Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/MQnCiwfcXrlIt5gZd-Gym3qjz7o.roa
File: MQnCiwfcXrlIt5gZd-Gym3qjz7o.roa (raw, json)
Hash identifier: PfiZvN2cqgcBzMYpCoDQzi8++7UV4xG60CRO1jjqCeQ=
Subject key identifier: 31:09:C2:8B:07:DC:5E:B9:48:B7:98:19:77:E1:B2:9B:7A:A3:CF:BA
Certificate issuer: /CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Certificate serial: 0185723A321B29E6BE265CFC26966E81E2A7
Authority key identifier: C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/MQnCiwfcXrlIt5gZd-Gym3qjz7o.roa
Signing time: Mon 02 Jan 2023 11:24:54 +0000
ROA not before: Mon 02 Jan 2023 11:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12414
IP address blocks: 185.91.248.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:3a:32:1b:29:e6:be:26:5c:fc:26:96:6e:81:e2:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c398060f1bf22f0999cb071b1b42696dbc43e10c
Validity
Not Before: Jan 2 11:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3109c28b07dc5eb948b7981977e1b29b7aa3cfba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:7f:a9:6b:b2:bf:ee:1e:22:bd:19:09:7d:fc:
6f:51:d0:18:99:05:58:c4:f1:47:b1:4b:3d:78:c5:
be:64:e1:12:dc:d7:ef:ca:86:70:f8:ea:c2:e1:58:
85:f5:89:ac:2f:5c:c1:58:51:8c:54:d9:8f:fd:7e:
8b:0d:36:8e:ee:89:93:27:36:a0:d3:9b:36:d9:d6:
1a:53:47:f2:4b:22:cb:29:d5:fd:9d:7a:dd:ed:29:
6f:9e:d1:50:44:8d:c6:76:b4:e3:d0:f5:1d:7d:58:
39:48:19:aa:36:87:f3:cf:56:4f:80:cd:3e:ae:35:
38:01:46:ab:16:b4:fa:23:88:07:1c:a3:47:1f:be:
24:c9:8d:54:28:43:a8:54:da:60:ae:30:9d:a8:04:
3a:08:84:36:e8:5f:ff:40:5d:d8:6f:e7:42:da:7a:
f7:c3:15:32:fd:fd:0e:c6:6a:dc:2f:f3:c7:f1:0c:
45:02:7c:c5:7e:e3:8e:12:ca:3a:36:06:ef:c8:14:
f1:16:09:64:56:b4:35:b0:e7:0f:16:d5:22:08:c2:
46:41:a2:ee:2c:23:63:7d:97:12:1b:66:66:03:79:
70:84:99:db:b0:4d:e7:a9:e6:4b:7a:74:70:27:2b:
cb:08:6b:d0:92:eb:3a:c0:13:21:d8:44:c5:d1:eb:
18:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:09:C2:8B:07:DC:5E:B9:48:B7:98:19:77:E1:B2:9B:7A:A3:CF:BA
X509v3 Authority Key Identifier:
keyid:C3:98:06:0F:1B:F2:2F:09:99:CB:07:1B:1B:42:69:6D:BC:43:E1:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w5gGDxvyLwmZywcbG0JpbbxD4Qw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/MQnCiwfcXrlIt5gZd-Gym3qjz7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/3bfc31-dc32-4541-8460-c927b8c2c7c4/1/w5gGDxvyLwmZywcbG0JpbbxD4Qw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.248.0/22
