Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/MwoCCDaXAp-dX0bdWa3btx8bzMo.roa
File: MwoCCDaXAp-dX0bdWa3btx8bzMo.roa (raw, json)
Hash identifier: NDmgWSj4O31cjYFMAG/4SwhJ8cSkz57K1VjVg5NlxxQ=
Subject key identifier: 33:0A:02:08:36:97:02:9F:9D:5F:46:DD:59:AD:DB:B7:1F:1B:CC:CA
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 01856B80E753A59A4C3AEE0BB916F70ED804
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/MwoCCDaXAp-dX0bdWa3btx8bzMo.roa
Signing time: Sun 01 Jan 2023 04:04:48 +0000
ROA not before: Sun 01 Jan 2023 04:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43145
IP address blocks: 217.66.101.0/24 maxlen: 24
217.66.102.0/24 maxlen: 24
217.66.103.0/24 maxlen: 24
217.66.100.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:80:e7:53:a5:9a:4c:3a:ee:0b:b9:16:f7:0e:d8:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 04:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=330a02083697029f9d5f46dd59addbb71f1bccca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:65:c9:00:02:ab:9c:25:f4:83:da:df:5e:43:
e2:f2:e0:53:a4:07:4f:37:0b:ed:d5:d1:20:77:60:
32:39:5f:be:0a:23:49:ff:01:46:28:b5:83:27:d6:
2a:49:d6:17:31:85:5c:0f:f8:3c:67:23:04:a4:2a:
f5:17:ca:11:b1:ff:42:bb:6b:29:73:91:16:aa:dc:
1d:62:12:35:e2:1a:48:57:c7:d8:4b:c5:a0:38:ee:
2b:57:e2:e4:28:af:a8:db:7c:bd:68:cc:22:fc:1b:
4d:08:8e:af:29:15:aa:14:56:82:86:f2:ca:92:eb:
93:f6:e7:ae:45:b7:1e:8c:c8:f9:2c:02:c0:72:51:
c6:a2:0a:ab:a0:83:eb:1c:08:6e:c5:82:b5:a7:be:
96:d5:28:ca:10:72:a7:dc:3a:f1:b6:f5:9b:23:f2:
59:c4:69:98:cf:90:a7:3f:6d:91:30:73:43:88:d6:
82:cc:d4:ac:a0:ea:6f:1e:82:cc:09:2f:77:46:36:
59:6e:31:f2:e6:b3:aa:81:7a:01:c1:39:16:65:6b:
fa:05:ab:0e:6c:17:56:6a:6c:72:e9:5b:c8:c6:20:
39:4b:40:a8:ea:15:07:6c:a7:63:16:2b:7d:36:50:
37:b5:56:fe:75:04:2a:6f:4b:a3:3b:5b:08:74:21:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0A:02:08:36:97:02:9F:9D:5F:46:DD:59:AD:DB:B7:1F:1B:CC:CA
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/MwoCCDaXAp-dX0bdWa3btx8bzMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.100.0/22
Signature Algorithm: sha256WithRSAEncryption
d2:9d:b1:e9:c1:df:dd:63:22:04:50:b9:ea:c4:db:2a:46:a2:
c4:17:1f:d4:32:ba:49:c7:c7:56:f3:ee:1a:40:a5:bc:6d:14:
bd:63:91:59:a0:6b:c5:ee:c2:79:a5:b8:e5:09:5e:9e:c1:e7:
d4:8c:2f:94:c8:10:ab:39:17:7c:c9:e6:22:3b:8f:8b:1c:67:
31:7c:94:a8:00:0c:5d:ba:99:22:07:3a:58:ec:fa:5d:e9:0e:
83:9f:bb:35:dc:c8:80:fd:31:d0:5f:a4:2c:65:30:9c:36:45:
71:fe:3e:39:cb:79:a3:51:b0:c3:20:76:e4:04:c6:31:2b:32:
4c:be:40:13:39:b9:6a:b8:d3:89:2c:4e:c7:65:3e:d1:f2:ba:
37:9f:80:60:8f:9d:fa:b0:2c:67:52:a4:58:f1:51:ed:3f:63:
7d:9e:5c:f2:c2:25:63:df:9f:0a:a9:b2:46:b8:b0:ee:d2:1e:
0e:46:7d:93:2b:e6:3c:49:86:aa:fb:c9:37:3c:45:c4:38:a4:
0b:0a:3e:45:54:d1:db:df:e1:33:8e:c2:47:4e:15:c4:93:5c:
d7:5a:d0:51:10:c5:87:b9:c2:b5:6f:01:98:52:63:4e:3b:a9:
a0:c9:c7:78:69:09:a0:07:cc:51:0f:ef:d7:6d:b2:0c:cc:d7:
f8:5c:25:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgOdTpZpMOu4LuRb3DtgEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhZmNiNjQzZTZhMjFlMmZiNmUyMWNkMDY1M2FiMDk1ZTll
YmVmMTMwHhcNMjMwMTAxMDQwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzBhMDIwODM2OTcwMjlmOWQ1ZjQ2ZGQ1OWFkZGJiNzFmMWJjY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWXJAAKrnCX0g9rfXkPi8uBTpAdP
Nwvt1dEgd2AyOV++CiNJ/wFGKLWDJ9YqSdYXMYVcD/g8ZyMEpCr1F8oRsf9Cu2sp
c5EWqtwdYhI14hpIV8fYS8WgOO4rV+LkKK+o23y9aMwi/BtNCI6vKRWqFFaChvLK
kuuT9ueuRbcejMj5LALAclHGogqroIPrHAhuxYK1p76W1SjKEHKn3DrxtvWbI/JZ
xGmYz5CnP22RMHNDiNaCzNSsoOpvHoLMCS93RjZZbjHy5rOqgXoBwTkWZWv6BasO
bBdWamxy6VvIxiA5S0Co6hUHbKdjFit9NlA3tVb+dQQqb0ujO1sIdCFn9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMKAgg2lwKfnV9G3Vmt27cfG8zKMB8GA1UdIwQY
MBaAFNr8tkPmoh4vtuIc0GU6sJXp6+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2Ut
ZGUyZGUxNWY5MGVkLzEvTXdvQ0NEYVhBcC1kWDBiZFdhM2J0eDhiek1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yN2EzNzQtYzk4NC00YjE5LWFjN2UtZGUyZGUxNWY5MGVk
LzEvMnZ5MlEtYWlIaS0yNGh6UVpUcXdsZW5yN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UJkMA0G
CSqGSIb3DQEBCwUAA4IBAQDSnbHpwd/dYyIEULnqxNsqRqLEFx/UMrpJx8dW8+4a
QKW8bRS9Y5FZoGvF7sJ5pbjlCV6ewefUjC+UyBCrORd8yeYiO4+LHGcxfJSoAAxd
upkiBzpY7Ppd6Q6Dn7s13MiA/THQX6QsZTCcNkVx/j45y3mjUbDDIHbkBMYxKzJM
vkATOblquNOJLE7HZT7R8ro3n4Bgj536sCxnUqRY8VHtP2N9nlzywiVj358KqbJG
uLDu0h4ORn2TK+Y8SYaq+8k3PEXEOKQLCj5FVNHb3+EzjsJHThXEk1zXWtBREMWH
ucK1bwGYUmNOO6mgycd4aQmgB8xRD+/XbbIMzNf4XCWi
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:58 2024 by rpki-client on console-fra.rpki-client.org