Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/mDdjaOjVWRH00Rtu0bR4z66ekFM.roa
File: mDdjaOjVWRH00Rtu0bR4z66ekFM.roa (raw, json)
Hash identifier: NGhUKLNxyy7Mw0+5VzOTYK4c+blOgs+guXmM3ztoDjE=
Subject key identifier: 98:37:63:68:E8:D5:59:11:F4:D1:1B:6E:D1:B4:78:CF:AE:9E:90:53
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 01857115184D5887E8800CA105CA73A3E605
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/mDdjaOjVWRH00Rtu0bR4z66ekFM.roa
Signing time: Mon 02 Jan 2023 06:04:45 +0000
ROA not before: Mon 02 Jan 2023 06:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:18:4d:58:87:e8:80:0c:a1:05:ca:73:a3:e6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 2 06:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98376368e8d55911f4d11b6ed1b478cfae9e9053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:84:95:02:12:a6:bb:1c:89:b2:a2:1e:cd:
8f:79:f4:b0:fc:a8:c5:a8:11:96:83:f5:8c:14:bf:
15:bd:87:07:23:df:99:ad:38:f1:f9:2a:1c:9b:af:
21:de:4b:34:d9:8e:83:36:23:8d:2f:ba:fd:5f:74:
56:43:bd:e5:cf:28:b6:b7:d3:50:96:5f:68:6d:35:
f0:8d:16:cf:f3:35:8a:0e:e3:c6:d9:a7:f0:31:1d:
c8:55:85:a7:ba:fc:f3:e4:b8:e4:d8:5b:fc:93:fa:
24:44:05:bd:cb:15:26:46:e7:49:ff:72:39:9f:52:
9e:0a:b1:61:f2:b1:c8:25:8d:6a:da:08:85:53:51:
7e:27:42:8f:59:e0:76:c4:31:4a:37:2c:f4:c1:7d:
10:1b:f1:50:af:48:fe:73:80:38:8f:76:ea:0f:cd:
90:a4:33:84:5d:e3:3e:99:ea:d1:41:e9:4d:e1:42:
de:ce:ac:f3:c8:3d:e1:05:c4:c8:9e:98:da:9e:d5:
70:70:d9:df:33:36:91:c5:22:d7:f5:18:8a:52:07:
5f:1e:3e:90:81:7f:11:da:15:35:6d:9b:32:96:c5:
ce:3f:e0:75:cf:08:a4:df:c5:cb:bd:36:be:80:a9:
48:e2:79:15:3f:34:58:72:49:b5:de:39:12:56:3d:
43:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:37:63:68:E8:D5:59:11:F4:D1:1B:6E:D1:B4:78:CF:AE:9E:90:53
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/mDdjaOjVWRH00Rtu0bR4z66ekFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:33:c8:cb:7b:7a:7a:dc:e4:c2:51:2b:d8:37:d2:53:1f:e6:
9f:ac:2b:ea:b8:ed:51:fd:05:c1:1b:29:ad:1d:81:c3:c0:8c:
b7:f5:6f:24:9e:5e:f0:a1:50:1d:f4:7e:bd:13:9d:61:5f:b7:
6d:6d:88:7b:fa:8c:5d:09:67:45:09:67:3f:fa:3e:93:4f:e1:
6c:da:44:c3:5e:1e:40:e7:97:3d:46:51:58:1d:27:d9:45:d9:
01:a5:85:1d:1e:82:e1:ec:17:40:24:4f:0e:35:7f:09:f3:4d:
f0:eb:b7:93:69:f8:07:3d:c8:37:8a:10:3d:e3:d8:e1:eb:6c:
eb:f4:85:de:6d:d1:74:22:21:db:37:5b:6e:4f:75:3e:6e:e9:
15:5c:85:44:81:45:b9:79:fc:63:6a:4c:2d:75:d0:24:c0:b8:
64:0f:75:ee:b7:54:c3:b2:54:63:da:fd:1f:41:32:08:45:de:
07:c6:63:35:15:24:47:67:99:3e:37:f8:93:86:ff:3d:7c:bf:
38:99:3f:87:28:a7:8c:53:f6:a7:0b:ec:45:65:39:2b:d0:49:
2a:00:b0:ed:fc:91:a8:11:d5:a0:97:e7:48:14:c6:2c:88:1d:
34:c8:f4:1c:db:9c:44:51:a9:bd:bb:06:9b:c3:1f:86:57:23:
03:67:22:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFRhNWIfogAyhBcpzo+YFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWFlNjQ2ZWEzNGFkMjY4OGFjYTJmZGQxYTZmMzM0MDM1
NjQ5NWUwHhcNMjMwMTAyMDYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODM3NjM2OGU4ZDU1OTExZjRkMTFiNmVkMWI0NzhjZmFlOWU5MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmByElQISprscibKiHs2PefSw/KjF
qBGWg/WMFL8VvYcHI9+ZrTjx+Socm68h3ks02Y6DNiONL7r9X3RWQ73lzyi2t9NQ
ll9obTXwjRbP8zWKDuPG2afwMR3IVYWnuvzz5Ljk2Fv8k/okRAW9yxUmRudJ/3I5
n1KeCrFh8rHIJY1q2giFU1F+J0KPWeB2xDFKNyz0wX0QG/FQr0j+c4A4j3bqD82Q
pDOEXeM+merRQelN4ULezqzzyD3hBcTInpjantVwcNnfMzaRxSLX9RiKUgdfHj6Q
gX8R2hU1bZsylsXOP+B1zwik38XLvTa+gKlI4nkVPzRYckm13jkSVj1DpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJg3Y2jo1VkR9NEbbtG0eM+unpBTMB8GA1UdIwQY
MBaAFDRa5kbqNK0miKyi/dGm8zQDVkleMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMt
ZjQ5MTIwYmVkNTFjLzEvbURkamFPalZXUkgwMFJ0dTBiUjR6NjZla0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8zY2MxMzUtZjE2Ni00MmViLTgyMDMtZjQ5MTIwYmVkNTFj
LzEvTkZybVJ1bzByU2FJcktMOTBhYnpOQU5XU1Y0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXisMA0G
CSqGSIb3DQEBCwUAA4IBAQB9M8jLe3p63OTCUSvYN9JTH+afrCvquO1R/QXBGymt
HYHDwIy39W8knl7woVAd9H69E51hX7dtbYh7+oxdCWdFCWc/+j6TT+Fs2kTDXh5A
55c9RlFYHSfZRdkBpYUdHoLh7BdAJE8ONX8J803w67eTafgHPcg3ihA949jh62zr
9IXebdF0IiHbN1tuT3U+bukVXIVEgUW5efxjakwtddAkwLhkD3Xut1TDslRj2v0f
QTIIRd4HxmM1FSRHZ5k+N/iThv89fL84mT+HKKeMU/anC+xFZTkr0EkqALDt/JGo
EdWgl+dIFMYsiB00yPQc25xEUam9uwabwx+GVyMDZyLr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org