Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mM2CGacJnsMeWOo5yiZVHK-KhRs.roa
File: mM2CGacJnsMeWOo5yiZVHK-KhRs.roa (raw, json)
Hash identifier: hvd9nC530Ka9Qs4r3JODvLhjdnCxorKdEbk3lcNKbVs=
Subject key identifier: 98:CD:82:19:A7:09:9E:C3:1E:58:EA:39:CA:26:55:1C:AF:8A:85:1B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018571B64AB613AE02E5BE0AD41F4CCEDE01
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mM2CGacJnsMeWOo5yiZVHK-KhRs.roa
Signing time: Mon 02 Jan 2023 09:00:49 +0000
ROA not before: Mon 02 Jan 2023 09:00:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212017
IP address blocks: 185.128.52.0/22 maxlen: 22
185.121.12.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
194.48.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 22 Feb 2023 15:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b6:4a:b6:13:ae:02:e5:be:0a:d4:1f:4c:ce:de:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jan 2 09:00:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98cd8219a7099ec31e58ea39ca26551caf8a851b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:63:f5:54:62:f6:46:61:61:7e:3f:ca:59:53:
fe:0e:69:f8:66:b0:90:e3:c4:d9:fb:e6:9e:85:b5:
ab:43:ff:4e:21:c7:c8:6d:09:71:6a:5e:03:83:8e:
de:53:ff:aa:c1:c9:10:7a:63:d1:8e:4e:10:0b:d5:
26:25:c5:d3:bd:98:1a:cc:e0:f4:f3:ae:40:36:b1:
ff:f8:17:4d:1c:db:c6:4d:9a:ce:b1:81:a0:fd:44:
c1:ac:03:eb:0d:bb:bc:07:ba:81:3b:18:29:25:37:
1c:4e:d6:75:d7:44:b7:16:f8:eb:e6:68:5c:07:3a:
ff:90:df:77:e6:14:bc:20:e9:c6:e3:94:bd:97:e8:
ca:68:bc:a6:aa:77:8d:35:f9:94:18:1f:81:97:25:
2e:57:69:1a:03:be:1d:d0:d2:9f:0b:bc:ff:f4:67:
00:85:93:b6:8d:ac:a3:e2:fe:4e:62:67:65:6b:0b:
b8:36:96:b7:8c:8d:a9:cb:72:7a:26:86:c7:eb:9f:
55:e7:2c:65:fa:d0:b2:ba:93:9a:3b:22:fb:80:5b:
1b:94:bf:2c:2f:1c:27:29:45:77:e6:54:6e:2b:33:
41:f9:c8:98:ff:d4:bc:69:51:ab:fb:f0:60:2f:77:
8c:5d:07:ea:bf:ff:99:a9:3b:22:c5:9a:2d:30:71:
a0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CD:82:19:A7:09:9E:C3:1E:58:EA:39:CA:26:55:1C:AF:8A:85:1B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mM2CGacJnsMeWOo5yiZVHK-KhRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.128.52.0/22
185.227.172.0/22
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
83:fb:36:80:ea:9a:bf:2b:1b:27:cf:59:d8:a6:fb:8f:5e:68:
3f:3f:c9:cf:37:9c:bf:27:cf:fc:80:9b:da:ba:35:70:70:9c:
e8:c6:fd:09:bd:ad:f5:7e:50:56:d9:e5:48:49:d2:65:82:21:
27:cb:3c:b0:10:37:ab:08:4a:99:0c:aa:9b:45:95:28:16:40:
7d:74:c9:70:86:4b:bd:2d:93:30:2d:b5:f5:b2:68:08:3a:a0:
d6:5c:09:1f:cc:a7:08:4c:22:7c:10:c1:33:07:2d:ef:67:b7:
4b:8c:0a:3a:ea:46:e6:8a:c2:16:b1:e2:de:0c:8a:0f:cc:08:
d2:0d:a4:f9:a9:4d:a7:a9:82:21:0b:ef:bd:25:51:69:2b:76:
aa:f0:ee:26:bb:74:49:d0:80:12:0c:01:be:4c:d0:bb:49:8f:
27:2d:f0:60:71:23:d2:10:ed:aa:7a:10:a1:d4:40:83:1d:8a:
a4:6f:cd:e5:c6:6d:4f:5e:e5:22:88:f7:20:8a:9c:56:c0:0f:
38:d5:f8:1c:6b:be:8d:d3:a9:d2:00:5f:a3:4e:ea:e0:91:a4:
16:33:29:44:05:78:22:4d:29:14:a1:c7:45:4b:58:cd:9a:1c:
e4:5e:04:7f:ed:a1:8b:2e:09:f7:5b:82:e6:cd:12:31:5b:86:
f5:31:d7:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVxtkq2E64C5b4K1B9Mzt4BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwMTAyMDkwMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGNkODIxOWE3MDk5ZWMzMWU1OGVhMzljYTI2NTUxY2FmOGE4NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGP1VGL2RmFhfj/KWVP+Dmn4ZrCQ
48TZ++aehbWrQ/9OIcfIbQlxal4Dg47eU/+qwckQemPRjk4QC9UmJcXTvZgazOD0
865ANrH/+BdNHNvGTZrOsYGg/UTBrAPrDbu8B7qBOxgpJTccTtZ110S3Fvjr5mhc
Bzr/kN935hS8IOnG45S9l+jKaLymqneNNfmUGB+BlyUuV2kaA74d0NKfC7z/9GcA
hZO2jayj4v5OYmdlawu4Npa3jI2py3J6JobH659V5yxl+tCyupOaOyL7gFsblL8s
LxwnKUV35lRuKzNB+ciY/9S8aVGr+/BgL3eMXQfqv/+ZqTsixZotMHGgbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJjNghmnCZ7DHljqOcomVRyvioUbMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbU0yQ0dhY0puc01lV09vNXlpWlZISy1LaFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXkMAwQC
uYA0AwQCueOsAwQCwjCMMA0GCSqGSIb3DQEBCwUAA4IBAQCD+zaA6pq/Kxsnz1nY
pvuPXmg/P8nPN5y/J8/8gJvaujVwcJzoxv0Jva31flBW2eVISdJlgiEnyzywEDer
CEqZDKqbRZUoFkB9dMlwhku9LZMwLbX1smgIOqDWXAkfzKcITCJ8EMEzBy3vZ7dL
jAo66kbmisIWseLeDIoPzAjSDaT5qU2nqYIhC++9JVFpK3aq8O4mu3RJ0IASDAG+
TNC7SY8nLfBgcSPSEO2qehCh1ECDHYqkb83lxm1PXuUiiPcgipxWwA841fgca76N
06nSAF+jTurgkaQWMylEBXgiTSkUocdFS1jNmhzkXgR/7aGLLgn3W4LmzRIxW4b1
Mdek
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:28 2024 by rpki-client on console-ams.rpki-client.org