Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/mWZ7fUYoUlFP0N4JE5cYgL1JJ2M.roa
File: mWZ7fUYoUlFP0N4JE5cYgL1JJ2M.roa (raw, json)
Hash identifier: +PaZ1FYlqOCaapWCzPhUMKpstb1GgH0xAGKfu8qlI6w=
Subject key identifier: 99:66:7B:7D:46:28:52:51:4F:D0:DE:09:13:97:18:80:BD:49:27:63
Certificate issuer: /CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Certificate serial: 01867120C144972C90CCC5CC03964085E2F1
Authority key identifier: B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/mWZ7fUYoUlFP0N4JE5cYgL1JJ2M.roa
Signing time: Mon 20 Feb 2023 23:20:17 +0000
ROA not before: Mon 20 Feb 2023 23:20:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204560
IP address blocks: 185.246.140.0/22 maxlen: 22
193.194.102.0/23 maxlen: 23
193.194.104.0/24 maxlen: 24
2a0d:8380::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:71:20:c1:44:97:2c:90:cc:c5:cc:03:96:40:85:e2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b93628a36304e3bdc21f853bb3fad43e4861a5c5
Validity
Not Before: Feb 20 23:20:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99667b7d462852514fd0de0913971880bd492763
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e1:31:a6:c1:17:ae:e5:7f:fa:65:ba:4a:c7:
90:a4:3d:83:ae:7d:53:1b:b3:47:8d:f5:35:8c:dc:
e5:24:55:22:54:9d:c7:84:05:de:55:d6:8a:ec:15:
48:df:0b:61:d7:77:0d:af:c2:8f:4d:f6:49:22:44:
3b:33:22:c5:51:f0:46:83:a3:b2:b4:8d:6c:60:94:
f1:a0:b1:d9:3f:5b:0f:ea:09:3a:c7:96:be:34:47:
35:30:a5:77:a5:89:20:82:df:cd:82:18:fc:4d:93:
87:b2:e3:75:4d:85:5b:21:a2:72:6c:93:1d:06:53:
9a:7a:94:ab:98:2f:47:91:73:3f:71:c2:95:1d:ff:
40:01:a8:94:88:df:a3:34:b0:ea:09:0e:4a:7d:92:
f3:d4:a9:20:5a:ab:f8:98:e1:c6:86:1d:9a:36:5a:
9b:b3:8a:a7:eb:78:2c:21:dd:b6:ca:2c:60:e4:82:
5d:25:74:45:e4:e2:9f:db:33:c8:a5:ef:08:88:3f:
6c:a4:55:63:e8:10:e3:20:19:b1:e0:42:82:d5:22:
4e:0f:21:49:ea:41:ed:23:c7:d4:df:b7:0c:7d:62:
94:01:eb:7a:4e:d9:04:66:ea:25:59:ac:0b:f7:a2:
a7:d9:82:4e:90:11:a7:d9:77:aa:51:3a:cb:de:39:
71:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:66:7B:7D:46:28:52:51:4F:D0:DE:09:13:97:18:80:BD:49:27:63
X509v3 Authority Key Identifier:
keyid:B9:36:28:A3:63:04:E3:BD:C2:1F:85:3B:B3:FA:D4:3E:48:61:A5:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTYoo2ME473CH4U7s_rUPkhhpcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/mWZ7fUYoUlFP0N4JE5cYgL1JJ2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a9bbce-d3c7-4221-9f6b-87d3ec7f0410/1/uTYoo2ME473CH4U7s_rUPkhhpcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.140.0/22
193.194.102.0-193.194.104.255
