Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/mpwQHdnQTIkalMq7kuZv4zA-uXQ.roa
File: mpwQHdnQTIkalMq7kuZv4zA-uXQ.roa (raw, json)
Hash identifier: o/j7Py/NkHQbVtmPWFMfUelPxXvW/0yJXG+OwawhnDY=
Subject key identifier: 9A:9C:10:1D:D9:D0:4C:89:1A:94:CA:BB:92:E6:6F:E3:30:3E:B9:74
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 01856CC171F3C8986DDD5BF4961F415BE14F
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/mpwQHdnQTIkalMq7kuZv4zA-uXQ.roa
Signing time: Sun 01 Jan 2023 09:54:54 +0000
ROA not before: Sun 01 Jan 2023 09:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.1.74.0/24 maxlen: 24
2001:7f8:a5::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:71:f3:c8:98:6d:dd:5b:f4:96:1f:41:5b:e1:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 09:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a9c101dd9d04c891a94cabb92e66fe3303eb974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bb:37:6d:0e:c8:ee:d6:3b:92:f0:fb:bc:11:
03:24:4a:3e:3c:b4:24:c4:f9:9f:f1:ae:60:86:92:
c3:c2:96:73:17:07:d1:21:02:85:de:04:6d:84:e7:
8d:aa:46:1d:fc:c0:44:9d:1b:26:88:dd:dd:46:f9:
ce:81:69:45:f5:fe:dd:c2:0e:d1:29:d8:a2:07:c9:
37:de:22:7b:e2:81:69:0e:74:93:30:26:a6:c0:ae:
14:dd:26:db:b9:97:ac:c9:c7:42:37:3f:b0:77:69:
09:c1:17:05:b3:32:96:be:72:f3:03:b4:81:c9:d4:
93:f4:f7:90:90:9f:72:29:1c:d2:f2:61:b9:81:31:
6e:1e:f6:eb:1f:40:ce:ab:cb:f0:e9:62:aa:3c:c6:
75:ea:64:21:e4:23:56:3f:bd:94:d6:b7:8e:5e:36:
76:37:c0:36:25:04:88:a8:6e:09:a5:3e:a2:3b:bd:
67:e4:f0:14:bb:e9:e8:c9:6f:d3:de:d9:87:53:ba:
d4:14:6f:51:3a:57:2f:b3:d7:ad:c3:80:32:77:b9:
78:fe:33:1e:c9:b0:57:9c:d8:b1:bd:97:0f:85:03:
72:3f:a2:73:d9:e0:9d:a9:63:ed:02:a4:6a:46:6e:
f2:7e:dd:ce:79:1f:2d:7d:fc:de:c0:25:02:66:25:
2a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9C:10:1D:D9:D0:4C:89:1A:94:CA:BB:92:E6:6F:E3:30:3E:B9:74
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/mpwQHdnQTIkalMq7kuZv4zA-uXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.74.0/24
IPv6:
2001:7f8:a5::/48
Signature Algorithm: sha256WithRSAEncryption
71:ff:3d:54:96:2f:b1:83:07:71:cc:bd:15:32:33:5c:be:0a:
17:92:09:b2:b0:bb:cb:71:cd:b6:e7:ee:a0:53:ff:64:0c:7a:
77:b8:f3:c1:f6:cb:db:2e:b5:37:33:5c:0f:cd:8f:bf:9e:fc:
83:65:e2:f5:2b:36:26:73:61:84:df:dc:14:24:ee:4c:31:52:
67:bb:73:dd:da:0d:13:ab:9b:00:09:5e:3a:49:d6:76:0a:5d:
c1:37:ed:9b:58:9a:40:35:97:4b:6b:eb:f2:24:c1:3b:a2:dc:
0a:49:7f:b2:76:78:35:90:d4:03:b9:13:19:8e:45:52:28:8d:
f8:1a:70:11:47:78:0d:c1:1b:59:e8:67:71:25:30:e5:9c:33:
92:a2:8f:c4:35:44:47:c8:e5:b8:98:63:b3:38:11:00:53:81:
cc:b6:3a:b5:fa:a9:3c:1c:04:ea:be:0e:f4:7a:a8:ef:d9:53:
f2:be:c0:c9:65:05:8e:32:b6:1c:9a:a0:c8:35:74:dc:df:b7:
af:30:be:3e:c4:fd:4e:d8:d3:b6:cc:96:8f:3d:7e:74:4d:08:
f4:95:f3:8f:5e:20:5f:6b:df:61:28:cb:1b:fd:c0:9d:3e:18:
7f:79:b3:9a:3a:67:8b:87:ba:94:d8:aa:f9:e1:66:15:f9:ba:
72:98:d6:1e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVswXHzyJht3Vv0lh9BW+FPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl
YzEwNWUwHhcNMjMwMTAxMDk1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTljMTAxZGQ5ZDA0Yzg5MWE5NGNhYmI5MmU2NmZlMzMwM2ViOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbs3bQ7I7tY7kvD7vBEDJEo+PLQk
xPmf8a5ghpLDwpZzFwfRIQKF3gRthOeNqkYd/MBEnRsmiN3dRvnOgWlF9f7dwg7R
KdiiB8k33iJ74oFpDnSTMCamwK4U3SbbuZesycdCNz+wd2kJwRcFszKWvnLzA7SB
ydST9PeQkJ9yKRzS8mG5gTFuHvbrH0DOq8vw6WKqPMZ16mQh5CNWP72U1reOXjZ2
N8A2JQSIqG4JpT6iO71n5PAUu+noyW/T3tmHU7rUFG9ROlcvs9etw4Ayd7l4/jMe
ybBXnNixvZcPhQNyP6Jz2eCdqWPtAqRqRm7yft3OeR8tffzewCUCZiUqOQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFJqcEB3Z0EyJGpTKu5Lmb+MwPrl0MB8GA1UdIwQY
MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1
LTM4MjM1NWZjMmZmMS8xL21wd1FIZG5RVElrYWxNcTdrdVp2NHpBLXVYUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm
MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAC5AUow
DwQCAAIwCQMHACABB/gApTANBgkqhkiG9w0BAQsFAAOCAQEAcf89VJYvsYMHccy9
FTIzXL4KF5IJsrC7y3HNtufuoFP/ZAx6d7jzwfbL2y61NzNcD82Pv578g2Xi9Ss2
JnNhhN/cFCTuTDFSZ7tz3doNE6ubAAleOknWdgpdwTftm1iaQDWXS2vr8iTBO6Lc
Ckl/snZ4NZDUA7kTGY5FUiiN+BpwEUd4DcEbWehncSUw5ZwzkqKPxDVER8jluJhj
szgRAFOBzLY6tfqpPBwE6r4O9Hqo79lT8r7AyWUFjjK2HJqgyDV03N+3rzC+PsT9
TtjTtsyWjz1+dE0I9JXzj14gX2vfYSjLG/3AnT4Yf3mzmjpni4e6lNiq+eFmFfm6
cpjWHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:53 2024 by rpki-client on console-ams.rpki-client.org