Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/MAVnev72dAha3uio8eDziU__MwI.roa
File: MAVnev72dAha3uio8eDziU__MwI.roa (raw, json)
Hash identifier: trGP88BmXbzsJJxaujANkX/zl99O/1IQQ1hrJCgjofw=
Subject key identifier: 30:05:67:7A:FE:F6:74:08:5A:DE:E8:A8:F1:E0:F3:89:4F:FF:33:02
Certificate issuer: /CN=d3acd2b7b7473af4350ea1aba83d177585ceedad
Certificate serial: 018CCA2BAD67CCD9C149E4020B633CBA3A8C
Authority key identifier: D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/MAVnev72dAha3uio8eDziU__MwI.roa
Signing time: Tue 02 Jan 2024 12:35:09 +0000
ROA not before: Tue 02 Jan 2024 12:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205360
IP address blocks: 185.221.4.0/22 maxlen: 22
2a0b:fec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:ad:67:cc:d9:c1:49:e4:02:0b:63:3c:ba:3a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3acd2b7b7473af4350ea1aba83d177585ceedad
Validity
Not Before: Jan 2 12:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3005677afef674085adee8a8f1e0f3894fff3302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:b8:29:01:33:87:d7:47:a6:c4:a6:84:6f:
e5:99:6d:0e:71:82:7a:d4:38:fc:44:6f:63:47:14:
1b:9d:db:c8:7a:8d:d8:c5:10:48:b3:59:d9:79:4f:
31:c9:a9:d6:0e:ab:bf:fd:0e:82:c6:52:08:8f:30:
40:be:9b:5c:35:73:f1:c8:b0:d0:3e:29:fd:9e:6d:
36:20:8e:c2:b1:c1:4e:e3:88:2e:e3:1b:66:82:1f:
24:b2:14:e2:1a:0b:4b:d2:fa:ad:f3:2b:91:ac:94:
29:7d:26:26:ab:ab:29:2c:17:75:f0:ac:da:14:2d:
8d:f9:fd:7f:b2:3e:0c:d7:b2:61:e0:d2:12:2a:c0:
d5:75:59:69:2e:5b:68:64:00:86:e6:11:c5:30:cb:
36:25:aa:fe:e1:85:c3:8f:a5:99:ed:d6:66:f6:c6:
37:1b:55:f1:62:37:af:68:31:23:8b:6a:d4:75:b6:
43:68:12:b0:ff:58:13:75:d0:81:26:8d:4f:90:71:
01:ed:96:bf:10:08:da:a5:5e:b2:1d:76:44:f2:fa:
7e:8d:92:c4:04:c2:7b:d4:e9:8e:99:99:c0:2a:cc:
cb:ce:26:ef:f5:40:73:a8:fd:ab:8c:b9:de:b4:c4:
e4:72:76:da:40:87:33:6d:88:2e:87:2b:e2:d0:92:
a7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:05:67:7A:FE:F6:74:08:5A:DE:E8:A8:F1:E0:F3:89:4F:FF:33:02
X509v3 Authority Key Identifier:
keyid:D3:AC:D2:B7:B7:47:3A:F4:35:0E:A1:AB:A8:3D:17:75:85:CE:ED:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/06zSt7dHOvQ1DqGrqD0XdYXO7a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/MAVnev72dAha3uio8eDziU__MwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/46c20c-f166-4041-a01b-0efec6ea77c6/1/06zSt7dHOvQ1DqGrqD0XdYXO7a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.4.0/22
IPv6:
2a0b:fec0::/29
