Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/aMvc-GpMOox4bzlD74yxIibS1iE.roa
File: aMvc-GpMOox4bzlD74yxIibS1iE.roa (raw, json)
Hash identifier: T71TbIP/mkWwgLjNxRWxnZ9Ql4LS5SxByOVBxx0ZpP8=
Subject key identifier: 68:CB:DC:F8:6A:4C:3A:8C:78:6F:39:43:EF:8C:B1:22:26:D2:D6:21
Certificate issuer: /CN=d2f6e6b5a34fd18b435385db87bb3ae974785108
Certificate serial: 01856B40BA27CE4E474D9D587B9B6BD1E42E
Authority key identifier: D2:F6:E6:B5:A3:4F:D1:8B:43:53:85:DB:87:BB:3A:E9:74:78:51:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vbmtaNP0YtDU4Xbh7s66XR4UQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/aMvc-GpMOox4bzlD74yxIibS1iE.roa
Signing time: Sun 01 Jan 2023 02:54:42 +0000
ROA not before: Sun 01 Jan 2023 02:54:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207509
IP address blocks: 185.25.94.0/24 maxlen: 24
2a0c:95c0::/29 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:ba:27:ce:4e:47:4d:9d:58:7b:9b:6b:d1:e4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f6e6b5a34fd18b435385db87bb3ae974785108
Validity
Not Before: Jan 1 02:54:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68cbdcf86a4c3a8c786f3943ef8cb12226d2d621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:70:5a:c2:e6:05:a9:f0:2e:c7:b8:ce:61:1d:
c6:ad:eb:3b:85:2c:9b:d0:b3:c0:b8:ef:5c:b2:95:
4c:40:3d:ba:24:73:29:27:3a:40:60:0e:48:c1:c1:
a2:4f:64:a6:15:cb:7d:c7:30:4f:2b:f8:9b:79:3b:
dc:23:69:74:4a:2f:f8:e5:b6:0b:95:3d:3a:ec:f2:
c0:0c:62:c1:ca:f5:f4:18:26:42:b4:5b:e8:eb:7d:
b4:c2:3a:cd:80:4f:7d:67:24:ec:8d:bf:62:d8:8c:
d7:3e:76:83:8f:91:b1:fb:b2:b7:e7:09:58:44:f4:
c1:72:77:40:26:c5:b4:59:b1:16:2f:26:24:60:bb:
1d:56:ad:0d:db:43:23:83:26:12:44:1b:14:45:6c:
5a:5a:08:42:8a:14:66:d1:a3:51:d8:22:96:66:32:
6f:8f:d6:d0:bf:4d:e9:fb:d9:7d:cf:aa:7f:7a:e1:
5b:2c:9b:d2:7c:04:2d:9a:cf:d7:a6:9a:09:3b:6f:
42:f7:65:b5:d1:72:0e:1d:fa:23:78:42:41:a8:94:
39:a9:fa:13:3d:28:e0:a3:c0:92:52:e9:49:d6:ae:
c4:fa:db:62:c6:0a:5b:ae:34:61:52:67:a7:07:52:
50:81:31:a3:c7:ca:ca:fe:3e:b8:de:f7:69:47:59:
cb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CB:DC:F8:6A:4C:3A:8C:78:6F:39:43:EF:8C:B1:22:26:D2:D6:21
X509v3 Authority Key Identifier:
keyid:D2:F6:E6:B5:A3:4F:D1:8B:43:53:85:DB:87:BB:3A:E9:74:78:51:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vbmtaNP0YtDU4Xbh7s66XR4UQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/aMvc-GpMOox4bzlD74yxIibS1iE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/0vbmtaNP0YtDU4Xbh7s66XR4UQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.94.0/24
IPv6:
2a0c:95c0::/29
