Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/mNiBpcp6nU-rFIMfNAvw6xIVCd0.roa
File: mNiBpcp6nU-rFIMfNAvw6xIVCd0.roa (raw, json)
Hash identifier: HlJwUf2m4hzgH9dy6N8HnKW+sitFaVLGoGalbiE+PGc=
Subject key identifier: 98:D8:81:A5:CA:7A:9D:4F:AB:14:83:1F:34:0B:F0:EB:12:15:09:DD
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 0188B1B0F15ECE94E35954264EC49C0AFB75
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/mNiBpcp6nU-rFIMfNAvw6xIVCd0.roa
Signing time: Mon 12 Jun 2023 22:19:03 +0000
ROA not before: Mon 12 Jun 2023 22:19:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.8.0/24 maxlen: 24
185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:1::/48 maxlen: 48
2a0b:6b87::/32 maxlen: 32
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b82::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b1:b0:f1:5e:ce:94:e3:59:54:26:4e:c4:9c:0a:fb:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jun 12 22:19:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98d881a5ca7a9d4fab14831f340bf0eb121509dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b9:24:0f:f1:7b:4b:18:36:ad:4e:ba:7b:25:
41:15:c7:bb:1b:b2:9a:8a:99:18:ce:57:3b:ff:59:
62:6c:45:62:21:85:f8:87:3b:01:42:3c:3b:03:41:
9a:7c:85:cb:6e:24:d4:75:58:1e:9a:ea:a8:17:6c:
a4:de:e2:0c:a4:4e:1a:0c:76:bb:99:d3:80:17:b0:
2f:02:97:c0:f6:e7:6c:4d:76:7e:93:74:ea:f5:f1:
da:18:14:1e:ad:df:21:ba:73:90:d7:77:4f:cb:ee:
33:bf:9d:7a:eb:09:9f:68:28:4a:e8:73:cb:6e:b2:
09:12:63:43:ff:23:b0:1b:e1:27:7c:d1:1a:97:2c:
f2:35:77:ef:f0:b1:8f:00:eb:3f:85:cb:22:ad:31:
5a:bf:ca:4a:b7:6a:90:04:6a:f6:bd:83:da:f3:b5:
7a:35:cc:0f:3e:67:41:e3:78:13:07:66:76:ed:74:
04:b4:34:44:e6:52:46:4c:f6:a3:d9:1c:ca:07:99:
56:f3:52:c9:cb:5c:cb:10:9e:9f:a5:23:f2:b1:bd:
8f:9e:dc:51:58:b8:5f:8b:d5:9d:23:d8:eb:06:53:
aa:1d:a7:0e:5f:fb:37:3b:b0:1f:e1:d8:37:b4:46:
d7:91:13:63:97:ec:c6:65:b3:3c:b3:a0:40:34:86:
96:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:D8:81:A5:CA:7A:9D:4F:AB:14:83:1F:34:0B:F0:EB:12:15:09:DD
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/mNiBpcp6nU-rFIMfNAvw6xIVCd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
185.186.11.0/24
IPv6:
2a0b:6b81:1::/48
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b82::/32
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
c7:39:8d:d1:94:94:c4:b9:ab:5d:f0:58:19:9f:e3:0d:5c:31:
0d:f8:db:0a:71:91:1e:ea:21:79:c1:e2:c8:f3:f9:6a:c4:0a:
9a:d5:5e:a2:5c:93:08:31:df:ed:cf:46:11:44:69:0c:af:97:
6b:67:f5:bf:b7:5f:28:1e:d8:2f:10:5e:3a:ca:8b:8e:32:20:
ea:59:1d:3e:54:b7:76:67:85:43:2e:81:42:cd:82:55:c4:46:
7b:7b:6c:83:0a:99:97:a9:14:0d:d1:c3:b6:f6:0c:3f:75:43:
8e:0c:24:db:91:26:59:59:20:42:7d:07:de:c7:c6:de:97:fe:
05:85:63:9b:f4:ff:88:d7:6b:26:b8:f7:d0:65:b3:18:5e:3a:
c9:19:d7:30:55:20:da:f7:00:19:ae:d0:c3:08:5f:36:8d:0c:
3a:b6:c2:fc:25:b9:42:3d:0c:22:36:36:f5:a2:86:78:4e:d9:
7c:fa:48:b5:8e:3e:17:a4:f0:ed:19:fa:45:d0:11:97:55:ed:
ad:a2:95:f7:49:c2:29:89:96:79:db:2b:fa:a7:18:01:d8:94:
bc:f0:17:7b:c9:34:74:6e:02:aa:8f:77:c7:50:03:a3:f5:f4:
5b:a7:e4:b3:20:98:e5:2c:c1:b7:f3:1e:b8:f6:ff:74:9d:1d:
26:53:e6:25
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYixsPFezpTjWVQmTsScCvt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwNjEyMjIxOTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGQ4ODFhNWNhN2E5ZDRmYWIxNDgzMWYzNDBiZjBlYjEyMTUwOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7kkD/F7Sxg2rU66eyVBFce7G7Ka
ipkYzlc7/1libEViIYX4hzsBQjw7A0GafIXLbiTUdVgemuqoF2yk3uIMpE4aDHa7
mdOAF7AvApfA9udsTXZ+k3Tq9fHaGBQerd8hunOQ13dPy+4zv5166wmfaChK6HPL
brIJEmND/yOwG+EnfNEalyzyNXfv8LGPAOs/hcsirTFav8pKt2qQBGr2vYPa87V6
NcwPPmdB43gTB2Z27XQEtDRE5lJGTPaj2RzKB5lW81LJy1zLEJ6fpSPysb2PntxR
WLhfi9WdI9jrBlOqHacOX/s3O7Af4dg3tEbXkRNjl+zGZbM8s6BANIaWzwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFJjYgaXKep1PqxSDHzQL8OsSFQndMB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvbU5pQnBjcDZuVS1yRklNZk5Bdnc2eElWQ2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzASBAIAATAMAwQAuboIAwQA
uboLMDEEAgACMCsDBwAqC2uBAAEwEgMHACoLa4EAAwMHACoLa4EABAMFACoLa4ID
BQAqC2uHMA0GCSqGSIb3DQEBCwUAA4IBAQDHOY3RlJTEuatd8FgZn+MNXDEN+NsK
cZEe6iF5weLI8/lqxAqa1V6iXJMIMd/tz0YRRGkMr5drZ/W/t18oHtgvEF46youO
MiDqWR0+VLd2Z4VDLoFCzYJVxEZ7e2yDCpmXqRQN0cO29gw/dUOODCTbkSZZWSBC
fQfex8bel/4FhWOb9P+I12smuPfQZbMYXjrJGdcwVSDa9wAZrtDDCF82jQw6tsL8
JblCPQwiNjb1ooZ4Ttl8+ki1jj4XpPDtGfpF0BGXVe2topX3ScIpiZZ52yv6pxgB
2JS88Bd7yTR0bgKqj3fHUAOj9fRbp+SzIJjlLMG38x649v90nR0mU+Yl
-----END CERTIFICATE-----
Generated at Thu Dec 14 08:54:37 2023 by rpki-client on console-ams.rpki-client.org