Signature Algorithm: sha256WithRSAEncryption
a4:fe:99:78:7e:93:b3:55:11:4a:08:38:79:89:38:0a:64:bc:
1d:e4:25:02:97:d1:14:29:fc:92:80:e4:bf:61:25:48:b6:b1:
27:5f:62:a5:26:a7:64:1e:4a:d5:53:29:ce:72:69:9a:42:d6:
57:b9:42:1f:3e:7e:50:97:ac:18:dc:7b:ae:be:b0:f2:62:65:
40:7a:0e:a2:34:3d:30:c4:62:c6:74:94:e2:13:4c:ab:0b:aa:
d8:8c:3b:fe:6d:24:85:d0:b4:91:c9:07:25:ba:38:d8:92:a1:
4a:7f:11:f8:94:94:f6:3d:cc:69:b7:6e:85:d6:1e:05:d4:8b:
17:f4:6a:35:b8:8f:f5:09:ee:7e:4e:09:73:48:e7:fa:dd:26:
d8:5d:ed:b4:02:26:4a:6b:8e:e8:df:20:4d:24:49:42:c1:55:
bd:31:1d:ee:a8:b5:8f:1c:84:b2:df:ac:1f:1a:3d:45:84:92:
7b:31:9c:7f:43:f7:a7:c9:3c:40:74:f3:ac:78:b9:62:0c:85:
5f:ec:57:7b:06:59:c2:ca:ce:f7:0e:b5:55:d2:7a:65:3d:fb:
68:c6:44:73:ac:df:10:02:10:3c:60:cf:53:62:ce:da:1d:6e:
b8:78:f1:a3:79:c7:30:fa:8b:3d:81:ae:4a:54:3f:01:c7:f3:
f9:e4:2e:c9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKK61nzNnBSeQCC2M8ujqMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYWNkMmI3Yjc0NzNhZjQzNTBlYTFhYmE4M2QxNzc1ODVj
ZWVkYWQwHhcNMjQwMTAyMTIzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA1Njc3YWZlZjY3NDA4NWFkZWU4YThmMWUwZjM4OTRmZmYzMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI+4KQEzh9dHpsSmhG/lmW0OcYJ6
1Dj8RG9jRxQbndvIeo3YxRBIs1nZeU8xyanWDqu//Q6CxlIIjzBAvptcNXPxyLDQ
Pin9nm02II7CscFO44gu4xtmgh8kshTiGgtL0vqt8yuRrJQpfSYmq6spLBd18Kza
FC2N+f1/sj4M17Jh4NISKsDVdVlpLltoZACG5hHFMMs2Jar+4YXDj6WZ7dZm9sY3
G1XxYjevaDEji2rUdbZDaBKw/1gTddCBJo1PkHEB7Za/EAjapV6yHXZE8vp+jZLE
BMJ71OmOmZnAKszLzibv9UBzqP2rjLnetMTkcnbaQIczbYguhyvi0JKncQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDAFZ3r+9nQIWt7oqPHg84lP/zMCMB8GA1UdIwQY
MBaAFNOs0re3Rzr0NQ6hq6g9F3WFzu2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWIt
MGVmZWM2ZWE3N2M2LzEvTUFWbmV2NzJkQWhhM3VpbzhlRHppVV9fTXdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80NmMyMGMtZjE2Ni00MDQxLWEwMWItMGVmZWM2ZWE3N2M2
LzEvMDZ6U3Q3ZEhPdlExRHFHcnFEMFhkWVhPN2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud0EMA0E
AgACMAcDBQMqC/7AMA0GCSqGSIb3DQEBCwUAA4IBAQCk/pl4fpOzVRFKCDh5iTgK
ZLwd5CUCl9EUKfySgOS/YSVItrEnX2KlJqdkHkrVUynOcmmaQtZXuUIfPn5Ql6wY
3HuuvrDyYmVAeg6iND0wxGLGdJTiE0yrC6rYjDv+bSSF0LSRyQclujjYkqFKfxH4
lJT2Pcxpt26F1h4F1IsX9Go1uI/1Ce5+TglzSOf63SbYXe20AiZKa47o3yBNJElC
wVW9MR3uqLWPHISy36wfGj1FhJJ7MZx/Q/enyTxAdPOseLliDIVf7Fd7BlnCys73
DrVV0nplPftoxkRzrN8QAhA8YM9TYs7aHW64ePGjeccw+os9ga5KVD8Bx/P55C7J
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:36 2025 by rpki-client