Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/Mu5D4lDO1XuyzbUoZBY2wroypVM.roa
File: Mu5D4lDO1XuyzbUoZBY2wroypVM.roa (raw, json)
Hash identifier: cjJOTVBX8jXtmh4LUhSfghPUXBYZn3XWC70ssdTPbLk=
Subject key identifier: 32:EE:43:E2:50:CE:D5:7B:B2:CD:B5:28:64:16:36:C2:BA:32:A5:53
Certificate issuer: /CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Certificate serial: 01856F3915D0D289871B77B6B0AC6D58FBA2
Authority key identifier: DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/Mu5D4lDO1XuyzbUoZBY2wroypVM.roa
Signing time: Sun 01 Jan 2023 21:24:50 +0000
ROA not before: Sun 01 Jan 2023 21:24:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199987
IP address blocks: 185.40.32.0/23 maxlen: 23
185.40.35.0/24 maxlen: 24
185.40.32.0/22 maxlen: 22
185.40.34.0/24 maxlen: 24
2a01:4ba0::/29 maxlen: 29
2a01:4ba0:2::/48 maxlen: 48
2a01:4ba0::/48 maxlen: 48
2a01:4ba0:3::/48 maxlen: 48
2a01:4ba0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:15:d0:d2:89:87:1b:77:b6:b0:ac:6d:58:fb:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfa7e00738d3f7b8de48de38627567768e2f89b6
Validity
Not Before: Jan 1 21:24:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32ee43e250ced57bb2cdb528641636c2ba32a553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:79:46:3b:c2:94:7d:9d:04:25:6c:73:37:17:
8f:79:ce:fb:4a:15:3b:bd:6c:ca:0a:17:c9:ec:e4:
8e:80:f0:5f:bf:19:95:4e:d4:60:9a:b9:7f:61:ed:
ca:66:fc:83:44:56:1c:73:c7:22:ad:e4:04:24:4e:
38:25:4c:cc:18:88:34:1d:77:f7:83:5e:5d:e8:de:
9a:b9:49:11:78:62:db:75:bb:db:0e:05:c3:71:c6:
ab:c8:80:51:b3:e2:72:e9:1c:ac:c4:11:13:a6:5f:
fb:42:0b:f5:9c:ac:b6:cb:74:90:82:54:1e:2a:30:
f8:86:d2:6f:c6:6a:05:7c:08:24:0c:4b:30:b8:ba:
31:69:ac:85:8d:0c:ef:2c:82:bf:cd:24:04:2a:b4:
d7:c3:4f:65:0b:ab:64:f3:4e:69:ee:e6:be:18:6b:
e2:38:90:64:f1:c8:1b:d7:46:4b:af:6f:85:fe:51:
98:74:7e:fe:a5:d3:e4:f0:5f:49:d4:05:5d:0a:6b:
8f:7d:15:70:65:6b:85:72:9b:4d:18:e0:61:91:ff:
4f:7d:a5:60:23:a6:c3:31:92:f4:24:4a:5d:bf:78:
7f:f7:ce:06:a8:7a:db:38:6f:ad:4c:8a:f4:bf:74:
f2:06:db:43:96:e3:f2:51:27:45:a1:0a:cf:52:bc:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:EE:43:E2:50:CE:D5:7B:B2:CD:B5:28:64:16:36:C2:BA:32:A5:53
X509v3 Authority Key Identifier:
keyid:DF:A7:E0:07:38:D3:F7:B8:DE:48:DE:38:62:75:67:76:8E:2F:89:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/36fgBzjT97jeSN44YnVndo4vibY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/Mu5D4lDO1XuyzbUoZBY2wroypVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/dbec1f-07c5-49f2-ba66-2b1fafccdd0b/1/36fgBzjT97jeSN44YnVndo4vibY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.32.0/22
