Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/O4Mb_Qag-Mzzqgd2xArDJXwxnDg.roa
File: O4Mb_Qag-Mzzqgd2xArDJXwxnDg.roa (raw, json)
Hash identifier: UpsjUC3u5eLE1CL0imb5M9YHo9m3ea+V/zXAIy0jGBU=
Subject key identifier: 3B:83:1B:FD:06:A0:F8:CC:F3:AA:07:76:C4:0A:C3:25:7C:31:9C:38
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 01857082DC540DBD0383C0ABBFA462CC0BC2
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/O4Mb_Qag-Mzzqgd2xArDJXwxnDg.roa
Signing time: Mon 02 Jan 2023 03:25:02 +0000
ROA not before: Mon 02 Jan 2023 03:25:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 185.11.217.0/24 maxlen: 24
2a03:69c0:100::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:dc:54:0d:bd:03:83:c0:ab:bf:a4:62:cc:0b:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Jan 2 03:25:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3b831bfd06a0f8ccf3aa0776c40ac3257c319c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:80:e5:bc:e8:60:3b:72:ac:49:bc:d8:a8:7e:
12:59:7e:97:d1:d0:4a:2f:b1:5e:e0:22:e5:16:d0:
d5:e7:2d:e3:37:c2:ad:d8:e2:0c:fb:02:85:a4:11:
93:09:d5:89:a8:6d:4f:6f:8a:3f:44:8c:a0:40:c0:
9b:84:38:3f:c6:a5:99:2e:17:18:60:36:00:e0:2b:
7c:59:15:8e:4c:4d:f0:b9:0e:86:5b:da:14:c5:ed:
06:5e:cf:7c:28:bf:b2:1d:fb:50:5b:35:c3:c0:f7:
75:ca:d0:b8:19:f5:8a:85:04:a0:5b:58:83:17:8d:
ce:1a:16:d2:05:cf:40:8f:67:1c:74:15:80:58:23:
c1:d7:b0:f3:ff:79:ba:9b:42:92:99:5e:55:86:02:
7b:fc:e2:93:46:1a:f7:5b:75:31:57:7a:2d:2c:af:
01:e2:41:28:be:40:bf:7e:9a:43:96:f4:10:a4:b8:
fc:5a:4b:12:a4:a8:e3:cb:e3:75:64:64:6f:3c:43:
6b:ee:68:c3:6e:ee:f5:8a:2b:56:e5:8d:fe:1e:b1:
97:72:25:e0:f6:6f:31:b8:0d:e7:7a:70:48:5f:16:
30:d4:b9:90:5c:26:65:e7:15:01:85:91:dc:ad:ea:
de:b3:17:32:2c:7f:11:54:6b:c5:2d:de:5f:78:70:
20:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:83:1B:FD:06:A0:F8:CC:F3:AA:07:76:C4:0A:C3:25:7C:31:9C:38
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/O4Mb_Qag-Mzzqgd2xArDJXwxnDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.217.0/24
IPv6:
2a03:69c0:100::/40
Signature Algorithm: sha256WithRSAEncryption
06:a0:b2:12:2d:b9:c8:43:2c:de:90:25:bd:af:b4:8f:8e:16:
c6:cf:42:56:99:c6:18:3e:f0:13:3d:e3:8f:ff:cd:0e:c5:57:
04:e5:4a:cd:bb:2f:2f:f0:d3:65:40:f9:dd:2d:7a:dd:95:e6:
7a:6e:94:ba:1d:f5:73:40:a3:8c:ee:8f:02:61:9a:bf:ef:06:
1a:d5:e3:2c:02:98:d9:e8:11:a2:6d:c7:ec:f6:f0:b8:cc:68:
7f:f5:e7:33:1a:75:30:3d:8a:bd:2d:62:8c:82:c3:aa:37:84:
1f:46:33:5c:9c:ba:31:2b:d7:59:a1:4e:1b:53:cb:04:55:9b:
b0:d8:de:43:b1:ac:e4:8a:35:a6:05:48:79:7c:96:ca:94:dc:
9d:01:39:ef:56:de:3f:80:c5:f3:df:78:85:2e:2f:6f:bb:04:
6e:5d:5b:bb:73:42:ac:24:00:25:d5:41:3c:99:63:e4:f7:e7:
24:23:87:89:45:bf:41:a4:0d:7d:4f:10:f7:17:09:56:94:bb:
3b:d0:82:77:4c:5a:d8:33:40:d4:af:11:da:8b:ad:4f:39:82:
b2:c2:ac:b4:b4:17:2b:56:b5:cd:2b:49:ac:85:c9:1c:61:84:
91:f3:34:27:63:23:e2:e9:a8:d0:c5:76:4f:c2:42:48:d9:ec:
47:1f:ca:d9
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVwgtxUDb0Dg8Crv6RizAvCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjMwMTAyMDMyNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjgzMWJmZDA2YTBmOGNjZjNhYTA3NzZjNDBhYzMyNTdjMzE5YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoDlvOhgO3KsSbzYqH4SWX6X0dBK
L7Fe4CLlFtDV5y3jN8Kt2OIM+wKFpBGTCdWJqG1Pb4o/RIygQMCbhDg/xqWZLhcY
YDYA4Ct8WRWOTE3wuQ6GW9oUxe0GXs98KL+yHftQWzXDwPd1ytC4GfWKhQSgW1iD
F43OGhbSBc9Aj2ccdBWAWCPB17Dz/3m6m0KSmV5VhgJ7/OKTRhr3W3UxV3otLK8B
4kEovkC/fppDlvQQpLj8WksSpKjjy+N1ZGRvPENr7mjDbu71iitW5Y3+HrGXciXg
9m8xuA3nenBIXxYw1LmQXCZl5xUBhZHcreresxcyLH8RVGvFLd5feHAgVwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFDuDG/0GoPjM86oHdsQKwyV8MZw4MB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvTzRNYl9RYWctTXp6cWdkMnhBckRKWHd4bkRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuQvZMA4E
AgACMAgDBgAqA2nAATANBgkqhkiG9w0BAQsFAAOCAQEABqCyEi25yEMs3pAlva+0
j44Wxs9CVpnGGD7wEz3jj//NDsVXBOVKzbsvL/DTZUD53S163ZXmem6Uuh31c0Cj
jO6PAmGav+8GGtXjLAKY2egRom3H7PbwuMxof/XnMxp1MD2KvS1ijILDqjeEH0Yz
XJy6MSvXWaFOG1PLBFWbsNjeQ7Gs5Io1pgVIeXyWypTcnQE571beP4DF8994hS4v
b7sEbl1bu3NCrCQAJdVBPJlj5PfnJCOHiUW/QaQNfU8Q9xcJVpS7O9CCd0xa2DNA
1K8R2outTzmCssKstLQXK1a1zStJrIXJHGGEkfM0J2Mj4umo0MV2T8JCSNnsRx/K
2Q==
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:23 2024 by rpki-client on console-ams.rpki-client.org