Signature Algorithm: sha256WithRSAEncryption
24:2d:89:f4:3e:d4:4c:9f:c3:58:a0:bd:7b:45:db:a6:8a:3d:
2a:af:10:04:2a:2b:34:a7:38:9f:fb:02:dc:35:55:9a:29:f6:
50:b6:06:73:5f:1c:57:67:eb:3b:3e:96:1b:39:86:64:c3:8a:
35:53:09:65:00:40:9d:0f:45:e7:26:14:6e:f3:e0:9c:94:9a:
18:89:fc:ed:0f:37:74:52:a0:7c:44:e1:ab:d6:68:21:40:2d:
3c:8d:5b:f1:82:34:af:80:19:bd:24:6f:1c:b8:0c:6d:ec:07:
f1:ac:90:df:9a:b0:db:f4:fd:0b:71:39:58:e2:1b:f3:69:1d:
64:2f:28:79:63:f2:e9:65:07:79:c2:2d:fb:9f:95:79:1a:b5:
7a:6c:f3:b2:15:40:27:38:99:49:1d:a8:33:99:72:45:88:21:
fa:4a:6b:ea:7b:93:72:aa:86:dc:50:46:2e:0c:ae:72:ff:d2:
e8:fe:47:99:c9:d9:fc:eb:1d:e6:c1:df:09:b3:ba:14:7e:8b:
82:05:d4:bb:ce:96:4c:1b:aa:ee:6e:8e:38:e5:b2:20:d6:bb:
6f:af:ae:49:62:c7:9e:80:88:04:0b:d7:10:84:55:f4:fa:75:
70:0c:c8:ac:2d:dd:a8:89:f9:d2:20:e5:24:2c:26:2f:ba:20:
e6:13:65:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyOjIbKea+Jlz8JpZugeKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzOTgwNjBmMWJmMjJmMDk5OWNiMDcxYjFiNDI2OTZkYmM0
M2UxMGMwHhcNMjMwMTAyMTEyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTA5YzI4YjA3ZGM1ZWI5NDhiNzk4MTk3N2UxYjI5YjdhYTNjZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9n+pa7K/7h4ivRkJffxvUdAYmQVY
xPFHsUs9eMW+ZOES3NfvyoZw+OrC4ViF9YmsL1zBWFGMVNmP/X6LDTaO7omTJzag
05s22dYaU0fySyLLKdX9nXrd7SlvntFQRI3GdrTj0PUdfVg5SBmqNofzz1ZPgM0+
rjU4AUarFrT6I4gHHKNHH74kyY1UKEOoVNpgrjCdqAQ6CIQ26F//QF3Yb+dC2nr3
wxUy/f0OxmrcL/PH8QxFAnzFfuOOEso6NgbvyBTxFglkVrQ1sOcPFtUiCMJGQaLu
LCNjfZcSG2ZmA3lwhJnbsE3nqeZLenRwJyvLCGvQkus6wBMh2ETF0esYDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEJwosH3F65SLeYGXfhspt6o8+6MB8GA1UdIwQY
MBaAFMOYBg8b8i8JmcsHGxtCaW28Q+EMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAt
YzkyN2I4YzJjN2M0LzEvTVFuQ2l3ZmNYcmxJdDVnWmQtR3ltM3FqejdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8zYmZjMzEtZGMzMi00NTQxLTg0NjAtYzkyN2I4YzJjN2M0
LzEvdzVnR0R4dnlMd21aeXdjYkcwSnBiYnhENFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVv4MA0G
CSqGSIb3DQEBCwUAA4IBAQAkLYn0PtRMn8NYoL17Rdumij0qrxAEKis0pzif+wLc
NVWaKfZQtgZzXxxXZ+s7PpYbOYZkw4o1UwllAECdD0XnJhRu8+CclJoYifztDzd0
UqB8ROGr1mghQC08jVvxgjSvgBm9JG8cuAxt7AfxrJDfmrDb9P0LcTlY4hvzaR1k
Lyh5Y/LpZQd5wi37n5V5GrV6bPOyFUAnOJlJHagzmXJFiCH6Smvqe5NyqobcUEYu
DK5y/9Lo/keZydn86x3mwd8Js7oUfouCBdS7zpZMG6rubo445bIg1rtvr65JYsee
gIgEC9cQhFX0+nVwDMisLd2oifnSIOUkLCYvuiDmE2Xp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:02 2024 by rpki-client on console-fra.rpki-client.org