Signature Algorithm: sha256WithRSAEncryption
b0:87:09:1c:f6:2b:24:4b:af:11:59:b8:83:68:ee:c4:c2:b8:
d6:15:e0:04:af:e0:d4:1e:e2:2a:fb:78:37:cf:2d:6c:63:28:
6e:ec:1f:e1:56:61:20:70:31:65:c7:2f:a7:44:ac:d6:5f:c5:
6b:a5:ba:be:3d:2c:75:98:af:56:b4:f7:fd:50:5a:e7:ed:90:
d0:f6:9c:d1:5b:ae:ef:6e:80:66:bc:db:6e:b0:71:e8:60:cd:
eb:61:3f:07:cc:04:5a:71:46:f6:c1:82:8d:30:1e:38:68:d8:
d8:f7:dd:42:55:49:04:ce:f1:78:1a:a4:42:23:9f:cf:97:cc:
e3:46:5f:9b:e4:ef:a9:72:6d:9d:76:af:cc:18:50:22:dc:63:
70:01:bd:11:c3:1c:eb:19:95:94:27:d3:27:f2:06:8b:17:4c:
ef:e4:0c:f6:2f:9f:ed:c5:d7:09:67:cb:19:85:f8:f2:17:fc:
fc:7c:7e:ec:99:96:aa:e6:9b:d6:05:f5:a9:11:9e:c0:6e:67:
f1:f2:0a:a1:1b:b2:87:27:c7:15:f4:8b:a4:c5:d2:44:8d:8d:
de:20:9d:ec:0f:47:5f:8d:e0:cc:45:a2:59:4e:78:68:03:78:
a7:d9:bb:c8:7d:38:b2:21:18:06:3e:af:4f:22:8c:c9:2d:c9:
21:f5:ec:aa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVrQLonzk5HTZ1Ye5tr0eQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZjZlNmI1YTM0ZmQxOGI0MzUzODVkYjg3YmIzYWU5NzQ3
ODUxMDgwHhcNMjMwMTAxMDI1NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGNiZGNmODZhNGMzYThjNzg2ZjM5NDNlZjhjYjEyMjI2ZDJkNjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXBawuYFqfAux7jOYR3Gres7hSyb
0LPAuO9cspVMQD26JHMpJzpAYA5IwcGiT2SmFct9xzBPK/ibeTvcI2l0Si/45bYL
lT067PLADGLByvX0GCZCtFvo6320wjrNgE99ZyTsjb9i2IzXPnaDj5Gx+7K35wlY
RPTBcndAJsW0WbEWLyYkYLsdVq0N20MjgyYSRBsURWxaWghCihRm0aNR2CKWZjJv
j9bQv03p+9l9z6p/euFbLJvSfAQtms/XppoJO29C92W10XIOHfojeEJBqJQ5qfoT
PSjgo8CSUulJ1q7E+ttixgpbrjRhUmenB1JQgTGjx8rK/j643vdpR1nLHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGjL3PhqTDqMeG85Q++MsSIm0tYhMB8GA1UdIwQY
MBaAFNL25rWjT9GLQ1OF24e7Oul0eFEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZibXRhTlAwWXREVTRYYmg3czY2WFI0VVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS85YjBjNzctODA4NS00YTVhLWJhY2Ut
MTQzYzNkMzhkMTdjLzEvYU12Yy1HcE1Pb3g0YnpsRDc0eXhJaWJTMWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS85YjBjNzctODA4NS00YTVhLWJhY2UtMTQzYzNkMzhkMTdj
LzEvMHZibXRhTlAwWXREVTRYYmg3czY2WFI0VVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRleMA0E
AgACMAcDBQMqDJXAMA0GCSqGSIb3DQEBCwUAA4IBAQCwhwkc9iskS68RWbiDaO7E
wrjWFeAEr+DUHuIq+3g3zy1sYyhu7B/hVmEgcDFlxy+nRKzWX8Vrpbq+PSx1mK9W
tPf9UFrn7ZDQ9pzRW67vboBmvNtusHHoYM3rYT8HzARacUb2wYKNMB44aNjY991C
VUkEzvF4GqRCI5/Pl8zjRl+b5O+pcm2ddq/MGFAi3GNwAb0RwxzrGZWUJ9Mn8gaL
F0zv5Az2L5/txdcJZ8sZhfjyF/z8fH7smZaq5pvWBfWpEZ7Abmfx8gqhG7KHJ8cV
9IukxdJEjY3eIJ3sD0dfjeDMRaJZTnhoA3in2bvIfTiyIRgGPq9PIozJLckh9eyq
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:35 2024 by rpki-client on console-fra.rpki-client.org