Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/0e8d73-59da-434e-99fb-c3f4d11274d4/1/m22Lf4QNLuouacpPmnp1abaxbnI.roa
File: m22Lf4QNLuouacpPmnp1abaxbnI.roa (raw, json)
Hash identifier: frUy9QKx0/VB+WZnclhioYwYu0i9W0zYqxJ5/MTVql8=
Subject key identifier: 9B:6D:8B:7F:84:0D:2E:EA:2E:69:CA:4F:9A:7A:75:69:B6:B1:6E:72
Certificate issuer: /CN=0630d3a9dc03927ae55a81d86ca91bdc9ee74c73
Certificate serial: 018CC3B70C98AD8379CC295336D7C288E913
Authority key identifier: 06:30:D3:A9:DC:03:92:7A:E5:5A:81:D8:6C:A9:1B:DC:9E:E7:4C:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BjDTqdwDknrlWoHYbKkb3J7nTHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/0e8d73-59da-434e-99fb-c3f4d11274d4/1/m22Lf4QNLuouacpPmnp1abaxbnI.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49262
IP address blocks: 185.107.236.0/24 maxlen: 24
2a06:1140::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0c:98:ad:83:79:cc:29:53:36:d7:c2:88:e9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0630d3a9dc03927ae55a81d86ca91bdc9ee74c73
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b6d8b7f840d2eea2e69ca4f9a7a7569b6b16e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:5f:2a:a9:7d:3d:00:46:b7:1b:7d:cd:5f:04:
80:3a:74:66:0b:ec:b5:ec:75:94:58:d7:75:bc:28:
3e:22:dc:63:97:93:5d:ce:9d:ef:21:17:27:6a:ae:
b8:d6:94:fc:a6:34:55:51:0e:09:53:a6:62:a7:c8:
1c:63:c8:be:25:de:b5:33:ec:84:ea:d6:b2:9d:f9:
63:f4:a0:c8:2a:47:f6:fc:ef:8c:99:58:83:04:58:
a6:69:c9:48:2f:2e:78:9c:33:55:e6:10:2b:a7:d4:
51:3b:ad:8c:9a:2d:93:5b:48:47:87:e4:71:5d:51:
e5:bc:e7:61:aa:71:cb:fb:fc:cd:a6:b9:ef:36:97:
23:f2:a7:60:8f:4f:7e:2a:e6:ba:b4:73:fd:ab:6d:
19:9d:0a:bd:8b:da:ca:62:20:b4:3c:37:fe:b4:2c:
dc:cb:bd:44:d2:6a:f0:fe:a0:6a:8f:69:ca:29:73:
10:80:dc:a0:d1:87:fe:b8:f0:23:05:c9:3d:c9:3e:
dd:00:89:d9:14:79:e7:4d:4b:11:fb:37:98:f9:bb:
56:24:79:ad:6e:5f:80:27:db:f1:7f:df:0e:a6:93:
dc:01:8b:25:d7:e7:9d:ba:8a:c6:98:9a:d9:89:70:
27:f3:5a:b3:40:c1:cc:32:07:d0:55:ce:2d:1b:aa:
2b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6D:8B:7F:84:0D:2E:EA:2E:69:CA:4F:9A:7A:75:69:B6:B1:6E:72
X509v3 Authority Key Identifier:
keyid:06:30:D3:A9:DC:03:92:7A:E5:5A:81:D8:6C:A9:1B:DC:9E:E7:4C:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BjDTqdwDknrlWoHYbKkb3J7nTHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0e8d73-59da-434e-99fb-c3f4d11274d4/1/m22Lf4QNLuouacpPmnp1abaxbnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/0e8d73-59da-434e-99fb-c3f4d11274d4/1/BjDTqdwDknrlWoHYbKkb3J7nTHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.236.0/24
IPv6:
