Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/mbj2--b0ODSk1nmCeLXTYaiv_6c.roa
File: mbj2--b0ODSk1nmCeLXTYaiv_6c.roa (raw, json)
Hash identifier: 2f+OC9rugIR+mftycuQQHel8Yq7adLFEumfcujr1X08=
Subject key identifier: 99:B8:F6:FB:E6:F4:38:34:A4:D6:79:82:78:B5:D3:61:A8:AF:FF:A7
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018571C31736CD2B880F41B335CC427BA065
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/mbj2--b0ODSk1nmCeLXTYaiv_6c.roa
Signing time: Mon 02 Jan 2023 09:14:48 +0000
ROA not before: Mon 02 Jan 2023 09:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48550
IP address blocks: 185.133.210.0/24 maxlen: 24
2a06:e880::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:17:36:cd:2b:88:0f:41:b3:35:cc:42:7b:a0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 09:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99b8f6fbe6f43834a4d6798278b5d361a8afffa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:03:a0:17:c5:b8:9e:1f:e0:ba:7d:d2:fa:a0:
05:a2:2c:09:e8:9d:66:eb:b3:c2:06:21:25:6b:33:
f1:e0:dc:1d:c9:28:45:9d:91:3b:33:4e:05:74:2f:
9a:ff:92:f6:03:d6:86:d1:6c:a1:e8:42:d7:7b:81:
c8:c1:64:ac:28:61:6c:fc:4e:ea:1d:fa:d0:27:4e:
76:28:13:8a:59:42:9c:33:ab:65:77:cf:48:62:8a:
fb:4a:b4:b2:92:f7:2c:4e:dd:92:08:29:9e:35:cd:
d9:ca:ce:f7:d3:10:da:b6:ab:9e:c4:92:75:f9:c9:
b5:a1:ed:f1:55:8a:08:f4:13:61:88:6f:3b:ef:db:
db:e2:87:e7:42:22:41:aa:79:55:ca:22:6b:eb:f6:
fa:0e:52:44:78:e0:d0:59:ca:58:07:ad:bd:cd:e3:
eb:a0:ce:ac:cd:a7:e3:4a:4b:65:2e:70:0c:f9:1d:
5f:61:b6:3d:1f:6b:84:36:74:2a:7b:b7:64:cb:9a:
43:28:ae:4b:49:59:49:d2:58:ec:1e:7e:4f:cc:c3:
9e:0e:6e:fe:57:c2:e1:89:a0:01:eb:5d:bc:f8:4a:
8a:c2:f6:85:69:cf:44:b5:a0:56:71:78:9c:c1:5e:
5f:9d:d5:8d:c8:d7:8e:02:c5:48:55:61:77:9c:e4:
f4:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B8:F6:FB:E6:F4:38:34:A4:D6:79:82:78:B5:D3:61:A8:AF:FF:A7
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/mbj2--b0ODSk1nmCeLXTYaiv_6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.210.0/24
IPv6:
2a06:e880::/32
Signature Algorithm: sha256WithRSAEncryption
a0:79:4b:75:fa:9d:94:02:40:b1:66:1f:44:77:45:87:d7:c2:
3f:dc:8d:09:c8:05:5d:26:05:c8:cb:28:b5:85:6c:51:b1:5f:
e5:fa:89:9d:08:22:57:c9:ef:97:73:fd:05:02:dc:14:28:35:
5e:3f:43:c5:c9:4c:6e:6c:f4:42:7c:cb:45:1c:a1:f6:b0:08:
6a:e5:cc:fe:99:6a:df:f2:4b:f3:69:26:4d:9a:b3:8b:6b:ca:
61:a2:f0:80:ca:3c:60:b5:c6:37:9d:fa:73:6e:58:fe:e6:ca:
2d:8c:cf:99:a9:88:8e:96:51:06:9a:f1:04:97:58:65:d9:a2:
61:0f:1d:76:ac:b9:dd:06:e6:7f:63:f0:a0:06:db:1c:41:95:
49:5e:48:d8:f5:93:d6:1a:8b:74:21:66:b8:66:ef:a5:60:00:
0d:e3:78:32:d3:f7:8e:c0:93:39:a6:ab:8d:bf:2f:88:c4:f1:
15:70:81:7d:13:da:76:12:44:62:fe:8a:fc:78:51:24:c3:86:
cb:9f:b0:cc:60:b3:d0:63:b9:1b:1c:5f:32:d6:89:25:80:1b:
23:91:cb:68:f8:64:ef:ed:ac:c5:1c:9d:f6:28:b9:37:25:0c:
d5:df:d2:8c:23:46:a8:d0:8e:4c:9e:df:5b:10:33:70:35:29:
f4:ab:6a:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxwxc2zSuID0GzNcxCe6BlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjMwMTAyMDkxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWI4ZjZmYmU2ZjQzODM0YTRkNjc5ODI3OGI1ZDM2MWE4YWZmZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwOgF8W4nh/gun3S+qAFoiwJ6J1m
67PCBiElazPx4NwdyShFnZE7M04FdC+a/5L2A9aG0Wyh6ELXe4HIwWSsKGFs/E7q
HfrQJ052KBOKWUKcM6tld89IYor7SrSykvcsTt2SCCmeNc3Zys730xDatquexJJ1
+cm1oe3xVYoI9BNhiG8779vb4ofnQiJBqnlVyiJr6/b6DlJEeODQWcpYB629zePr
oM6szafjSktlLnAM+R1fYbY9H2uENnQqe7dky5pDKK5LSVlJ0ljsHn5PzMOeDm7+
V8LhiaAB6128+EqKwvaFac9EtaBWcXicwV5fndWNyNeOAsVIVWF3nOT0CwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJm49vvm9Dg0pNZ5gni102Gor/+nMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvbWJqMi0tYjBPRFNrMW5tQ2VMWFRZYWl2XzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYXSMA0E
AgACMAcDBQAqBuiAMA0GCSqGSIb3DQEBCwUAA4IBAQCgeUt1+p2UAkCxZh9Ed0WH
18I/3I0JyAVdJgXIyyi1hWxRsV/l+omdCCJXye+Xc/0FAtwUKDVeP0PFyUxubPRC
fMtFHKH2sAhq5cz+mWrf8kvzaSZNmrOLa8phovCAyjxgtcY3nfpzblj+5sotjM+Z
qYiOllEGmvEEl1hl2aJhDx12rLndBuZ/Y/CgBtscQZVJXkjY9ZPWGot0IWa4Zu+l
YAAN43gy0/eOwJM5pquNvy+IxPEVcIF9E9p2EkRi/or8eFEkw4bLn7DMYLPQY7kb
HF8y1oklgBsjkcto+GTv7azFHJ32KLk3JQzV39KMI0ao0I5Mnt9bEDNwNSn0q2oE
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:16 2024 by rpki-client on console-fra.rpki-client.org