Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa
File: R3MDbrA0eNrAu0ymND0PkQmop0g.roa (raw, json)
Hash identifier: vxGdv9WcNY8jLmBO8M3BK9W9oJD4orzDonHwEwvaJy8=
Subject key identifier: 47:73:03:6E:B0:34:78:DA:C0:BB:4C:A6:34:3D:0F:91:09:A8:A7:48
Certificate issuer: /CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Certificate serial: 01856D53F3B9693B80A83E7539F52110607A
Authority key identifier: BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213319
IP address blocks: 185.168.228.0/22 maxlen: 24
2a0b:f080::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f3:b9:69:3b:80:a8:3e:75:39:f5:21:10:60:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4773036eb03478dac0bb4ca6343d0f9109a8a748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ea:e2:a8:bc:28:bc:18:9a:57:11:0b:a5:80:
12:74:86:05:01:e6:3c:2f:df:61:ab:a8:aa:1f:4c:
57:44:fb:4b:28:13:23:e2:e8:30:49:3f:a7:b7:11:
6a:f1:0c:03:be:0e:79:79:81:5f:32:3b:47:7e:a0:
98:c5:c2:4a:03:90:77:8d:4d:8e:5b:bf:16:11:66:
7f:4f:e0:68:00:6d:fd:7a:b9:dd:c4:e6:ee:8b:fe:
b0:12:62:9b:b5:78:33:24:3f:18:b1:b2:a0:c1:4b:
26:5d:bf:e0:4f:c3:82:10:dd:ad:e6:02:3f:53:63:
2c:7e:d2:69:70:92:e7:28:d7:dd:dd:90:ad:da:da:
ac:f7:ae:54:ba:96:fa:aa:bd:57:bf:d7:71:c6:ba:
b4:a1:23:22:28:cb:83:9c:16:fb:1b:70:98:cb:f8:
81:34:5e:dc:e7:34:25:7a:62:12:4b:41:0f:49:ac:
6f:6a:73:fd:2a:e0:b5:1a:fb:8d:1a:88:20:05:3a:
e8:7a:63:dc:b9:0f:8c:2b:9a:13:d3:1b:0a:2e:17:
db:ac:29:e5:08:6e:fc:85:e6:b4:35:fa:25:7a:54:
9c:a3:d3:3d:a9:15:b5:72:1a:74:3e:7c:c4:80:e3:
df:1c:28:d9:91:0f:a9:57:72:32:a0:23:4e:97:d7:
33:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:73:03:6E:B0:34:78:DA:C0:BB:4C:A6:34:3D:0F:91:09:A8:A7:48
X509v3 Authority Key Identifier:
keyid:BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/R3MDbrA0eNrAu0ymND0PkQmop0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/u8VfskrVVuBCAmUfbVqLJ9W-35c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.228.0/22
IPv6:
2a0b:f080::/32
Signature Algorithm: sha256WithRSAEncryption
b2:2b:68:9f:c5:aa:52:44:b1:32:1b:70:7c:53:6d:8e:5e:2f:
ed:2b:9b:c3:eb:f1:bd:67:95:3f:cd:28:52:ec:2d:ac:93:12:
00:3b:43:8a:95:43:15:54:63:be:d9:bb:a7:8f:06:10:3d:e5:
0d:0d:15:49:34:19:0e:52:92:b2:27:8c:6d:08:92:bd:ae:fd:
6f:d1:7c:54:92:d6:cb:13:87:a8:12:01:13:bb:48:38:be:10:
18:68:2f:8e:ec:a3:63:14:67:d8:2c:fb:d7:09:1e:f6:dd:37:
5f:e2:21:85:2e:8c:78:92:53:2f:92:dc:23:02:d6:9d:fb:3e:
82:55:8f:cc:7e:55:80:e4:94:e6:2c:57:bb:5c:aa:8b:11:ff:
48:5f:87:f4:af:ea:ed:65:ae:cb:c6:60:84:63:28:c8:a1:ad:
54:fe:c6:42:e3:c8:c2:30:d4:86:35:23:51:e7:20:c8:fd:a4:
b5:73:10:eb:ba:9a:c1:93:3a:0f:35:f1:11:cd:39:ed:bc:dc:
f3:d5:54:c5:8a:45:fd:a5:fa:ea:d1:44:88:82:fd:e4:2d:9a:
8a:0b:bd:6b:a4:4e:ea:7c:00:65:2a:1f:c4:59:97:b2:7a:31:
d6:7b:e8:e8:59:03:4b:a2:e9:80:56:c8:2a:3c:45:8f:f3:ca:
16:a5:24:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU/O5aTuAqD51OfUhEGB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzU1ZmIyNGFkNTU2ZTA0MjAyNjUxZjZkNWE4YjI3ZDVi
ZWRmOTcwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzczMDM2ZWIwMzQ3OGRhYzBiYjRjYTYzNDNkMGY5MTA5YThhNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOriqLwovBiaVxELpYASdIYFAeY8
L99hq6iqH0xXRPtLKBMj4ugwST+ntxFq8QwDvg55eYFfMjtHfqCYxcJKA5B3jU2O
W78WEWZ/T+BoAG39erndxObui/6wEmKbtXgzJD8YsbKgwUsmXb/gT8OCEN2t5gI/
U2MsftJpcJLnKNfd3ZCt2tqs965Uupb6qr1Xv9dxxrq0oSMiKMuDnBb7G3CYy/iB
NF7c5zQlemISS0EPSaxvanP9KuC1GvuNGoggBTroemPcuQ+MK5oT0xsKLhfbrCnl
CG78hea0NfolelSco9M9qRW1chp0PnzEgOPfHCjZkQ+pV3IyoCNOl9czfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEdzA26wNHjawLtMpjQ9D5EJqKdIMB8GA1UdIwQY
MBaAFLvFX7JK1VbgQgJlH21aiyfVvt+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMt
OTNiZDVlNDA4ZjkxLzEvUjNNRGJyQTBlTnJBdTB5bU5EMFBrUW1vcDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMtOTNiZDVlNDA4Zjkx
LzEvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuajkMA0E
AgACMAcDBQAqC/CAMA0GCSqGSIb3DQEBCwUAA4IBAQCyK2ifxapSRLEyG3B8U22O
Xi/tK5vD6/G9Z5U/zShS7C2skxIAO0OKlUMVVGO+2bunjwYQPeUNDRVJNBkOUpKy
J4xtCJK9rv1v0XxUktbLE4eoEgETu0g4vhAYaC+O7KNjFGfYLPvXCR723Tdf4iGF
Lox4klMvktwjAtad+z6CVY/MflWA5JTmLFe7XKqLEf9IX4f0r+rtZa7LxmCEYyjI
oa1U/sZC48jCMNSGNSNR5yDI/aS1cxDruprBkzoPNfERzTntvNzz1VTFikX9pfrq
0USIgv3kLZqKC71rpE7qfABlKh/EWZeyejHWe+joWQNLoumAVsgqPEWP88oWpSQm
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:55 2024 by rpki-client on console-fra.rpki-client.org