Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/mCKqW74kZKl5vT3wfZF6Yd0ixww.roa
File: mCKqW74kZKl5vT3wfZF6Yd0ixww.roa (raw, json)
Hash identifier: rEBtQ+t8Uxb5K6V/tJDH4vwU8FuidkVZ7UEN6mhhtbg=
Subject key identifier: 98:22:AA:5B:BE:24:64:A9:79:BD:3D:F0:7D:91:7A:61:DD:22:C7:0C
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0192C47D45672DF1BEE58F50563D40673116
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/mCKqW74kZKl5vT3wfZF6Yd0ixww.roa
Signing time: Fri 25 Oct 2024 16:23:16 +0000
ROA not before: Fri 25 Oct 2024 16:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13213
IP address blocks: 168.199.235.0/24 maxlen: 24
185.171.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Oct 2024 02:28:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c4:7d:45:67:2d:f1:be:e5:8f:50:56:3d:40:67:31:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Oct 25 16:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9822aa5bbe2464a979bd3df07d917a61dd22c70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:30:14:58:db:78:f7:90:32:8e:8d:cb:64:5b:
3c:51:d7:34:33:a7:08:3a:c8:f4:be:22:2e:5d:77:
93:eb:be:80:b0:98:bf:cd:18:59:ff:24:9f:fc:24:
80:18:0f:69:53:e4:78:43:16:b5:b0:2e:99:e6:3d:
34:ea:ea:15:9e:5f:0a:7c:30:f0:cd:1a:f5:55:52:
62:94:cd:ea:d9:37:38:9d:49:65:e0:63:9a:25:22:
90:be:ca:ea:39:d9:a3:75:41:12:9a:47:01:f8:0d:
6e:63:6b:2a:e9:f4:e7:e7:23:df:61:ec:c8:90:31:
fd:44:69:dc:be:ae:44:8a:da:5d:4f:97:eb:2d:45:
0c:34:b4:5a:65:03:10:4d:01:1b:c7:96:e3:86:27:
f9:eb:83:73:5f:25:f3:ab:58:5e:99:c4:8e:8a:48:
6a:0d:a5:b5:40:ff:d2:cf:eb:90:7d:f4:a5:51:d8:
68:f8:f9:1a:ae:fe:3f:15:06:29:b7:9e:86:a7:e1:
a0:f4:5b:26:96:89:8e:dd:05:db:40:60:35:20:fe:
03:35:99:20:41:f5:53:37:28:4f:c1:ee:74:56:44:
34:d2:ac:a9:38:89:c3:70:ab:97:dd:86:e0:76:d3:
17:c9:ae:d2:92:32:3d:43:1f:70:31:93:25:e8:1a:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:22:AA:5B:BE:24:64:A9:79:BD:3D:F0:7D:91:7A:61:DD:22:C7:0C
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/mCKqW74kZKl5vT3wfZF6Yd0ixww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.235.0/24
185.171.255.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:1e:99:02:0f:b2:4d:4d:e5:0c:4c:f1:81:44:bf:7b:41:42:
94:bc:46:0f:7e:4e:ed:ba:4d:64:a5:d6:f9:d8:86:8a:d9:54:
d8:97:c9:35:91:ce:b3:f8:4f:00:f3:38:de:4e:c9:28:5a:f4:
23:a0:cc:58:28:9b:08:f3:83:02:38:35:0e:36:84:cc:3d:b7:
a7:ee:03:87:32:de:05:c3:82:df:67:48:3e:09:90:c7:26:66:
48:a9:01:aa:07:53:72:db:62:39:59:48:45:2d:b6:2a:d0:02:
29:01:9d:32:5f:44:d5:15:50:86:0b:6e:94:a0:db:d5:32:cd:
81:03:8d:8e:77:f8:de:14:c3:a3:cf:ca:00:f2:19:01:4d:87:
71:fe:11:6f:10:0d:b3:97:4d:fa:19:2d:8e:0b:e8:32:77:2a:
20:7b:f8:fc:99:27:34:55:08:69:84:6b:6a:ff:6f:81:5c:e8:
88:31:fe:cb:37:39:10:f9:09:dd:db:68:73:14:89:a8:60:d7:
81:ec:85:10:cf:32:98:9d:ec:26:94:9e:a4:4a:45:0b:bb:8a:
c4:5f:58:7e:0e:93:47:62:e2:de:8b:81:c2:eb:97:06:61:d5:
5b:64:87:7d:cb:68:1c:a0:e9:bd:da:68:fb:98:7b:ca:d6:99:
62:33:51:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLEfUVnLfG+5Y9QVj1AZzEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQxMDI1MTYyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIyYWE1YmJlMjQ2NGE5NzliZDNkZjA3ZDkxN2E2MWRkMjJjNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjAUWNt495Ayjo3LZFs8Udc0M6cI
Osj0viIuXXeT676AsJi/zRhZ/ySf/CSAGA9pU+R4Qxa1sC6Z5j006uoVnl8KfDDw
zRr1VVJilM3q2Tc4nUll4GOaJSKQvsrqOdmjdUESmkcB+A1uY2sq6fTn5yPfYezI
kDH9RGncvq5EitpdT5frLUUMNLRaZQMQTQEbx5bjhif564NzXyXzq1hemcSOikhq
DaW1QP/Sz+uQffSlUdho+Pkarv4/FQYpt56Gp+Gg9FsmlomO3QXbQGA1IP4DNZkg
QfVTNyhPwe50VkQ00qypOInDcKuX3YbgdtMXya7SkjI9Qx9wMZMl6BpC6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJgiqlu+JGSpeb098H2RemHdIscMMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvbUNLcVc3NGtaS2w1dlQzd2ZaRjZZZDBpeHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqMfrAwQA
uav/MA0GCSqGSIb3DQEBCwUAA4IBAQBfHpkCD7JNTeUMTPGBRL97QUKUvEYPfk7t
uk1kpdb52IaK2VTYl8k1kc6z+E8A8zjeTskoWvQjoMxYKJsI84MCODUONoTMPben
7gOHMt4Fw4LfZ0g+CZDHJmZIqQGqB1Ny22I5WUhFLbYq0AIpAZ0yX0TVFVCGC26U
oNvVMs2BA42Od/jeFMOjz8oA8hkBTYdx/hFvEA2zl036GS2OC+gydyoge/j8mSc0
VQhphGtq/2+BXOiIMf7LNzkQ+Qnd22hzFImoYNeB7IUQzzKYnewmlJ6kSkULu4rE
X1h+DpNHYuLei4HC65cGYdVbZId9y2gcoOm92mj7mHvK1pliM1FP
-----END CERTIFICATE-----
Generated at Sat Oct 26 04:05:30 2024 by rpki-client on console-fra.rpki-client.org