Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Ma827UPNk-hnu3MDIfqi2Aa1XVU.roa
File: Ma827UPNk-hnu3MDIfqi2Aa1XVU.roa (raw, json)
Hash identifier: 7kAIRLbPiGiY1pRD0f/YaHY4BsSagBkT+tj4atHbOiw=
Subject key identifier: 31:AF:36:ED:43:CD:93:E8:67:BB:73:03:21:FA:A2:D8:06:B5:5D:55
Certificate issuer: /CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Certificate serial: 01856C4A3D71B0804CFA57C20D8B80B71A7E
Authority key identifier: 1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Ma827UPNk-hnu3MDIfqi2Aa1XVU.roa
Signing time: Sun 01 Jan 2023 07:44:42 +0000
ROA not before: Sun 01 Jan 2023 07:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13335
IP address blocks: 185.146.172.0/24 maxlen: 24
185.146.173.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:3d:71:b0:80:4c:fa:57:c2:0d:8b:80:b7:1a:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a0489dc9c0a74c2ed53e1d9e1fbfdd8c8773b94
Validity
Not Before: Jan 1 07:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31af36ed43cd93e867bb730321faa2d806b55d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7e:80:8d:f6:59:35:68:62:33:0c:95:7c:13:
f5:13:a9:60:09:aa:54:0b:35:ec:ba:ce:5e:8c:41:
7a:d9:67:b4:1f:f4:42:fd:8b:73:4c:62:5b:03:93:
5e:d2:a9:cf:e2:6e:33:e4:1b:31:5d:93:8e:6c:7b:
df:84:1d:39:d3:20:c3:91:3b:8c:cc:89:40:2e:de:
42:6f:0e:e8:82:7b:a1:53:69:52:72:a2:9f:99:24:
4b:a0:03:2d:00:bf:68:05:fe:11:11:98:72:9c:f6:
d3:08:be:8a:42:ab:02:5c:ae:c9:6f:17:f0:c1:6d:
2d:b7:61:34:ac:d2:0d:b5:ab:95:d4:1a:5a:0e:d0:
49:ef:c8:38:b0:46:0c:42:e1:6c:1c:d6:fb:58:43:
97:80:a7:13:42:1d:ab:a7:00:79:fc:d8:cb:4a:ba:
64:4f:83:2d:8d:40:84:e0:e7:3c:d0:36:be:20:67:
11:dc:4d:24:f6:46:58:e1:b9:13:70:17:7d:63:52:
f7:e0:8e:bc:7c:68:31:f2:74:14:fd:e7:e5:95:d2:
35:bf:4a:84:bb:ff:92:17:bd:7b:ea:35:1f:62:ba:
38:36:4e:0b:dc:d3:41:65:df:2c:2c:9b:44:57:44:
5a:b1:cb:d5:fa:7d:9b:6b:0f:41:2c:a0:f9:f8:b0:
b3:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:AF:36:ED:43:CD:93:E8:67:BB:73:03:21:FA:A2:D8:06:B5:5D:55
X509v3 Authority Key Identifier:
keyid:1A:04:89:DC:9C:0A:74:C2:ED:53:E1:D9:E1:FB:FD:D8:C8:77:3B:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/Ma827UPNk-hnu3MDIfqi2Aa1XVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/11c52c-41aa-4e95-ad67-a021a63ddfc3/1/GgSJ3JwKdMLtU-HZ4fv92Mh3O5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.172.0/23
Signature Algorithm: sha256WithRSAEncryption
