Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d88b46-6ef9-4624-8984-bfa6d340787a/1/Mw0xTII4Rzwhpa5fMLsLrljkt6M.roa
File: Mw0xTII4Rzwhpa5fMLsLrljkt6M.roa (raw, json)
Hash identifier: skC2/kD4ofggQOa8n6zxVSzwvswD6wdFwHDSsnLAFcc=
Subject key identifier: 33:0D:31:4C:82:38:47:3C:21:A5:AE:5F:30:BB:0B:AE:58:E4:B7:A3
Certificate issuer: /CN=3f28b1bea0b5897723ea7c5fbbdd7ccd2952b05c
Certificate serial: 018CC56ED501F40AA5CFB7306869CBCBA93D
Authority key identifier: 3F:28:B1:BE:A0:B5:89:77:23:EA:7C:5F:BB:DD:7C:CD:29:52:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PyixvqC1iXcj6nxfu918zSlSsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d88b46-6ef9-4624-8984-bfa6d340787a/1/Mw0xTII4Rzwhpa5fMLsLrljkt6M.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44598
IP address blocks: 185.150.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d5:01:f4:0a:a5:cf:b7:30:68:69:cb:cb:a9:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f28b1bea0b5897723ea7c5fbbdd7ccd2952b05c
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=330d314c8238473c21a5ae5f30bb0bae58e4b7a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4c:eb:c1:b7:6d:bb:29:ab:42:d5:b6:67:80:
7c:32:33:69:0e:c8:71:4b:19:60:0c:fe:74:c0:53:
af:64:87:c5:40:2f:fa:56:25:3f:f1:5f:a7:9f:13:
7e:e0:3b:fc:cf:75:42:2f:15:65:f8:ae:00:86:b4:
2f:dd:b5:ab:75:c4:3b:d7:d7:9f:78:4d:d6:6d:2e:
2e:37:8b:27:c0:4d:18:7a:87:b5:42:98:40:f1:e6:
f1:6d:30:00:b2:c7:35:b4:9d:72:74:fd:db:ab:14:
a0:fb:35:0b:b9:9b:2f:19:8d:68:c3:cd:86:3a:55:
23:c1:e9:32:11:20:9b:75:45:27:60:9d:19:b5:81:
31:0c:04:06:5a:79:88:34:87:02:14:ad:10:4e:db:
8e:7c:46:15:4e:0d:aa:4c:47:08:84:3a:b6:02:12:
ba:6f:ae:62:8a:9d:df:9d:dc:b7:90:1c:21:10:ee:
3e:17:02:f7:18:b7:23:cf:a9:c3:ed:73:e8:ef:d0:
a0:3f:1e:ce:d3:51:7e:22:37:6b:49:4f:71:6f:a1:
00:62:42:cf:d9:ca:39:9f:31:d4:2b:1f:31:a0:e6:
00:d4:2e:03:f2:a5:88:fc:42:8d:87:ef:db:ed:de:
ab:ec:ef:05:6b:ba:ab:69:d1:7b:c9:23:fc:b6:73:
27:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0D:31:4C:82:38:47:3C:21:A5:AE:5F:30:BB:0B:AE:58:E4:B7:A3
X509v3 Authority Key Identifier:
keyid:3F:28:B1:BE:A0:B5:89:77:23:EA:7C:5F:BB:DD:7C:CD:29:52:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PyixvqC1iXcj6nxfu918zSlSsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d88b46-6ef9-4624-8984-bfa6d340787a/1/Mw0xTII4Rzwhpa5fMLsLrljkt6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d88b46-6ef9-4624-8984-bfa6d340787a/1/PyixvqC1iXcj6nxfu918zSlSsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.92.0/22
