Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/mTZM1a9Hx_LmpEgAEI7iaIKS-wo.roa
File: mTZM1a9Hx_LmpEgAEI7iaIKS-wo.roa (raw, json)
Hash identifier: aGPLYgO42GDmPE5InR/0Zf24/I2U9YHiY8ktrwIUeqA=
Subject key identifier: 99:36:4C:D5:AF:47:C7:F2:E6:A4:48:00:10:8E:E2:68:82:92:FB:0A
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 01856C4A3AD0C836100356499FD235B40E07
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/mTZM1a9Hx_LmpEgAEI7iaIKS-wo.roa
Signing time: Sun 01 Jan 2023 07:44:42 +0000
ROA not before: Sun 01 Jan 2023 07:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:3a:d0:c8:36:10:03:56:49:9f:d2:35:b4:0e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 1 07:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99364cd5af47c7f2e6a44800108ee2688292fb0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:5b:64:6e:6d:e4:c8:5b:0e:5c:d2:5c:dd:
85:1b:0e:5d:18:72:32:e5:9a:29:2f:e0:43:0a:1e:
d2:e0:e8:0d:3e:5d:99:be:ab:3a:d0:49:41:8d:79:
89:1c:23:b7:a5:1a:d3:26:1c:05:9b:63:1d:3e:7b:
85:39:a1:c7:78:1f:0b:3b:37:04:8a:82:88:30:f4:
f1:0e:dc:22:98:67:5c:49:e3:8a:73:a0:37:d9:83:
66:09:f1:87:f5:31:a0:78:2e:d3:03:36:56:03:67:
f9:2e:3d:4b:19:4d:fc:2c:97:c2:ac:a1:c1:d2:f9:
6a:a2:ce:07:0e:3a:93:91:35:2e:74:06:df:7f:c9:
ea:90:cb:c4:7f:3b:e9:c8:f4:00:87:2b:ef:e8:b2:
8c:0c:7b:64:44:b0:7e:c7:7c:11:c9:08:b9:32:09:
0e:4d:f3:1d:be:98:21:14:b0:fa:a4:c9:6b:a3:48:
5e:9a:3b:7b:1a:d5:df:9f:b9:93:16:ca:7a:10:9e:
c1:4d:a6:0d:59:77:25:5e:52:6a:3e:a0:30:11:9e:
6c:4c:f3:83:74:02:0a:52:13:c0:9d:16:a2:82:c8:
d1:2b:9e:11:d6:ec:f5:46:1b:69:1a:a2:ba:da:53:
97:7e:4c:5b:c3:16:33:8b:66:ce:ec:0b:0c:e6:11:
55:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:36:4C:D5:AF:47:C7:F2:E6:A4:48:00:10:8E:E2:68:82:92:FB:0A
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/mTZM1a9Hx_LmpEgAEI7iaIKS-wo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
69:5f:8c:35:66:8c:5c:df:15:53:bd:ab:bb:c7:0f:26:6f:0c:
48:53:ed:ad:c5:d9:7c:be:9e:c6:73:3d:57:b8:c0:c6:0f:05:
0a:44:a3:b8:05:d7:1a:b4:75:39:fe:83:78:53:0d:b9:bd:51:
0c:7f:1e:ce:64:e7:d0:da:d0:eb:fd:65:02:05:11:93:c4:e6:
d6:79:48:af:3b:68:c0:d1:ed:a3:a1:23:17:da:48:04:19:fc:
46:f1:d4:36:61:c8:21:ad:f5:46:46:ad:b5:b8:9a:ee:24:98:
cf:d1:69:23:94:14:e5:36:a8:49:ac:7e:be:5c:8b:2c:6c:02:
03:49:9f:d4:cf:81:c8:81:57:59:a2:f9:cd:d7:ec:07:8c:ef:
15:5c:6b:ee:2b:5d:dc:33:5e:f1:86:35:de:78:31:7f:38:d3:
74:fc:25:f8:b5:6f:60:a4:e6:20:4f:1a:df:b3:88:8e:26:df:
10:27:6b:8c:e6:25:4f:73:4c:48:4a:43:c7:44:d9:e0:dc:df:
33:49:27:4e:ef:9d:39:9f:06:a4:7d:0b:97:1e:19:ce:d5:d3:
d1:9f:bf:5c:0b:47:42:66:ec:0c:73:6f:7d:0e:a6:57:ea:18:
8b:de:ca:2f:ec:0e:ee:fc:b3:1a:9b:05:b7:15:bc:a6:69:77:
7c:7f:7a:1b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVsSjrQyDYQA1ZJn9I1tA4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTIwODVjN2RlM2I1OTgyMTZiODlmYjBmMmIxZDkzMGRl
NjZjMTkwHhcNMjMwMTAxMDc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTM2NGNkNWFmNDdjN2YyZTZhNDQ4MDAxMDhlZTI2ODgyOTJmYjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd1bZG5t5MhbDlzSXN2FGw5dGHIy
5ZopL+BDCh7S4OgNPl2Zvqs60ElBjXmJHCO3pRrTJhwFm2MdPnuFOaHHeB8LOzcE
ioKIMPTxDtwimGdcSeOKc6A32YNmCfGH9TGgeC7TAzZWA2f5Lj1LGU38LJfCrKHB
0vlqos4HDjqTkTUudAbff8nqkMvEfzvpyPQAhyvv6LKMDHtkRLB+x3wRyQi5MgkO
TfMdvpghFLD6pMlro0hemjt7GtXfn7mTFsp6EJ7BTaYNWXclXlJqPqAwEZ5sTPOD
dAIKUhPAnRaigsjRK54R1uz1RhtpGqK62lOXfkxbwxYzi2bO7AsM5hFVSQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJk2TNWvR8fy5qRIABCO4miCkvsKMB8GA1UdIwQY
MBaAFLSiCFx947WYIWuJ+w8rHZMN5mwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAt
MzExNzk4OTYwMWFkLzEvbVRaTTFhOUh4X0xtcEVnQUVJN2lhSUtTLXdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNjUxM2QtMmQ1My00MDIyLTgzNjAtMzExNzk4OTYwMWFk
LzEvdEtJSVhIM2p0WmdoYTRuN0R5c2RrdzNtYkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBuYEQMBgE
AgACMBIwEAMFBioPqsADBwAqD6rAAAIwDQYJKoZIhvcNAQELBQADggEBAGlfjDVm
jFzfFVO9q7vHDyZvDEhT7a3F2Xy+nsZzPVe4wMYPBQpEo7gF1xq0dTn+g3hTDbm9
UQx/Hs5k59Da0Ov9ZQIFEZPE5tZ5SK87aMDR7aOhIxfaSAQZ/Ebx1DZhyCGt9UZG
rbW4mu4kmM/RaSOUFOU2qEmsfr5ciyxsAgNJn9TPgciBV1mi+c3X7AeM7xVca+4r
XdwzXvGGNd54MX8403T8Jfi1b2Ck5iBPGt+ziI4m3xAna4zmJU9zTEhKQ8dE2eDc
3zNJJ07vnTmfBqR9C5ceGc7V09Gfv1wLR0Jm7Axzb30OplfqGIveyi/sDu78sxqb
BbcVvKZpd3x/ehs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org