IPv6:
2a0d:8380::/29
Signature Algorithm: sha256WithRSAEncryption
93:2d:a2:4b:d7:a4:43:9f:54:85:aa:40:f3:34:77:60:23:a5:
30:a9:62:e0:67:69:f1:00:35:18:4c:cb:91:66:34:2a:62:ad:
8c:a5:8e:f4:72:85:e1:a0:cd:77:af:7e:e3:ad:3e:11:21:1b:
5e:dd:d5:c0:f5:f4:46:0f:cc:62:ce:27:af:50:52:77:d1:02:
58:07:10:21:53:fe:53:5a:93:74:52:2b:75:7a:18:d6:36:cd:
7f:f5:9c:29:b0:a6:01:93:4f:b1:8a:46:ae:53:6d:7b:64:aa:
15:58:24:e2:98:9d:df:47:85:31:cb:7a:e2:de:02:82:56:72:
6a:8a:84:c3:b3:ea:39:20:d4:3a:86:51:8c:70:7f:13:61:98:
fe:9d:24:3d:7d:ee:f9:b9:8a:13:56:b2:e1:61:01:35:f3:7a:
8c:d0:b8:d7:10:49:af:c1:e5:a7:82:df:64:86:0c:f7:89:29:
08:50:92:64:9d:01:fd:75:38:d8:f0:00:fd:29:90:5e:4b:30:
43:d7:af:37:d5:f8:9e:c3:2e:52:b1:3c:04:53:12:79:d1:57:
d9:e0:80:82:1d:e9:1c:e8:3c:0b:c9:4b:66:5d:a2:ff:46:1e:
36:d1:ef:91:9b:1f:7c:1f:4c:b3:79:e5:9c:c0:1f:2b:5b:0d:
f8:2c:bb:a4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYZxIMFElyyQzMXMA5ZAheLxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MzYyOGEzNjMwNGUzYmRjMjFmODUzYmIzZmFkNDNlNDg2
MWE1YzUwHhcNMjMwMjIwMjMyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY2N2I3ZDQ2Mjg1MjUxNGZkMGRlMDkxMzk3MTg4MGJkNDkyNzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOExpsEXruV/+mW6SseQpD2Drn1T
G7NHjfU1jNzlJFUiVJ3HhAXeVdaK7BVI3wth13cNr8KPTfZJIkQ7MyLFUfBGg6Oy
tI1sYJTxoLHZP1sP6gk6x5a+NEc1MKV3pYkggt/Nghj8TZOHsuN1TYVbIaJybJMd
BlOaepSrmC9HkXM/ccKVHf9AAaiUiN+jNLDqCQ5KfZLz1KkgWqv4mOHGhh2aNlqb
s4qn63gsId22yixg5IJdJXRF5OKf2zPIpe8IiD9spFVj6BDjIBmx4EKC1SJODyFJ
6kHtI8fU37cMfWKUAet6TtkEZuolWawL96Kn2YJOkBGn2XeqUTrL3jlxswIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJlme31GKFJRT9DeCROXGIC9SSdjMB8GA1UdIwQY
MBaAFLk2KKNjBOO9wh+FO7P61D5IYaXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmIt
ODdkM2VjN2YwNDEwLzEvbVdaN2ZVWW9VbEZQME40SkU1Y1lnTDFKSjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hOWJiY2UtZDNjNy00MjIxLTlmNmItODdkM2VjN2YwNDEw
LzEvdVRZb28yTUU0NzNDSDRVN3NfclVQa2hocGNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCufaMMAwD
BAHBwmYDBADBwmgwDQQCAAIwBwMFAyoNg4AwDQYJKoZIhvcNAQELBQADggEBAJMt
okvXpEOfVIWqQPM0d2AjpTCpYuBnafEANRhMy5FmNCpirYyljvRyheGgzXevfuOt
PhEhG17d1cD19EYPzGLOJ69QUnfRAlgHECFT/lNak3RSK3V6GNY2zX/1nCmwpgGT
T7GKRq5TbXtkqhVYJOKYnd9HhTHLeuLeAoJWcmqKhMOz6jkg1DqGUYxwfxNhmP6d
JD197vm5ihNWsuFhATXzeozQuNcQSa/B5aeC32SGDPeJKQhQkmSdAf11ONjwAP0p
kF5LMEPXrzfV+J7DLlKxPARTEnnRV9nggIId6RzoPAvJS2Zdov9GHjbR75GbH3wf
TLN55ZzAHytbDfgsu6Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:33 2024 by rpki-client on console-fra.rpki-client.org