Signature Algorithm: sha256WithRSAEncryption
af:9b:7c:fd:32:13:35:db:5e:98:18:93:f3:5f:18:42:fa:47:
fd:90:b2:15:01:42:d4:a1:e6:2f:b7:b6:43:fc:f8:65:8c:a7:
a1:25:7f:33:eb:6e:73:84:18:25:26:48:8b:9e:a5:cd:f7:19:
0e:41:4b:19:2d:86:2f:e2:6a:6c:bc:23:63:78:03:0a:5a:ae:
75:2b:d9:0b:9f:98:55:69:10:53:d4:7d:df:6b:18:8a:95:ea:
c1:26:3f:db:d9:ab:94:a7:90:ce:bb:ff:1c:d4:28:c6:07:61:
6a:99:13:68:f4:75:cd:6e:63:a0:21:33:b9:6c:61:27:30:4a:
a5:98:15:bf:95:57:8b:a0:d3:92:32:84:e8:86:e9:a9:8d:37:
8d:9f:4e:64:7b:a9:bd:e2:ca:38:06:e7:3d:7d:2f:63:44:d1:
f8:40:93:d1:54:3c:70:83:73:57:76:37:77:9f:7e:79:4a:23:
ba:fd:0b:70:65:b7:b6:14:7d:68:65:9d:aa:e4:4e:af:24:c3:
10:9e:c5:f2:0f:b6:b3:02:e1:9a:6a:88:57:c3:83:f5:79:a1:
d1:18:d2:f4:0e:57:9e:c5:ca:30:17:41:b4:8a:c3:6a:27:3e:
58:b3:6e:f4:26:3f:5e:de:9a:67:12:34:f3:05:71:7c:a9:b5:
be:21:7f:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbtUB9Aqlz7cwaGnLy6k9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMjhiMWJlYTBiNTg5NzcyM2VhN2M1ZmJiZGQ3Y2NkMjk1
MmIwNWMwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzBkMzE0YzgyMzg0NzNjMjFhNWFlNWYzMGJiMGJhZTU4ZTRiN2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EzrwbdtuymrQtW2Z4B8MjNpDshx
SxlgDP50wFOvZIfFQC/6ViU/8V+nnxN+4Dv8z3VCLxVl+K4AhrQv3bWrdcQ719ef
eE3WbS4uN4snwE0Yeoe1QphA8ebxbTAAssc1tJ1ydP3bqxSg+zULuZsvGY1ow82G
OlUjwekyESCbdUUnYJ0ZtYExDAQGWnmINIcCFK0QTtuOfEYVTg2qTEcIhDq2AhK6
b65iip3fndy3kBwhEO4+FwL3GLcjz6nD7XPo79CgPx7O01F+IjdrSU9xb6EAYkLP
2co5nzHUKx8xoOYA1C4D8qWI/EKNh+/b7d6r7O8Fa7qradF7ySP8tnMnBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMNMUyCOEc8IaWuXzC7C65Y5LejMB8GA1UdIwQY
MBaAFD8osb6gtYl3I+p8X7vdfM0pUrBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHlpeHZxQzFpWGNqNm54ZnU5MTh6U2xTc0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kODhiNDYtNmVmOS00NjI0LTg5ODQt
YmZhNmQzNDA3ODdhLzEvTXcweFRJSTRSendocGE1Zk1Mc0xybGprdDZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kODhiNDYtNmVmOS00NjI0LTg5ODQtYmZhNmQzNDA3ODdh
LzEvUHlpeHZxQzFpWGNqNm54ZnU5MTh6U2xTc0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZZcMA0G
CSqGSIb3DQEBCwUAA4IBAQCvm3z9MhM1216YGJPzXxhC+kf9kLIVAULUoeYvt7ZD
/PhljKehJX8z625zhBglJkiLnqXN9xkOQUsZLYYv4mpsvCNjeAMKWq51K9kLn5hV
aRBT1H3faxiKlerBJj/b2auUp5DOu/8c1CjGB2FqmRNo9HXNbmOgITO5bGEnMEql
mBW/lVeLoNOSMoTohumpjTeNn05ke6m94so4Buc9fS9jRNH4QJPRVDxwg3NXdjd3
n355SiO6/QtwZbe2FH1oZZ2q5E6vJMMQnsXyD7azAuGaaohXw4P1eaHRGNL0Dlee
xcowF0G0isNqJz5Ys270Jj9e3ppnEjTzBXF8qbW+IX/3
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:55 2025 by rpki-client