Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/jMTmyeY6ymVSVC10uAMKba4KpFw.roa
File: jMTmyeY6ymVSVC10uAMKba4KpFw.roa (raw, json)
Hash identifier: dFbtWfqt2sNwkemO/qsZzEt7kH41GJotPJE7OdXS4K4=
Subject key identifier: 8C:C4:E6:C9:E6:3A:CA:65:52:54:2D:74:B8:03:0A:6D:AE:0A:A4:5C
Certificate issuer: /CN=3069ba7ebc3b672dd09ec0344e1f80aa1131efd0
Certificate serial: 018CCA2A28B9CBE0FF9608C7D18CA2EDF355
Authority key identifier: 30:69:BA:7E:BC:3B:67:2D:D0:9E:C0:34:4E:1F:80:AA:11:31:EF:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGm6frw7Zy3QnsA0Th-AqhEx79A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/jMTmyeY6ymVSVC10uAMKba4KpFw.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201241
IP address blocks: 185.237.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:28:b9:cb:e0:ff:96:08:c7:d1:8c:a2:ed:f3:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3069ba7ebc3b672dd09ec0344e1f80aa1131efd0
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cc4e6c9e63aca6552542d74b8030a6dae0aa45c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6f:94:c8:0d:73:4d:10:36:cb:a3:c0:7d:d6:
72:83:f7:74:45:60:1b:81:47:fe:d2:60:3b:12:8d:
27:c3:7a:29:6a:72:14:94:b6:a1:6f:4b:79:f7:42:
f0:9e:a9:0d:10:94:c8:62:01:0f:0b:44:55:d1:61:
63:62:a3:e4:e2:49:84:b6:36:02:e5:3b:8b:84:2e:
d4:a1:c3:ce:a0:e9:e1:00:b2:a1:df:92:42:95:fe:
36:e5:c1:d1:99:e9:4c:10:c1:0a:99:c3:45:c9:4a:
1d:08:88:c0:c5:1c:d1:f7:c4:8c:e5:92:50:a5:8e:
d8:9a:a7:56:ce:d5:3a:95:c7:3d:29:be:fc:b0:e3:
11:16:af:9c:a1:95:fd:15:b4:bc:43:29:c5:12:bd:
7f:7d:b2:e0:a5:ae:22:ab:93:5d:70:bd:1d:16:05:
a8:75:59:5f:8c:44:dc:0b:82:49:bf:62:ce:69:50:
6e:c3:3e:60:3f:cd:5c:c1:29:1c:58:6a:90:4c:f5:
77:2b:c6:b7:49:2a:02:f9:6c:d0:be:f0:0f:65:2e:
ac:a9:95:c8:cf:17:1f:f8:09:b6:f9:d4:11:a1:3b:
6e:ca:f8:bb:b5:73:83:4a:87:e2:2b:49:ce:fe:ed:
1d:25:5c:98:88:84:f3:9a:45:09:77:da:4f:36:45:
2b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:C4:E6:C9:E6:3A:CA:65:52:54:2D:74:B8:03:0A:6D:AE:0A:A4:5C
X509v3 Authority Key Identifier:
keyid:30:69:BA:7E:BC:3B:67:2D:D0:9E:C0:34:4E:1F:80:AA:11:31:EF:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGm6frw7Zy3QnsA0Th-AqhEx79A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/jMTmyeY6ymVSVC10uAMKba4KpFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/4cba2f-4a5b-4435-8aec-923cb50abe2e/1/MGm6frw7Zy3QnsA0Th-AqhEx79A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.228.0/22
Signature Algorithm: sha256WithRSAEncryption
