Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/1d70f1-74c5-4fd0-aee5-dc66ba580fb4/1/mPp8J6HF6m29bgSkshPLx5EOE20.roa
File: mPp8J6HF6m29bgSkshPLx5EOE20.roa (raw, json)
Hash identifier: egVHcwcEdnPtlVgKXLmQXU/iRq1Pjb21biThXSfymbg=
Subject key identifier: 98:FA:7C:27:A1:C5:EA:6D:BD:6E:04:A4:B2:13:CB:C7:91:0E:13:6D
Certificate issuer: /CN=f275358a9ffc9a69e4f1b1443ba481ef41badcac
Certificate serial: 018570153E5D6CCDBDFB415968AE47B31E9F
Authority key identifier: F2:75:35:8A:9F:FC:9A:69:E4:F1:B1:44:3B:A4:81:EF:41:BA:DC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nU1ip_8mmnk8bFEO6SB70G63Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/1d70f1-74c5-4fd0-aee5-dc66ba580fb4/1/mPp8J6HF6m29bgSkshPLx5EOE20.roa
Signing time: Mon 02 Jan 2023 01:25:18 +0000
ROA not before: Mon 02 Jan 2023 01:25:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202374
IP address blocks: 185.248.68.0/22 maxlen: 22
2a07:e600::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:3e:5d:6c:cd:bd:fb:41:59:68:ae:47:b3:1e:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f275358a9ffc9a69e4f1b1443ba481ef41badcac
Validity
Not Before: Jan 2 01:25:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98fa7c27a1c5ea6dbd6e04a4b213cbc7910e136d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a9:ed:45:2d:6b:11:4a:10:04:8b:01:01:1b:
bc:ed:e4:99:85:b7:9f:34:d4:81:ed:47:9f:c2:33:
45:bf:38:cf:bc:52:aa:16:7b:85:ba:33:c5:75:e7:
2e:0c:9e:4e:eb:9a:4d:90:4f:7d:80:5e:b3:7b:04:
2f:1f:a5:5a:e7:3e:19:d5:ce:c5:a3:31:ad:85:3e:
8f:46:ba:90:8f:7c:6a:9b:dd:d2:29:c0:84:df:8b:
5d:e2:d7:e8:4a:39:57:db:11:55:74:ea:b7:66:d9:
86:75:7e:2f:9d:11:3b:28:99:d6:ce:c5:f2:bb:ca:
f9:bd:63:3b:fd:c9:b9:d6:ca:7b:6d:c2:13:34:cf:
5a:72:43:10:f7:a4:ed:8a:ab:42:49:6f:ce:37:34:
0a:23:e3:03:29:c4:69:b7:7b:96:a3:3e:90:3b:94:
bc:35:92:83:3d:65:91:4b:e5:3d:26:20:07:f0:fd:
d5:0d:5b:4f:06:8f:94:05:1b:9f:48:b5:7a:55:6f:
63:20:e0:a2:96:07:8c:bf:fc:60:f1:4d:b0:7a:b1:
6a:87:91:70:13:1d:96:71:a4:52:2b:fc:ea:3c:50:
4b:f4:77:fa:4a:fb:cd:77:46:9a:a8:70:fe:9c:88:
aa:59:53:18:50:0c:46:39:de:a3:6b:54:51:18:80:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:FA:7C:27:A1:C5:EA:6D:BD:6E:04:A4:B2:13:CB:C7:91:0E:13:6D
X509v3 Authority Key Identifier:
keyid:F2:75:35:8A:9F:FC:9A:69:E4:F1:B1:44:3B:A4:81:EF:41:BA:DC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nU1ip_8mmnk8bFEO6SB70G63Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/1d70f1-74c5-4fd0-aee5-dc66ba580fb4/1/mPp8J6HF6m29bgSkshPLx5EOE20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/1d70f1-74c5-4fd0-aee5-dc66ba580fb4/1/8nU1ip_8mmnk8bFEO6SB70G63Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.68.0/22