2a06:1140::/29
Signature Algorithm: sha256WithRSAEncryption
66:3a:d0:bc:4b:b2:be:f8:3d:49:56:74:c0:4e:fc:ac:9e:c6:
b9:c3:a9:dd:1f:34:5c:6f:e3:78:30:b4:4d:c6:91:e1:38:bd:
a9:39:8a:15:7a:0c:2b:7c:75:5a:23:01:7b:2e:96:72:39:1b:
b5:f1:97:5c:27:e8:8b:fd:62:17:9c:58:79:6d:8f:3b:20:e0:
fd:f9:59:6a:a6:cd:d2:b6:30:af:92:53:55:04:1c:3a:7a:9d:
bf:b1:7d:5a:d4:d7:79:6a:44:88:26:c8:9d:f4:dc:32:26:d5:
59:63:28:74:82:90:39:36:49:52:67:16:22:2d:26:b6:dc:fa:
45:8e:d9:35:0e:b1:72:ef:68:62:e0:9d:ac:dc:6f:c8:dc:b6:
9a:98:aa:fd:63:cb:04:d9:e7:41:ce:34:2f:93:97:24:85:6a:
5f:a7:23:83:4d:70:6b:73:38:aa:85:38:0a:a9:e5:5f:d9:16:
90:1e:06:48:2a:d0:05:da:ff:0a:fa:e9:4a:ee:17:42:c3:91:
48:b1:1b:d8:a5:ad:04:ca:35:80:46:23:2b:c9:82:ef:6e:2b:
f6:04:58:d4:5f:fd:84:04:29:60:e3:e4:0c:37:2c:91:a6:04:
91:37:c5:10:0e:b8:1f:81:9e:ef:e8:40:7e:ce:a7:af:f5:c3:
ba:e0:a1:b9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtwyYrYN5zClTNtfCiOkTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MzBkM2E5ZGMwMzkyN2FlNTVhODFkODZjYTkxYmRjOWVl
NzRjNzMwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjZkOGI3Zjg0MGQyZWVhMmU2OWNhNGY5YTdhNzU2OWI2YjE2ZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAil8qqX09AEa3G33NXwSAOnRmC+y1
7HWUWNd1vCg+Itxjl5Ndzp3vIRcnaq641pT8pjRVUQ4JU6Zip8gcY8i+Jd61M+yE
6taynflj9KDIKkf2/O+MmViDBFimaclILy54nDNV5hArp9RRO62Mmi2TW0hHh+Rx
XVHlvOdhqnHL+/zNprnvNpcj8qdgj09+Kua6tHP9q20ZnQq9i9rKYiC0PDf+tCzc
y71E0mrw/qBqj2nKKXMQgNyg0Yf+uPAjBck9yT7dAInZFHnnTUsR+zeY+btWJHmt
bl+AJ9vxf98OppPcAYsl1+eduorGmJrZiXAn81qzQMHMMgfQVc4tG6orlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJtti3+EDS7qLmnKT5p6dWm2sW5yMB8GA1UdIwQY
MBaAFAYw06ncA5J65VqB2GypG9ye50xzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmpEVHFkd0RrbnJsV29IWWJLa2IzSjduVEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8wZThkNzMtNTlkYS00MzRlLTk5ZmIt
YzNmNGQxMTI3NGQ0LzEvbTIyTGY0UU5MdW91YWNwUG1ucDFhYmF4Ym5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8wZThkNzMtNTlkYS00MzRlLTk5ZmItYzNmNGQxMTI3NGQ0
LzEvQmpEVHFkd0RrbnJsV29IWWJLa2IzSjduVEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuWvsMA0E
AgACMAcDBQMqBhFAMA0GCSqGSIb3DQEBCwUAA4IBAQBmOtC8S7K++D1JVnTATvys
nsa5w6ndHzRcb+N4MLRNxpHhOL2pOYoVegwrfHVaIwF7LpZyORu18ZdcJ+iL/WIX
nFh5bY87IOD9+Vlqps3StjCvklNVBBw6ep2/sX1a1Nd5akSIJsid9NwyJtVZYyh0
gpA5NklSZxYiLSa23PpFjtk1DrFy72hi4J2s3G/I3LaamKr9Y8sE2edBzjQvk5ck
hWpfpyODTXBrcziqhTgKqeVf2RaQHgZIKtAF2v8K+ulK7hdCw5FIsRvYpa0EyjWA
RiMryYLvbiv2BFjUX/2EBClg4+QMNyyRpgSRN8UQDrgfgZ7v6EB+zqev9cO64KG5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:51 2025 by rpki-client