Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/MzRq6XGxL3RDhvwjfPFd3nf7-jM.roa
File: MzRq6XGxL3RDhvwjfPFd3nf7-jM.roa (raw, json)
Hash identifier: f5cF10x/CkSZkfA50tqGABOsNryFv1ShGbKV/3K0Wpg=
Subject key identifier: 33:34:6A:E9:71:B1:2F:74:43:86:FC:23:7C:F1:5D:DE:77:FB:FA:33
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC9CE10F069E8886A1D8F785FB23C
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/MzRq6XGxL3RDhvwjfPFd3nf7-jM.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49562
IP address blocks: 185.2.172.0/23 maxlen: 23
185.2.172.0/22 maxlen: 22
2a02:80c0::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c9:ce:10:f0:69:e8:88:6a:1d:8f:78:5f:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33346ae971b12f744386fc237cf15dde77fbfa33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b5:17:7f:3e:4e:a4:17:88:55:09:2d:e5:46:
60:de:ea:09:4d:c2:d7:12:3e:c7:54:7a:1d:56:3b:
c3:1e:a4:64:7d:3f:32:7d:73:9a:63:6c:b9:b0:21:
df:61:a5:ac:63:55:bd:b1:12:9b:3d:e4:64:6a:33:
84:f6:98:fd:1b:90:87:f6:98:ac:b7:12:17:d6:36:
27:8f:62:16:75:4d:dc:ac:8e:9e:8d:8a:9f:1b:00:
f9:15:9b:f6:4e:1b:2b:d4:6b:db:3e:bc:e3:ff:13:
23:bb:74:34:03:36:52:5a:b8:b7:e8:96:06:cd:4e:
79:5f:e5:3b:f4:e0:99:97:bb:62:57:5b:5e:33:eb:
48:d2:a8:07:83:20:bb:81:b0:57:57:b8:2e:8b:9b:
88:ce:5f:2b:8e:ac:63:82:53:a6:5f:2c:e8:96:74:
49:5d:0d:af:88:62:ae:ba:ed:79:78:eb:4e:2f:7b:
1a:4b:0e:41:ca:15:b9:ca:ee:80:3b:85:f6:12:77:
ac:35:99:a6:4b:e0:ed:74:80:a3:db:08:c0:f5:dc:
65:32:a0:47:da:52:c5:fd:cc:e6:9a:de:3b:35:67:
9c:1a:10:01:97:c2:aa:1b:ec:f6:fb:43:04:4f:2d:
46:22:a4:6d:57:54:eb:34:a5:5e:46:a8:3e:94:5e:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:34:6A:E9:71:B1:2F:74:43:86:FC:23:7C:F1:5D:DE:77:FB:FA:33
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/MzRq6XGxL3RDhvwjfPFd3nf7-jM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
a3:7b:ac:5a:3f:10:42:3e:05:c8:f7:f9:e1:10:4e:5b:fc:8f:
58:0e:25:09:a9:dd:d8:cf:a6:85:f3:4f:db:da:64:50:34:90:
ef:4b:4e:7b:6e:28:cd:ad:12:04:14:51:8b:69:aa:5f:db:9e:
78:8b:5e:25:ff:0e:66:c7:75:39:60:7a:39:8d:c2:12:a2:e8:
f6:d9:42:21:b9:69:bc:36:f2:12:d6:2e:86:8c:71:1b:24:34:
d2:25:90:00:d4:53:22:be:c8:1c:07:c9:c9:2e:f9:3f:04:12:
99:13:0a:a5:45:a9:35:bf:b1:3a:0e:4b:72:f5:0e:4f:41:36:
04:f3:d7:65:de:e1:48:47:cf:cc:b5:94:44:dd:7f:6b:43:71:
82:2c:bc:4c:2e:26:dc:e3:6b:89:3e:04:15:ef:44:d3:de:ee:
a2:b8:41:ea:06:7f:d0:4d:88:7a:e0:0c:ba:3d:86:cf:f0:6b:
d2:9d:a8:58:4c:fe:54:d4:e2:f6:ec:96:a0:c9:dd:28:54:ce:
c9:48:80:a9:b4:bf:0b:94:2a:ac:e3:fa:15:3f:a0:4c:1e:a7:
c9:45:0b:b1:42:cc:4f:73:a8:4b:b2:87:38:d7:2c:58:f2:6a:
34:85:fc:fe:87:70:1a:6e:db:47:42:d2:f5:f5:cf:e6:b9:f6:
f4:c9:93:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHcnOEPBp6IhqHY94X7I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM0NmFlOTcxYjEyZjc0NDM4NmZjMjM3Y2YxNWRkZTc3ZmJmYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrUXfz5OpBeIVQkt5UZg3uoJTcLX
Ej7HVHodVjvDHqRkfT8yfXOaY2y5sCHfYaWsY1W9sRKbPeRkajOE9pj9G5CH9pis
txIX1jYnj2IWdU3crI6ejYqfGwD5FZv2Thsr1GvbPrzj/xMju3Q0AzZSWri36JYG
zU55X+U79OCZl7tiV1teM+tI0qgHgyC7gbBXV7gui5uIzl8rjqxjglOmXyzolnRJ
XQ2viGKuuu15eOtOL3saSw5ByhW5yu6AO4X2EnesNZmmS+DtdICj2wjA9dxlMqBH
2lLF/czmmt47NWecGhABl8KqG+z2+0METy1GIqRtV1TrNKVeRqg+lF4rTwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDM0aulxsS90Q4b8I3zxXd53+/ozMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvTXpScTZYR3hMM1JEaHZ3amZQRmQzbmY3LWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E
AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQCje6xaPxBCPgXI9/nhEE5b
/I9YDiUJqd3Yz6aF80/b2mRQNJDvS057bijNrRIEFFGLaapf2554i14l/w5mx3U5
YHo5jcISouj22UIhuWm8NvIS1i6GjHEbJDTSJZAA1FMivsgcB8nJLvk/BBKZEwql
Rak1v7E6Dkty9Q5PQTYE89dl3uFIR8/MtZRE3X9rQ3GCLLxMLibc42uJPgQV70TT
3u6iuEHqBn/QTYh64Ay6PYbP8GvSnahYTP5U1OL27Jagyd0oVM7JSICptL8LlCqs
4/oVP6BMHqfJRQuxQsxPc6hLsoc41yxY8mo0hfz+h3AabttHQtL19c/mufb0yZPV
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:52:44 2024 by rpki-client on console-fra.rpki-client.org