Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/e81d26-80f4-40f2-bdbd-02cf6b0db63b/1/M8Bqr8ZgwFOEz7310Ty66R_2bss.roa
File: M8Bqr8ZgwFOEz7310Ty66R_2bss.roa (raw, json)
Hash identifier: n3tRPPcVaAtXKwrgRlCgfLXxSaiRGtDvwh88DazCzNk=
Subject key identifier: 33:C0:6A:AF:C6:60:C0:53:84:CF:BD:F5:D1:3C:BA:E9:1F:F6:6E:CB
Certificate issuer: /CN=c00ac455ec0ede2930ea581057ee1ff59f5bf6c7
Certificate serial: 01856F42D189FECF52F0C1384EE15F320EC0
Authority key identifier: C0:0A:C4:55:EC:0E:DE:29:30:EA:58:10:57:EE:1F:F5:9F:5B:F6:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wArEVewO3ikw6lgQV-4f9Z9b9sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/e81d26-80f4-40f2-bdbd-02cf6b0db63b/1/M8Bqr8ZgwFOEz7310Ty66R_2bss.roa
Signing time: Sun 01 Jan 2023 21:35:28 +0000
ROA not before: Sun 01 Jan 2023 21:35:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212576
IP address blocks: 185.196.62.0/24 maxlen: 24
2a10:74c0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:d1:89:fe:cf:52:f0:c1:38:4e:e1:5f:32:0e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c00ac455ec0ede2930ea581057ee1ff59f5bf6c7
Validity
Not Before: Jan 1 21:35:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33c06aafc660c05384cfbdf5d13cbae91ff66ecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6e:85:4d:63:4c:9e:e9:39:9a:c9:65:8a:21:
63:7f:96:bc:73:c6:ac:f1:3d:6f:7f:89:95:ef:ec:
08:2c:0c:fc:cc:b2:42:d8:dd:3d:77:7a:ae:7e:a3:
dc:e7:a8:bb:82:8a:e4:76:b6:cd:74:bf:c6:83:d9:
bd:6f:b1:47:ed:ee:df:60:de:2d:fb:6d:7a:36:4a:
12:85:d5:cd:a0:6a:fd:f0:09:48:88:66:81:17:40:
7a:94:2d:80:a2:fa:79:ab:77:5f:df:e1:74:1e:b2:
c2:fc:d4:c3:c5:11:5f:a2:d3:6a:9d:51:24:4f:19:
47:19:85:b6:6e:f5:79:d2:f7:4a:68:9d:2d:65:b5:
59:4b:85:9b:fa:8b:4b:1e:c0:6b:fc:70:4e:ae:ad:
c8:b5:b8:ab:df:b9:d0:0d:be:14:2b:2a:ef:c4:80:
34:8a:88:5f:7a:b6:1b:51:0e:cf:db:34:80:5d:1a:
2b:3b:b6:3c:30:d8:8d:87:c2:61:a7:a3:bc:db:4d:
b5:cd:d1:e6:83:df:78:3d:51:64:91:60:0b:9e:68:
27:e5:54:5c:34:e8:46:d9:e3:9c:2d:7b:d5:c2:1d:
c9:3b:6a:62:7a:f5:0d:24:93:e3:ad:57:e0:b2:e8:
a4:9b:bc:02:44:61:e3:0f:ef:6a:2a:56:07:c7:dd:
33:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C0:6A:AF:C6:60:C0:53:84:CF:BD:F5:D1:3C:BA:E9:1F:F6:6E:CB
X509v3 Authority Key Identifier:
keyid:C0:0A:C4:55:EC:0E:DE:29:30:EA:58:10:57:EE:1F:F5:9F:5B:F6:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wArEVewO3ikw6lgQV-4f9Z9b9sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/e81d26-80f4-40f2-bdbd-02cf6b0db63b/1/M8Bqr8ZgwFOEz7310Ty66R_2bss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/e81d26-80f4-40f2-bdbd-02cf6b0db63b/1/wArEVewO3ikw6lgQV-4f9Z9b9sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.62.0/24
