Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/MlqDA5y3THQspXb5-DlQQz1PI9U.roa
File: MlqDA5y3THQspXb5-DlQQz1PI9U.roa (raw, json)
Hash identifier: XagW7ZqXZDD3Y8mhAVMNoL77p+rX8ivPtmC/KEWex8Y=
Subject key identifier: 32:5A:83:03:9C:B7:4C:74:2C:A5:76:F9:F8:39:50:43:3D:4F:23:D5
Certificate issuer: /CN=fb3bb3b4ab6fff588ddb4cf2afe6d5ac46557bb9
Certificate serial: 018572BA49EBDEB84914F28669934A1847D3
Authority key identifier: FB:3B:B3:B4:AB:6F:FF:58:8D:DB:4C:F2:AF:E6:D5:AC:46:55:7B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-zuztKtv_1iN20zyr-bVrEZVe7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/MlqDA5y3THQspXb5-DlQQz1PI9U.roa
Signing time: Mon 02 Jan 2023 13:44:49 +0000
ROA not before: Mon 02 Jan 2023 13:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203936
IP address blocks: 185.232.36.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:49:eb:de:b8:49:14:f2:86:69:93:4a:18:47:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb3bb3b4ab6fff588ddb4cf2afe6d5ac46557bb9
Validity
Not Before: Jan 2 13:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=325a83039cb74c742ca576f9f83950433d4f23d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f9:c3:6e:fd:02:37:24:54:0c:9c:0c:8e:a6:
ba:c7:70:73:77:cd:b1:ab:96:79:cf:95:27:9f:19:
71:8a:99:a9:ff:df:ab:7a:a6:06:d4:1b:e3:ec:74:
f9:35:25:33:d4:78:38:d8:46:f7:e5:b6:ad:2e:95:
b4:01:20:ff:a2:9b:1b:7e:d1:5a:e9:9c:19:9a:98:
54:55:9b:ac:f6:40:f1:c8:de:16:01:2a:86:d7:a9:
87:d4:08:f6:31:db:1c:15:b2:91:26:0f:3e:ac:3d:
ee:58:45:08:ec:87:62:05:04:5d:42:b5:22:56:b6:
81:6b:45:e8:0c:80:cd:ec:48:c3:b4:37:e6:f6:3a:
d1:6b:c2:5a:a1:b5:df:8b:14:96:61:99:68:9b:a8:
22:a8:69:99:45:79:8f:e9:34:d4:52:87:5f:46:c7:
49:06:d9:cb:3e:9d:78:17:da:ee:30:d6:32:9f:be:
6a:db:14:cb:52:5c:06:f3:dd:61:14:1f:e1:87:2f:
45:f9:af:f5:ad:28:dc:f3:8c:6a:1d:bc:86:77:1a:
b8:36:ac:f8:7e:30:28:a4:6e:a1:05:13:f5:61:26:
f7:bb:03:d8:19:90:3e:5f:6c:e7:47:71:f1:46:30:
b3:41:10:0a:6a:f6:c4:76:24:8b:34:9f:70:ce:a3:
c6:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:83:03:9C:B7:4C:74:2C:A5:76:F9:F8:39:50:43:3D:4F:23:D5
X509v3 Authority Key Identifier:
keyid:FB:3B:B3:B4:AB:6F:FF:58:8D:DB:4C:F2:AF:E6:D5:AC:46:55:7B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-zuztKtv_1iN20zyr-bVrEZVe7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/MlqDA5y3THQspXb5-DlQQz1PI9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/68fbaf-45f1-4946-a346-686a01888d29/1/1-zuztKtv_1iN20zyr-bVrEZVe7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.36.0/22
Signature Algorithm: sha256WithRSAEncryption
