6fjQ5Fb32WWdpCqGxa6PHew.roa (raw, json)
Hash identifier: fBjNbnBMHudZbMxeoxURex2QvqXL/s/msgJ+MFwzOcE=
Subject key identifier: DC:CA:86:E9:F8:D0:E4:56:F7:D9:65:9D:A4:2A:86:C5:AE:8F:1D:EC
Certificate issuer: /CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Certificate serial: 0188072732AEA396728411E576B9E322BBF9
Authority key identifier: EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/3MqG6fjQ5Fb32WWdpCqGxa6PHew.roa
Signing time: Wed 10 May 2023 19:33:09 +0000
ROA not before: Wed 10 May 2023 19:33:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209854
IP address blocks: 185.218.221.0/24 maxlen: 24
185.218.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:07:27:32:ae:a3:96:72:84:11:e5:76:b9:e3:22:bb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eba8db3b54d081c30bf51bdc7b19e4f6480b7f53
Validity
Not Before: May 10 19:33:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dcca86e9f8d0e456f7d9659da42a86c5ae8f1dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:63:20:b7:29:da:e8:f7:b9:14:c2:f4:fd:82:
25:2b:1e:c1:4a:83:cd:2e:a3:04:48:ab:eb:15:74:
05:cd:cb:ed:b4:d3:6a:73:84:f3:86:d1:f8:aa:e0:
40:0e:f5:00:29:64:a8:2d:92:4f:c9:1c:60:de:eb:
25:2d:5c:26:ef:d3:9c:a7:1a:49:92:95:00:23:a3:
1b:8b:f1:38:6f:1a:35:26:cf:5d:44:88:41:2b:27:
b5:ea:8e:5e:0a:aa:c8:df:5f:3a:22:d0:c1:fa:06:
c2:48:d0:32:63:65:0a:e8:8f:b7:23:04:a0:59:26:
ec:ca:ed:bf:e9:b4:b0:71:26:0d:76:22:c8:23:73:
33:cc:8a:62:57:82:2a:2d:33:6e:3e:fe:5d:89:32:
01:97:b6:78:64:17:ec:a6:32:27:7a:75:62:db:67:
d2:f4:7a:6d:b8:88:b0:34:9f:5d:8e:96:b0:aa:86:
e5:2b:36:20:1d:fa:11:7c:5c:21:f0:26:e6:be:59:
f0:3e:f2:bd:eb:65:23:d2:42:e9:8a:49:49:1c:9e:
30:17:59:eb:2e:18:1f:93:6a:74:68:f7:d5:97:76:
87:5d:2a:26:35:08:15:ad:4b:d9:14:3c:da:62:d1:
09:32:be:02:a9:2c:bd:6f:b7:bd:72:22:d2:3c:c1:
2a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CA:86:E9:F8:D0:E4:56:F7:D9:65:9D:A4:2A:86:C5:AE:8F:1D:EC
X509v3 Authority Key Identifier:
keyid:EB:A8:DB:3B:54:D0:81:C3:0B:F5:1B:DC:7B:19:E4:F6:48:0B:7F:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/66jbO1TQgcML9Rvcexnk9kgLf1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/3MqG6fjQ5Fb32WWdpCqGxa6PHew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/6ccf03-090d-416e-86cf-e9dc3f1cf824/1/66jbO1TQgcML9Rvcexnk9kgLf1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.220.0/23
Signature Algorithm: sha256WithRSAEncryption
50:4c:97:0e:c4:73:79:67:73:e9:05:0b:dc:8c:1d:51:78:4e:
8c:6a:19:b3:9e:57:31:bc:9c:f8:4e:f2:62:30:83:05:d0:e9:
15:ba:24:3f:62:75:da:58:81:87:40:70:1a:ed:83:c6:1f:91:
6a:31:e9:47:a4:a7:51:6d:7f:82:79:10:7a:e6:bf:ec:9d:8e:
a5:66:ac:12:db:fd:fb:b0:44:43:3e:3c:36:9f:90:26:b9:15:
5d:25:bc:09:a0:9e:dd:69:ed:cf:7c:f6:ee:13:9d:a6:85:30:
58:eb:35:e7:5a:78:4f:37:a0:53:ff:8f:b7:32:a7:a6:23:68:
a6:1e:d5:58:32:3e:72:af:79:ba:0a:49:a8:de:c2:fa:89:4b:
ac:e5:62:e9:b2:b5:b6:87:5f:d8:91:f4:1f:64:31:23:6b:ca:
15:ad:b3:3a:07:1a:dc:ab:dc:29:b5:e6:87:c2:43:65:90:ec:
18:2d:49:f9:cc:79:4d:6d:12:c4:1b:f2:89:88:99:92:35:8a:
8d:e3:c0:73:40:cb:25:56:0e:2b:35:01:81:e0:e2:a1:90:a5:
87:78:76:57:f2:5d:00:a1:b6:e6:ff:2d:72:84:1b:44:99:3a:
73:48:dc:02:79:ee:be:cf:ae:cd:cc:d6:d5:9a:9e:db:81:74:
33:32:b8:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgHJzKuo5ZyhBHldrnjIrv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYThkYjNiNTRkMDgxYzMwYmY1MWJkYzdiMTllNGY2NDgw
YjdmNTMwHhcNMjMwNTEwMTkzMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NhODZlOWY4ZDBlNDU2ZjdkOTY1OWRhNDJhODZjNWFlOGYxZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWMgtyna6Pe5FML0/YIlKx7BSoPN
LqMESKvrFXQFzcvttNNqc4TzhtH4quBADvUAKWSoLZJPyRxg3uslLVwm79OcpxpJ
kpUAI6Mbi/E4bxo1Js9dRIhBKye16o5eCqrI3186ItDB+gbCSNAyY2UK6I+3IwSg
WSbsyu2/6bSwcSYNdiLII3MzzIpiV4IqLTNuPv5diTIBl7Z4ZBfspjInenVi22fS
9HptuIiwNJ9djpawqoblKzYgHfoRfFwh8CbmvlnwPvK962Uj0kLpiklJHJ4wF1nr
Lhgfk2p0aPfVl3aHXSomNQgVrUvZFDzaYtEJMr4CqSy9b7e9ciLSPMEqAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzKhun40ORW99llnaQqhsWujx3sMB8GA1UdIwQY
MBaAFOuo2ztU0IHDC/Ub3HsZ5PZIC39TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2Yt
ZTlkYzNmMWNmODI0LzEvM01xRzZmalE1RmIzMldXZHBDcUd4YTZQSGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi82Y2NmMDMtMDkwZC00MTZlLTg2Y2YtZTlkYzNmMWNmODI0
LzEvNjZqYk8xVFFnY01MOVJ2Y2V4bms5a2dMZjFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudrcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQTJcOxHN5Z3PpBQvcjB1ReE6MahmznlcxvJz4TvJi
MIMF0OkVuiQ/YnXaWIGHQHAa7YPGH5FqMelHpKdRbX+CeRB65r/snY6lZqwS2/37
sERDPjw2n5AmuRVdJbwJoJ7dae3PfPbuE52mhTBY6zXnWnhPN6BT/4+3MqemI2im
HtVYMj5yr3m6Ckmo3sL6iUus5WLpsrW2h1/YkfQfZDEja8oVrbM6Bxrcq9wpteaH
wkNlkOwYLUn5zHlNbRLEG/KJiJmSNYqN48BzQMslVg4rNQGB4OKhkKWHeHZX8l0A
obbm/y1yhBtEmTpzSNwCee6+z67NzNbVmp7bgXQzMrjt
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:00:15 2024 by rpki-client on console-ams.rpki-client.org