IPv6:
2a07:e600::/29
Signature Algorithm: sha256WithRSAEncryption
80:9d:06:16:d1:39:5a:68:f1:01:e5:72:f2:0d:99:95:5a:20:
70:b5:61:11:0e:25:e3:8d:a1:c7:1d:69:d7:cd:0c:2c:70:27:
e3:e4:4c:a3:66:c8:34:d2:23:28:0c:11:b7:11:3c:72:c0:02:
7e:9c:d2:61:89:2d:89:74:62:c7:d4:82:6e:2e:ba:3d:23:e2:
32:86:cd:f3:39:9a:4c:30:36:46:67:eb:fa:91:22:8c:45:5c:
b9:f9:ad:d1:4f:fd:04:46:65:77:74:7f:ae:cd:31:c7:12:7f:
ba:48:bc:59:6a:7b:cd:05:b5:7e:8a:92:c8:89:85:17:9c:8b:
f2:9a:db:fe:f5:15:4f:bd:70:1d:df:55:fa:2b:b1:ea:cf:50:
7a:8a:16:50:98:b9:e5:82:54:42:4d:13:cf:76:3e:e5:47:1a:
ee:20:e4:0e:58:84:15:dd:6e:65:0c:b2:d7:97:44:01:f9:ea:
9a:c8:fc:b2:94:08:ec:02:b6:5a:7e:0e:b9:7f:6c:a2:43:ab:
9e:47:60:a8:52:8d:14:1c:ce:6a:91:7a:b6:41:ad:d5:64:a5:
97:9b:7b:d3:f0:9e:49:74:f4:41:ce:0a:d5:f8:69:55:9f:c4:
40:88:f8:4d:c9:7f:bb:c4:a9:d0:b7:48:d6:24:42:94:12:2e:
fe:a9:6e:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwFT5dbM29+0FZaK5Hsx6fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNzUzNThhOWZmYzlhNjllNGYxYjE0NDNiYTQ4MWVmNDFi
YWRjYWMwHhcNMjMwMTAyMDEyNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGZhN2MyN2ExYzVlYTZkYmQ2ZTA0YTRiMjEzY2JjNzkxMGUxMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6ntRS1rEUoQBIsBARu87eSZhbef
NNSB7UefwjNFvzjPvFKqFnuFujPFdecuDJ5O65pNkE99gF6zewQvH6Va5z4Z1c7F
ozGthT6PRrqQj3xqm93SKcCE34td4tfoSjlX2xFVdOq3ZtmGdX4vnRE7KJnWzsXy
u8r5vWM7/cm51sp7bcITNM9ackMQ96TtiqtCSW/ONzQKI+MDKcRpt3uWoz6QO5S8
NZKDPWWRS+U9JiAH8P3VDVtPBo+UBRufSLV6VW9jIOCilgeMv/xg8U2werFqh5Fw
Ex2WcaRSK/zqPFBL9Hf6SvvNd0aaqHD+nIiqWVMYUAxGOd6ja1RRGICvMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJj6fCehxeptvW4EpLITy8eRDhNtMB8GA1UdIwQY
MBaAFPJ1NYqf/Jpp5PGxRDukge9ButysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG5VMWlwXzhtbW5rOGJGRU82U0I3MEc2M0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC8xZDcwZjEtNzRjNS00ZmQwLWFlZTUt
ZGM2NmJhNTgwZmI0LzEvbVBwOEo2SEY2bTI5YmdTa3NoUEx4NUVPRTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC8xZDcwZjEtNzRjNS00ZmQwLWFlZTUtZGM2NmJhNTgwZmI0
LzEvOG5VMWlwXzhtbW5rOGJGRU82U0I3MEc2M0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufhEMA0E
AgACMAcDBQMqB+YAMA0GCSqGSIb3DQEBCwUAA4IBAQCAnQYW0TlaaPEB5XLyDZmV
WiBwtWERDiXjjaHHHWnXzQwscCfj5EyjZsg00iMoDBG3ETxywAJ+nNJhiS2JdGLH
1IJuLro9I+Iyhs3zOZpMMDZGZ+v6kSKMRVy5+a3RT/0ERmV3dH+uzTHHEn+6SLxZ
anvNBbV+ipLIiYUXnIvymtv+9RVPvXAd31X6K7Hqz1B6ihZQmLnlglRCTRPPdj7l
RxruIOQOWIQV3W5lDLLXl0QB+eqayPyylAjsArZafg65f2yiQ6ueR2CoUo0UHM5q
kXq2Qa3VZKWXm3vT8J5JdPRBzgrV+GlVn8RAiPhNyX+7xKnQt0jWJEKUEi7+qW7O
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:33 2024 by rpki-client on console-fra.rpki-client.org