Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/35f43b-087c-490b-9c03-1857e4268fbf/1/mKoPvHZJt04g7rtg6vy-hVH5KRk.roa
File: mKoPvHZJt04g7rtg6vy-hVH5KRk.roa (raw, json)
Hash identifier: ScLsPy4HuEUQHCxrfq3xCdomte/f4HTu51O7hNFcGCw=
Subject key identifier: 98:AA:0F:BC:76:49:B7:4E:20:EE:BB:60:EA:FC:BE:85:51:F9:29:19
Certificate issuer: /CN=e8b65f1d5e970e6082d2cfd6f99ef9c8174a1440
Certificate serial: 01856F2FEEDBB3FD22892F5646347DAF19D2
Authority key identifier: E8:B6:5F:1D:5E:97:0E:60:82:D2:CF:D6:F9:9E:F9:C8:17:4A:14:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LZfHV6XDmCC0s_W-Z75yBdKFEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/35f43b-087c-490b-9c03-1857e4268fbf/1/mKoPvHZJt04g7rtg6vy-hVH5KRk.roa
Signing time: Sun 01 Jan 2023 21:14:50 +0000
ROA not before: Sun 01 Jan 2023 21:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204731
IP address blocks: 185.241.224.0/22 maxlen: 23
2a0c:b381::/32 maxlen: 40
2a0c:b380::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:ee:db:b3:fd:22:89:2f:56:46:34:7d:af:19:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b65f1d5e970e6082d2cfd6f99ef9c8174a1440
Validity
Not Before: Jan 1 21:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98aa0fbc7649b74e20eebb60eafcbe8551f92919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:16:d4:fe:1d:22:8c:74:c2:a8:ca:7c:c5:be:
b8:00:86:cf:56:b5:9a:a2:13:3f:bb:82:71:ff:3e:
ed:c1:e2:cb:cc:f1:0d:44:5a:6e:9b:ba:40:56:1d:
33:dc:c6:a9:04:04:7a:5e:9a:15:5e:26:38:d9:b5:
ca:64:ab:b0:8f:04:21:3e:83:b9:8e:d4:c2:5a:c0:
73:58:ab:8d:3d:2a:4b:b9:ea:5f:6d:b1:0a:e6:db:
a8:97:83:62:d7:14:ff:e2:df:8e:14:e2:03:d6:62:
69:d0:de:75:d9:67:ff:1a:32:a8:95:ad:fd:3d:fc:
4d:dc:8e:1c:8f:bc:b7:39:af:e0:ad:77:ed:c7:38:
c1:e6:4b:41:bf:82:c5:d5:49:e1:d4:1b:1b:2d:ad:
5a:37:ff:ff:0c:23:61:14:46:15:44:3e:28:75:ff:
ca:b7:7a:d7:b3:46:bf:db:a6:e7:da:02:c2:86:8f:
4d:e7:6e:97:cf:e7:75:db:de:fa:15:45:fd:67:96:
c1:0c:9b:6f:8e:02:86:b0:d0:fc:f4:6d:14:26:88:
45:1a:b8:a4:96:0b:73:1e:6f:54:37:18:43:9d:bc:
d9:75:2d:a4:32:71:09:d1:cb:8d:e7:2a:6a:db:bb:
b5:bb:bf:2c:d6:2f:da:0d:d3:c7:eb:fd:bd:c6:ad:
35:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AA:0F:BC:76:49:B7:4E:20:EE:BB:60:EA:FC:BE:85:51:F9:29:19
X509v3 Authority Key Identifier:
keyid:E8:B6:5F:1D:5E:97:0E:60:82:D2:CF:D6:F9:9E:F9:C8:17:4A:14:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LZfHV6XDmCC0s_W-Z75yBdKFEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/35f43b-087c-490b-9c03-1857e4268fbf/1/mKoPvHZJt04g7rtg6vy-hVH5KRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/35f43b-087c-490b-9c03-1857e4268fbf/1/6LZfHV6XDmCC0s_W-Z75yBdKFEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.224.0/22