IPv6:
2a10:74c0::/32
Signature Algorithm: sha256WithRSAEncryption
52:ad:da:24:ab:fe:68:49:01:1c:39:3b:67:ed:c4:ca:00:4f:
0b:21:3b:74:75:d6:05:1f:54:5d:77:71:67:34:70:8a:f0:32:
90:7c:bc:b3:12:31:70:03:06:bf:f1:b1:52:a3:b0:a1:3c:ee:
a7:10:24:65:8b:ab:92:93:e3:35:07:1b:fd:d1:bc:42:f4:62:
f6:9d:3d:01:ea:d0:49:a8:5f:9e:ab:e0:a8:5b:96:b1:87:65:
85:39:f6:65:db:e5:a0:d5:4c:26:fa:7b:91:02:d7:6b:06:7d:
41:79:7b:a0:d6:c9:86:84:bc:ad:e4:eb:4c:96:2e:94:50:30:
90:3c:90:41:67:64:72:28:49:c4:a3:38:f3:6a:34:62:3a:81:
cd:71:3c:11:78:07:67:3d:d4:fc:71:2c:59:8e:26:e9:a6:91:
bc:d4:88:1c:75:47:e1:94:c4:d2:73:46:ae:69:05:64:9f:5e:
2d:17:7f:45:0e:df:f3:87:3f:1a:15:3c:1b:25:9c:89:36:13:
a9:b9:fb:97:86:d0:92:45:10:da:04:9a:b3:c3:cd:1a:47:b4:
81:3a:f8:7b:6b:a3:bf:8d:02:fa:cc:1a:c9:ac:0a:cd:f4:4c:
bd:d8:d3:52:fb:c4:a8:c8:a5:5e:5a:13:14:65:f2:06:dc:80:
c3:a3:7e:30
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvQtGJ/s9S8ME4TuFfMg7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwMGFjNDU1ZWMwZWRlMjkzMGVhNTgxMDU3ZWUxZmY1OWY1
YmY2YzcwHhcNMjMwMTAxMjEzNTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2MwNmFhZmM2NjBjMDUzODRjZmJkZjVkMTNjYmFlOTFmZjY2ZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvm6FTWNMnuk5mslliiFjf5a8c8as
8T1vf4mV7+wILAz8zLJC2N09d3qufqPc56i7gorkdrbNdL/Gg9m9b7FH7e7fYN4t
+216NkoShdXNoGr98AlIiGaBF0B6lC2Aovp5q3df3+F0HrLC/NTDxRFfotNqnVEk
TxlHGYW2bvV50vdKaJ0tZbVZS4Wb+otLHsBr/HBOrq3Itbir37nQDb4UKyrvxIA0
iohferYbUQ7P2zSAXRorO7Y8MNiNh8Jhp6O82021zdHmg994PVFkkWALnmgn5VRc
NOhG2eOcLXvVwh3JO2pievUNJJPjrVfgsuikm7wCRGHjD+9qKlYHx90znQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDPAaq/GYMBThM+99dE8uukf9m7LMB8GA1UdIwQY
MBaAFMAKxFXsDt4pMOpYEFfuH/WfW/bHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0FyRVZld08zaWt3NmxnUVYtNGY5WjliOXNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9lODFkMjYtODBmNC00MGYyLWJkYmQt
MDJjZjZiMGRiNjNiLzEvTThCcXI4Wmd3Rk9FejczMTBUeTY2Ul8yYnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9lODFkMjYtODBmNC00MGYyLWJkYmQtMDJjZjZiMGRiNjNi
LzEvd0FyRVZld08zaWt3NmxnUVYtNGY5WjliOXNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucQ+MA0E
AgACMAcDBQAqEHTAMA0GCSqGSIb3DQEBCwUAA4IBAQBSrdokq/5oSQEcOTtn7cTK
AE8LITt0ddYFH1Rdd3FnNHCK8DKQfLyzEjFwAwa/8bFSo7ChPO6nECRli6uSk+M1
Bxv90bxC9GL2nT0B6tBJqF+eq+CoW5axh2WFOfZl2+Wg1Uwm+nuRAtdrBn1BeXug
1smGhLyt5OtMli6UUDCQPJBBZ2RyKEnEozjzajRiOoHNcTwReAdnPdT8cSxZjibp
ppG81IgcdUfhlMTSc0auaQVkn14tF39FDt/zhz8aFTwbJZyJNhOpufuXhtCSRRDa
BJqzw80aR7SBOvh7a6O/jQL6zBrJrArN9Ey92NNS+8SoyKVeWhMUZfIG3IDDo34w
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:03 2024 by rpki-client on console-ams.rpki-client.org