IPv6:
2a01:4ba0::/29
Signature Algorithm: sha256WithRSAEncryption
81:46:7d:f0:23:f4:9e:83:7e:35:af:14:33:f6:33:bd:fa:bd:
1f:fe:9c:0c:5e:7a:24:d8:a6:37:65:ed:61:b1:e4:52:95:97:
03:70:39:02:b8:e1:17:f4:7d:99:a1:0a:73:94:1c:f8:61:c2:
50:c0:cb:fa:b2:0b:14:9a:c4:e2:b7:3b:cd:99:72:52:e7:a7:
bf:37:67:20:ba:b7:10:fe:ae:bf:ec:03:c2:9e:d5:4b:66:db:
fd:8b:9f:f8:3f:ff:76:df:77:42:a4:e8:1c:d1:41:ce:f3:23:
f9:b0:c8:97:5a:24:39:d0:32:00:ef:5d:4c:5c:46:fd:a3:8a:
00:29:cf:33:7e:a5:ee:ca:63:21:5b:b0:e9:09:77:c3:77:99:
48:3f:94:b3:70:46:0e:bc:ee:c0:be:48:76:9f:a8:f7:cc:a2:
36:11:aa:ff:29:60:da:37:13:30:6b:49:f0:e4:56:f0:df:f9:
76:b3:63:6c:69:65:ba:b9:7f:0a:ed:e4:7b:94:eb:3a:7d:76:
ba:9d:f2:62:ca:11:35:15:11:fd:65:0e:e0:4d:8c:b2:f1:5d:
8c:93:72:90:86:a9:c1:e4:cf:bd:29:93:79:d9:5c:09:21:c6:
a1:b2:43:42:ad:79:a8:7a:e3:2b:42:bc:79:ff:4e:0d:e2:0a:
95:62:e4:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvORXQ0omHG3e2sKxtWPuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYTdlMDA3MzhkM2Y3YjhkZTQ4ZGUzODYyNzU2Nzc2OGUy
Zjg5YjYwHhcNMjMwMTAxMjEyNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmVlNDNlMjUwY2VkNTdiYjJjZGI1Mjg2NDE2MzZjMmJhMzJhNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3lGO8KUfZ0EJWxzNxePec77ShU7
vWzKChfJ7OSOgPBfvxmVTtRgmrl/Ye3KZvyDRFYcc8cireQEJE44JUzMGIg0HXf3
g15d6N6auUkReGLbdbvbDgXDccaryIBRs+Jy6RysxBETpl/7Qgv1nKy2y3SQglQe
KjD4htJvxmoFfAgkDEswuLoxaayFjQzvLIK/zSQEKrTXw09lC6tk805p7ua+GGvi
OJBk8cgb10ZLr2+F/lGYdH7+pdPk8F9J1AVdCmuPfRVwZWuFcptNGOBhkf9PfaVg
I6bDMZL0JEpdv3h/984GqHrbOG+tTIr0v3TyBttDluPyUSdFoQrPUrxqUQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDLuQ+JQztV7ss21KGQWNsK6MqVTMB8GA1UdIwQY
MBaAFN+n4Ac40/e43kjeOGJ1Z3aOL4m2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYt
MmIxZmFmY2NkZDBiLzEvTXU1RDRsRE8xWHV5emJVb1pCWTJ3cm95cFZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9kYmVjMWYtMDdjNS00OWYyLWJhNjYtMmIxZmFmY2NkZDBi
LzEvMzZmZ0J6alQ5N2plU040NFluVm5kbzR2aWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSggMA0E
AgACMAcDBQMqAUugMA0GCSqGSIb3DQEBCwUAA4IBAQCBRn3wI/Seg341rxQz9jO9
+r0f/pwMXnok2KY3Ze1hseRSlZcDcDkCuOEX9H2ZoQpzlBz4YcJQwMv6sgsUmsTi
tzvNmXJS56e/N2cgurcQ/q6/7APCntVLZtv9i5/4P/9233dCpOgc0UHO8yP5sMiX
WiQ50DIA711MXEb9o4oAKc8zfqXuymMhW7DpCXfDd5lIP5SzcEYOvO7Avkh2n6j3
zKI2Ear/KWDaNxMwa0nw5Fbw3/l2s2NsaWW6uX8K7eR7lOs6fXa6nfJiyhE1FRH9
ZQ7gTYyy8V2Mk3KQhqnB5M+9KZN52VwJIcahskNCrXmoeuMrQrx5/04N4gqVYuS6
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:14:55 2024 by rpki-client on console-fra.rpki-client.org