IPv6:
2a0c:b380::/29
Signature Algorithm: sha256WithRSAEncryption
5a:e4:34:fd:83:16:a0:2b:57:47:28:0b:64:ae:d4:03:d2:5c:
cf:1d:76:7d:db:53:69:20:04:43:9a:94:29:c5:c1:4f:51:26:
cb:77:d1:32:c5:47:e6:7d:e6:34:c2:c6:75:3e:ec:0a:c3:96:
ce:82:dd:a0:3c:b5:c9:13:83:e0:bf:2e:e2:da:88:30:67:f3:
a9:b0:e1:b6:80:ca:c0:2d:92:f9:4f:d7:c1:5f:71:6c:00:b5:
13:6d:5a:e2:1c:08:70:bd:f7:5d:df:7c:c1:0a:fb:5f:63:fe:
c0:4d:b3:b3:bf:8e:88:1a:80:95:bc:c1:0c:ac:43:58:00:b7:
6f:b4:00:6c:28:26:0b:e7:5f:2e:b7:a0:89:9c:d8:53:63:2f:
16:1a:83:13:c5:9d:3d:fe:67:44:90:2e:c9:18:73:f0:fb:77:
59:bc:eb:ca:31:3b:6e:c6:7a:42:91:23:c3:14:3c:eb:d4:f5:
f4:52:15:4a:cb:4e:b8:cc:dc:a6:70:ad:06:90:5b:da:a5:40:
cf:5e:84:e5:37:60:90:a2:96:cf:02:03:71:17:ee:0d:00:52:
e8:7f:d0:ea:72:24:6f:91:83:a8:e3:61:d1:37:d6:4d:31:81:
70:5f:33:3f:fe:b1:7d:e3:2b:7b:99:ff:4c:ea:2e:25:98:d8:
ce:5f:76:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvL+7bs/0iiS9WRjR9rxnSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjY1ZjFkNWU5NzBlNjA4MmQyY2ZkNmY5OWVmOWM4MTc0
YTE0NDAwHhcNMjMwMTAxMjExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFhMGZiYzc2NDliNzRlMjBlZWJiNjBlYWZjYmU4NTUxZjkyOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthbU/h0ijHTCqMp8xb64AIbPVrWa
ohM/u4Jx/z7tweLLzPENRFpum7pAVh0z3MapBAR6XpoVXiY42bXKZKuwjwQhPoO5
jtTCWsBzWKuNPSpLuepfbbEK5tuol4Ni1xT/4t+OFOID1mJp0N512Wf/GjKola39
PfxN3I4cj7y3Oa/grXftxzjB5ktBv4LF1Unh1BsbLa1aN///DCNhFEYVRD4odf/K
t3rXs0a/26bn2gLCho9N526Xz+d12976FUX9Z5bBDJtvjgKGsND89G0UJohFGrik
lgtzHm9UNxhDnbzZdS2kMnEJ0cuN5ypq27u1u78s1i/aDdPH6/29xq01zwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJiqD7x2SbdOIO67YOr8voVR+SkZMB8GA1UdIwQY
MBaAFOi2Xx1elw5ggtLP1vme+cgXShRAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxaZkhWNlhEbUNDMHNfVy1aNzV5QmRLRkVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zNWY0M2ItMDg3Yy00OTBiLTljMDMt
MTg1N2U0MjY4ZmJmLzEvbUtvUHZIWkp0MDRnN3J0ZzZ2eS1oVkg1S1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zNWY0M2ItMDg3Yy00OTBiLTljMDMtMTg1N2U0MjY4ZmJm
LzEvNkxaZkhWNlhEbUNDMHNfVy1aNzV5QmRLRkVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufHgMA0E
AgACMAcDBQMqDLOAMA0GCSqGSIb3DQEBCwUAA4IBAQBa5DT9gxagK1dHKAtkrtQD
0lzPHXZ921NpIARDmpQpxcFPUSbLd9EyxUfmfeY0wsZ1PuwKw5bOgt2gPLXJE4Pg
vy7i2ogwZ/OpsOG2gMrALZL5T9fBX3FsALUTbVriHAhwvfdd33zBCvtfY/7ATbOz
v46IGoCVvMEMrENYALdvtABsKCYL518ut6CJnNhTYy8WGoMTxZ09/mdEkC7JGHPw
+3dZvOvKMTtuxnpCkSPDFDzr1PX0UhVKy064zNymcK0GkFvapUDPXoTlN2CQopbP
AgNxF+4NAFLof9DqciRvkYOo42HRN9ZNMYFwXzM//rF94yt7mf9M6i4lmNjOX3bu
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:04 2024 by rpki-client on console-ams.rpki-client.org