Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/rvMJsXAKMoG2uGY7HtvVGv2JGSU.roa
File: rvMJsXAKMoG2uGY7HtvVGv2JGSU.roa (raw, json)
Hash identifier: 1bYnvug0Sa4tUaXyUPRZxVGZ1+0GINSjmK0DPo8MK2w=
Subject key identifier: AE:F3:09:B1:70:0A:32:81:B6:B8:66:3B:1E:DB:D5:1A:FD:89:19:25
Certificate issuer: /CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Certificate serial: 01856C65C0E2081ADFB7A2B7F4699C1EE0FB
Authority key identifier: 91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/rvMJsXAKMoG2uGY7HtvVGv2JGSU.roa
Signing time: Sun 01 Jan 2023 08:14:45 +0000
ROA not before: Sun 01 Jan 2023 08:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199455
IP address blocks: 185.4.118.0/24 maxlen: 24
185.4.117.0/24 maxlen: 24
185.4.116.0/24 maxlen: 24
185.4.116.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c0:e2:08:1a:df:b7:a2:b7:f4:69:9c:1e:e0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918ef823bb041ea3ac7c8936c750b6018137e2cd
Validity
Not Before: Jan 1 08:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aef309b1700a3281b6b8663b1edbd51afd891925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:d0:43:a7:39:b8:be:43:06:ce:12:50:de:
73:3c:ad:4a:10:0e:8e:b5:60:ee:64:2e:1f:05:43:
9c:cc:44:a3:69:fe:0d:50:ea:75:e7:2f:c8:12:7f:
0f:b2:c2:2f:af:b4:04:4f:ed:d1:16:d6:44:af:9c:
ba:63:58:8e:ab:90:a0:40:ab:6f:96:d7:51:0a:b2:
91:18:2f:7d:79:5b:6a:e0:8a:22:be:e3:50:9d:6e:
3c:f3:93:0b:7a:5a:05:48:4b:78:d3:8d:bc:cb:10:
24:4d:31:3c:67:b8:bc:a5:3f:e4:34:55:4d:9a:8a:
f9:35:ac:7b:84:be:b2:85:ff:e7:6d:4a:45:ee:59:
9d:15:7f:43:64:b5:57:e7:5f:79:08:54:c9:98:06:
8b:5a:b7:9d:f0:62:d4:fc:b1:1b:d4:ac:4d:a3:65:
1b:48:f5:d5:50:9b:fd:4b:c6:f3:36:e0:3e:8b:cc:
eb:d3:38:54:cf:08:eb:0a:14:c3:7d:6d:8b:24:3e:
89:f9:f1:ed:df:f4:d1:6a:01:6a:f9:ae:8d:4c:0f:
06:5b:71:9e:d6:8f:4d:0a:f0:d3:f8:05:3a:b5:c0:
b0:6a:6a:1b:5a:70:5f:43:24:62:ce:e1:82:df:9c:
37:dd:1c:dc:88:98:d9:f2:a7:d0:c0:81:1e:df:da:
53:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:F3:09:B1:70:0A:32:81:B6:B8:66:3B:1E:DB:D5:1A:FD:89:19:25
X509v3 Authority Key Identifier:
keyid:91:8E:F8:23:BB:04:1E:A3:AC:7C:89:36:C7:50:B6:01:81:37:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kY74I7sEHqOsfIk2x1C2AYE34s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/rvMJsXAKMoG2uGY7HtvVGv2JGSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/65420c-f5e2-4d29-b503-6529751b2b01/1/kY74I7sEHqOsfIk2x1C2AYE34s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:8d:94:a8:ce:19:53:94:f0:5e:b5:d5:57:12:5e:c8:c3:78:
2c:d2:a5:11:b6:65:7f:84:fa:35:f7:3c:d5:a1:27:aa:3d:e2:
9b:6a:44:3d:7d:88:44:fd:40:c8:0f:b0:0d:73:a5:96:07:85:
3e:dc:1a:14:1a:af:75:31:f1:a5:0a:16:1a:a6:ac:ad:04:4b:
63:3a:15:14:8e:0f:28:c4:61:ed:78:3a:52:1d:6d:06:18:a3:
74:28:b0:35:15:ec:8a:ef:22:f6:b6:1e:e0:47:cc:bc:33:18:
a2:7e:81:42:2c:68:44:cf:be:1e:57:c1:6b:1c:fe:c1:29:90:
70:2b:9d:0a:a9:f7:64:c3:5d:3d:b7:cc:6d:ad:2c:48:1c:85:
31:07:9a:17:8e:8c:ec:16:0c:d9:bf:8f:5c:cd:5e:e0:df:75:
58:75:01:58:52:e3:06:49:79:e9:2e:a4:8d:4e:4f:01:bf:3e:
00:04:d7:1f:a1:78:7e:c2:a8:13:c8:14:f3:a6:2c:e0:c9:47:
49:84:75:9d:58:d7:21:64:c2:7e:da:71:ff:1b:e3:7e:9e:0d:
3f:d1:27:12:e4:48:01:a9:cd:bc:6d:15:f5:31:7d:fd:e9:48:
87:c9:2e:68:4a:82:4a:30:42:0e:5a:e1:f2:a6:f9:b9:8b:5b:
52:a5:a7:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsZcDiCBrft6K39GmcHuD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxOGVmODIzYmIwNDFlYTNhYzdjODkzNmM3NTBiNjAxODEz
N2UyY2QwHhcNMjMwMTAxMDgxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWYzMDliMTcwMGEzMjgxYjZiODY2M2IxZWRiZDUxYWZkODkxOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/LQQ6c5uL5DBs4SUN5zPK1KEA6O
tWDuZC4fBUOczESjaf4NUOp15y/IEn8PssIvr7QET+3RFtZEr5y6Y1iOq5CgQKtv
ltdRCrKRGC99eVtq4IoivuNQnW4885MLeloFSEt40428yxAkTTE8Z7i8pT/kNFVN
mor5Nax7hL6yhf/nbUpF7lmdFX9DZLVX5195CFTJmAaLWred8GLU/LEb1KxNo2Ub
SPXVUJv9S8bzNuA+i8zr0zhUzwjrChTDfW2LJD6J+fHt3/TRagFq+a6NTA8GW3Ge
1o9NCvDT+AU6tcCwamobWnBfQyRizuGC35w33RzciJjZ8qfQwIEe39pT7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK7zCbFwCjKBtrhmOx7b1Rr9iRklMB8GA1UdIwQY
MBaAFJGO+CO7BB6jrHyJNsdQtgGBN+LNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMt
NjUyOTc1MWIyYjAxLzEvcnZNSnNYQUtNb0cydUdZN0h0dlZHdjJKR1NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82NTQyMGMtZjVlMi00ZDI5LWI1MDMtNjUyOTc1MWIyYjAx
LzEva1k3NEk3c0VIcU9zZklrMngxQzJBWUUzNHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQR0MA0G
CSqGSIb3DQEBCwUAA4IBAQA4jZSozhlTlPBetdVXEl7Iw3gs0qURtmV/hPo19zzV
oSeqPeKbakQ9fYhE/UDID7ANc6WWB4U+3BoUGq91MfGlChYapqytBEtjOhUUjg8o
xGHteDpSHW0GGKN0KLA1FeyK7yL2th7gR8y8MxiifoFCLGhEz74eV8FrHP7BKZBw
K50Kqfdkw109t8xtrSxIHIUxB5oXjozsFgzZv49czV7g33VYdQFYUuMGSXnpLqSN
Tk8Bvz4ABNcfoXh+wqgTyBTzpizgyUdJhHWdWNchZMJ+2nH/G+N+ng0/0ScS5EgB
qc28bRX1MX396UiHyS5oSoJKMEIOWuHypvm5i1tSpafJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:04 2024 by rpki-client on console-fra.rpki-client.org