75:c0:af:3c:29:04:b8:6b:7c:4d:9b:ff:a1:02:4d:58:d9:21:
ee:2e:e9:71:c5:98:9d:f4:b7:94:74:85:39:37:6e:36:3c:61:
34:50:1a:07:98:95:25:e6:b4:b7:45:d9:24:5a:2a:12:b2:c2:
8e:8e:19:bb:8d:ed:a4:db:bc:ce:99:0c:c7:23:4c:6b:89:cb:
7b:26:03:9e:c8:07:61:69:2a:7e:f4:61:8b:88:5c:71:83:fd:
c0:4a:cc:60:11:1e:5d:46:c3:58:38:e7:43:9e:cb:76:a6:fe:
81:46:2f:51:48:27:78:ac:32:63:cb:fb:c7:99:58:47:eb:7c:
eb:14:38:ac:3d:53:59:56:c2:db:39:90:08:25:3e:fb:2f:b2:
84:2f:74:46:db:0d:43:ae:33:bf:1e:17:e6:fd:b4:51:1b:e0:
99:87:4b:4e:16:08:1f:ec:75:21:96:9f:65:dd:d6:e1:d1:d2:
3b:16:71:c3:57:72:8b:30:e8:1b:ef:26:28:84:4c:35:cc:97:
47:74:45:88:cd:df:e8:5a:c6:ed:3f:9f:bb:fc:a7:c1:17:86:
48:2c:93:35:29:dc:4c:4d:92:b8:e6:83:fc:74:e5:30:58:ed:
b9:a5:84:61:ec:39:aa:59:06:69:c4:2c:e6:24:65:f5:af:a4:
c8:53:91:8d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVyuknr3rhJFPKGaZNKGEfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiM2JiM2I0YWI2ZmZmNTg4ZGRiNGNmMmFmZTZkNWFjNDY1
NTdiYjkwHhcNMjMwMTAyMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVhODMwMzljYjc0Yzc0MmNhNTc2ZjlmODM5NTA0MzNkNGYyM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfnDbv0CNyRUDJwMjqa6x3Bzd82x
q5Z5z5Unnxlxipmp/9+reqYG1Bvj7HT5NSUz1Hg42Eb35batLpW0ASD/opsbftFa
6ZwZmphUVZus9kDxyN4WASqG16mH1Aj2MdscFbKRJg8+rD3uWEUI7IdiBQRdQrUi
VraBa0XoDIDN7EjDtDfm9jrRa8JaobXfixSWYZlom6giqGmZRXmP6TTUUodfRsdJ
BtnLPp14F9ruMNYyn75q2xTLUlwG891hFB/hhy9F+a/1rSjc84xqHbyGdxq4Nqz4
fjAopG6hBRP1YSb3uwPYGZA+X2znR3HxRjCzQRAKavbEdiSLNJ9wzqPG6wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDJagwOct0x0LKV2+fg5UEM9TyPVMB8GA1UdIwQY
MBaAFPs7s7Srb/9YjdtM8q/m1axGVXu5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS16dXp0S3R2XzFpTjIwenlyLWJWckVaVmU3ay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTYvNjhmYmFmLTQ1ZjEtNDk0Ni1hMzQ2
LTY4NmEwMTg4OGQyOS8xL01scURBNXkzVEhRc3BYYjUtRGxRUXoxUEk5VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTYvNjhmYmFmLTQ1ZjEtNDk0Ni1hMzQ2LTY4NmEwMTg4OGQy
OS8xLzEtenV6dEt0dl8xaU4yMHp5ci1iVnJFWlZlN2suY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK56CQw
DQYJKoZIhvcNAQELBQADggEBAHXArzwpBLhrfE2b/6ECTVjZIe4u6XHFmJ30t5R0
hTk3bjY8YTRQGgeYlSXmtLdF2SRaKhKywo6OGbuN7aTbvM6ZDMcjTGuJy3smA57I
B2FpKn70YYuIXHGD/cBKzGARHl1Gw1g450Oey3am/oFGL1FIJ3isMmPL+8eZWEfr
fOsUOKw9U1lWwts5kAglPvsvsoQvdEbbDUOuM78eF+b9tFEb4JmHS04WCB/sdSGW
n2Xd1uHR0jsWccNXcosw6BvvJiiETDXMl0d0RYjN3+haxu0/n7v8p8EXhkgskzUp
3ExNkrjmg/x05TBY7bmlhGHsOapZBmnELOYkZfWvpMhTkY0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:44 2024 by rpki-client on console-ams.rpki-client.org