af:3c:29:89:ea:d8:c9:ae:d0:14:f2:db:1d:22:ef:df:60:f6:
91:86:ec:9f:2b:62:ab:f8:c3:76:40:97:10:c9:74:59:32:8f:
8c:76:9d:e4:7b:23:07:87:24:17:be:e1:73:0f:fe:f6:9d:e8:
ca:60:42:9a:a2:1e:c5:db:2e:fe:aa:48:9b:58:f1:24:4e:d0:
7d:05:54:72:58:02:0b:a8:67:44:c5:ba:20:fa:94:df:8e:ac:
f4:87:05:fb:46:72:2d:f9:14:bd:54:cc:71:29:56:44:4f:be:
19:21:ee:c7:41:dc:b6:75:ca:7b:cb:1e:e7:e3:13:5b:b8:ea:
42:27:0b:b0:1a:b6:b5:bd:4e:05:5b:a3:d4:c6:99:d0:27:e8:
5c:3a:28:9b:8c:f4:6d:01:02:fc:e3:06:89:eb:6d:c8:bd:47:
13:a0:1e:fb:8e:f1:e0:6c:13:0d:3c:0b:8a:be:16:5b:9d:42:
ce:81:71:a1:4f:b9:d5:2c:b8:94:c7:f6:24:47:fc:a2:9a:22:
55:fe:2a:11:89:65:bc:80:17:8c:35:70:0c:0b:9e:7c:66:c1:
3e:d1:ec:de:89:86:7b:9d:47:7c:20:0b:32:25:7b:f6:14:91:
0f:9e:36:44:50:79:e6:1a:e4:8c:2e:a1:de:67:32:40:94:46:
6e:eb:8a:66
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSj1xsIBM+lfCDYuAtxp+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMDQ4OWRjOWMwYTc0YzJlZDUzZTFkOWUxZmJmZGQ4Yzg3
NzNiOTQwHhcNMjMwMTAxMDc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWFmMzZlZDQzY2Q5M2U4NjdiYjczMDMyMWZhYTJkODA2YjU1ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH6AjfZZNWhiMwyVfBP1E6lgCapU
CzXsus5ejEF62We0H/RC/YtzTGJbA5Ne0qnP4m4z5BsxXZOObHvfhB050yDDkTuM
zIlALt5Cbw7ognuhU2lScqKfmSRLoAMtAL9oBf4REZhynPbTCL6KQqsCXK7Jbxfw
wW0tt2E0rNINtauV1BpaDtBJ78g4sEYMQuFsHNb7WEOXgKcTQh2rpwB5/NjLSrpk
T4MtjUCE4Oc80Da+IGcR3E0k9kZY4bkTcBd9Y1L34I68fGgx8nQU/eflldI1v0qE
u/+SF7176jUfYro4Nk4L3NNBZd8sLJtEV0RascvV+n2baw9BLKD5+LCz3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDGvNu1DzZPoZ7tzAyH6otgGtV1VMB8GA1UdIwQY
MBaAFBoEidycCnTC7VPh2eH7/djIdzuUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjct
YTAyMWE2M2RkZmMzLzEvTWE4MjdVUE5rLWhudTNNRElmcWkyQWExWFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8xMWM1MmMtNDFhYS00ZTk1LWFkNjctYTAyMWE2M2RkZmMz
LzEvR2dTSjNKd0tkTUx0VS1IWjRmdjkyTWgzTzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuZKsMA0G
CSqGSIb3DQEBCwUAA4IBAQCvPCmJ6tjJrtAU8tsdIu/fYPaRhuyfK2Kr+MN2QJcQ
yXRZMo+Mdp3keyMHhyQXvuFzD/72nejKYEKaoh7F2y7+qkibWPEkTtB9BVRyWAIL
qGdExbog+pTfjqz0hwX7RnIt+RS9VMxxKVZET74ZIe7HQdy2dcp7yx7n4xNbuOpC
JwuwGra1vU4FW6PUxpnQJ+hcOiibjPRtAQL84waJ623IvUcToB77jvHgbBMNPAuK
vhZbnULOgXGhT7nVLLiUx/YkR/yimiJV/ioRiWW8gBeMNXAMC558ZsE+0ezeiYZ7
nUd8IAsyJXv2FJEPnjZEUHnmGuSMLqHeZzJAlEZu64pm
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:04 2024 by rpki-client on console-fra.rpki-client.org