03:8c:fa:82:ca:a9:fe:2b:ef:be:b0:5a:2f:2e:a0:0e:be:5e:
be:72:89:5c:f3:51:f0:e5:e3:60:44:fb:a6:e8:d4:4b:59:09:
7d:93:a5:5a:c0:0b:70:6e:27:ee:e2:46:fd:d2:a5:4a:ce:d3:
82:ee:c0:c9:58:91:29:89:fa:1b:8a:4d:e5:84:be:06:f6:71:
e7:c0:72:4d:46:7c:29:7f:5a:d3:b9:7b:7c:57:3e:56:a6:ff:
d6:2b:23:0d:ed:1c:20:aa:7a:6b:33:20:d0:46:a7:b3:83:82:
12:f1:cd:94:b2:4a:cd:31:b7:71:c3:39:72:48:35:cf:71:18:
ca:d9:55:73:1b:09:2a:55:00:50:12:83:f8:34:b1:94:70:62:
e5:7b:64:3a:9d:d8:f0:ab:63:6e:a9:d5:89:40:47:32:b2:e9:
b9:1f:7b:04:72:c9:1b:59:51:c3:40:fa:ba:df:9f:4e:50:8c:
aa:fa:63:38:72:a2:c4:4a:bd:3f:00:2e:4c:9c:eb:fb:2b:73:
3b:81:e2:f5:f0:32:ea:a9:77:20:9b:8a:6e:07:63:ff:85:cc:
23:7c:b1:44:c1:6d:b9:ba:44:98:d9:bb:65:18:59:8d:58:c4:
46:b4:9a:fd:7f:e7:78:bc:21:01:14:c2:ad:28:24:e9:96:97:
c3:25:65:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKii5y+D/lgjH0Yyi7fNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjliYTdlYmMzYjY3MmRkMDllYzAzNDRlMWY4MGFhMTEz
MWVmZDAwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2M0ZTZjOWU2M2FjYTY1NTI1NDJkNzRiODAzMGE2ZGFlMGFhNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7W+UyA1zTRA2y6PAfdZyg/d0RWAb
gUf+0mA7Eo0nw3opanIUlLahb0t590LwnqkNEJTIYgEPC0RV0WFjYqPk4kmEtjYC
5TuLhC7UocPOoOnhALKh35JClf425cHRmelMEMEKmcNFyUodCIjAxRzR98SM5ZJQ
pY7YmqdWztU6lcc9Kb78sOMRFq+coZX9FbS8QynFEr1/fbLgpa4iq5NdcL0dFgWo
dVlfjETcC4JJv2LOaVBuwz5gP81cwSkcWGqQTPV3K8a3SSoC+WzQvvAPZS6sqZXI
zxcf+Am2+dQRoTtuyvi7tXODSofiK0nO/u0dJVyYiITzmkUJd9pPNkUr6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIzE5snmOsplUlQtdLgDCm2uCqRcMB8GA1UdIwQY
MBaAFDBpun68O2ct0J7ANE4fgKoRMe/QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdtNmZydzdaeTNRbnNBMFRoLUFxaEV4NzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi80Y2JhMmYtNGE1Yi00NDM1LThhZWMt
OTIzY2I1MGFiZTJlLzEvak1UbXllWTZ5bVZTVkMxMHVBTUtiYTRLcEZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi80Y2JhMmYtNGE1Yi00NDM1LThhZWMtOTIzY2I1MGFiZTJl
LzEvTUdtNmZydzdaeTNRbnNBMFRoLUFxaEV4NzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue3kMA0G
CSqGSIb3DQEBCwUAA4IBAQADjPqCyqn+K+++sFovLqAOvl6+colc81Hw5eNgRPum
6NRLWQl9k6VawAtwbifu4kb90qVKztOC7sDJWJEpifobik3lhL4G9nHnwHJNRnwp
f1rTuXt8Vz5Wpv/WKyMN7RwgqnprMyDQRqezg4IS8c2UskrNMbdxwzlySDXPcRjK
2VVzGwkqVQBQEoP4NLGUcGLle2Q6ndjwq2NuqdWJQEcysum5H3sEcskbWVHDQPq6
359OUIyq+mM4cqLESr0/AC5MnOv7K3M7geL18DLqqXcgm4puB2P/hcwjfLFEwW25
ukSY2btlGFmNWMRGtJr9f+d4vCEBFMKtKCTplpfDJWXw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:31 2025 by rpki-client