Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mW9zguxGnVcFkbQEykn6enzn-to.roa
File: mW9zguxGnVcFkbQEykn6enzn-to.roa (raw, json)
Hash identifier: UlRSyXPme3Cj011d55ul//bS6PcYBglePZOWRyeQqbc=
Subject key identifier: 99:6F:73:82:EC:46:9D:57:05:91:B4:04:CA:49:FA:7A:7C:E7:FA:DA
Certificate issuer: /CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Certificate serial: 01856D53F30DD91A50BC60EB299B8AE891A9
Authority key identifier: BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mW9zguxGnVcFkbQEykn6enzn-to.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29014
IP address blocks: 185.168.228.0/22 maxlen: 24
2a0b:f080::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f3:0d:d9:1a:50:bc:60:eb:29:9b:8a:e8:91:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbc55fb24ad556e04202651f6d5a8b27d5bedf97
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=996f7382ec469d570591b404ca49fa7a7ce7fada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c0:b2:cd:5b:6f:a2:57:ef:46:09:fb:72:ec:
73:da:0c:32:a3:63:1f:e6:a8:0e:0a:55:03:52:0c:
1e:3c:72:fd:78:de:cc:bf:0e:2a:a3:86:bb:3c:1f:
74:3f:e2:32:c2:d7:23:6c:fd:35:8a:07:bf:f2:39:
4d:49:9e:88:94:c6:14:5b:e5:c7:c2:a1:3f:94:86:
6b:28:95:af:15:51:00:7d:c1:3e:b9:df:50:11:e0:
ba:31:63:ba:5a:29:81:85:d0:5b:cb:3f:db:dc:b0:
69:f3:15:c1:7a:24:79:a2:ac:50:86:e7:4e:d3:db:
be:03:1e:b0:a4:fd:b5:19:37:0a:b0:ef:41:44:43:
1c:ca:3d:d1:4e:21:e6:47:f4:b0:e4:f6:9f:86:12:
95:91:51:0d:52:bf:bb:b3:c4:e8:75:b6:13:91:e9:
54:28:dd:d3:25:21:8b:31:e7:aa:e8:35:94:e0:2c:
fe:23:82:44:3a:c6:50:66:68:3f:bb:20:ba:e5:36:
0f:4d:f2:a3:58:9c:77:11:e6:1c:87:ef:f2:32:c0:
cc:8a:b5:6e:ff:94:b3:15:4b:d6:78:50:12:95:6e:
88:28:12:4c:1e:51:9c:66:d0:b7:0f:6a:41:5e:38:
ad:05:cc:0a:0c:93:12:71:8d:46:f4:71:a5:7a:c0:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6F:73:82:EC:46:9D:57:05:91:B4:04:CA:49:FA:7A:7C:E7:FA:DA
X509v3 Authority Key Identifier:
keyid:BB:C5:5F:B2:4A:D5:56:E0:42:02:65:1F:6D:5A:8B:27:D5:BE:DF:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8VfskrVVuBCAmUfbVqLJ9W-35c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/mW9zguxGnVcFkbQEykn6enzn-to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/46922f-5cb6-4d98-b4fc-93bd5e408f91/1/u8VfskrVVuBCAmUfbVqLJ9W-35c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.228.0/22
IPv6:
2a0b:f080::/32
Signature Algorithm: sha256WithRSAEncryption
a8:85:f5:a2:86:9e:b5:ac:70:82:11:e8:57:cc:39:00:a9:ac:
ec:09:96:d0:65:44:1a:16:27:32:4b:5e:28:67:7b:49:07:ca:
74:a6:23:f8:35:71:40:1a:b8:f1:d5:aa:b3:a3:4d:44:46:09:
3a:2a:2d:2d:dc:a9:65:a8:95:89:70:ac:b0:7e:a5:a3:53:94:
ce:a0:a6:2c:b5:76:cf:ab:b6:d6:d5:c5:a4:72:73:6d:10:f6:
9f:fc:ff:1a:5b:bc:a6:75:24:c1:b2:a3:e0:49:5a:b1:22:be:
81:c0:9a:5d:e2:5a:d6:c0:5d:4b:af:ea:3d:c1:4f:f2:09:79:
23:e6:f1:c4:2f:81:82:6d:c9:2a:ff:b3:0c:00:b6:b2:92:14:
82:5e:e5:9f:d1:4e:54:7d:c1:8a:2f:14:49:2f:ae:7d:6b:00:
dc:aa:e0:e8:fa:b2:fd:44:6b:a7:6b:a4:a3:44:f6:ef:2d:e7:
fc:7f:d4:6c:b0:2e:01:ca:5a:d1:78:a5:45:29:67:c9:37:ea:
13:13:98:4a:f9:68:8d:8e:cd:7e:fa:da:9e:3c:92:87:58:f6:
99:84:eb:3d:8c:b5:9d:c0:36:a8:3f:ce:8d:68:61:a6:1d:81:
56:3e:fe:c7:8a:b9:ed:6a:66:26:72:2f:02:1e:34:94:fd:fa:
65:b4:cd:09
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtU/MN2RpQvGDrKZuK6JGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYzU1ZmIyNGFkNTU2ZTA0MjAyNjUxZjZkNWE4YjI3ZDVi
ZWRmOTcwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZmNzM4MmVjNDY5ZDU3MDU5MWI0MDRjYTQ5ZmE3YTdjZTdmYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8CyzVtvolfvRgn7cuxz2gwyo2Mf
5qgOClUDUgwePHL9eN7Mvw4qo4a7PB90P+IywtcjbP01ige/8jlNSZ6IlMYUW+XH
wqE/lIZrKJWvFVEAfcE+ud9QEeC6MWO6WimBhdBbyz/b3LBp8xXBeiR5oqxQhudO
09u+Ax6wpP21GTcKsO9BREMcyj3RTiHmR/Sw5PafhhKVkVENUr+7s8TodbYTkelU
KN3TJSGLMeeq6DWU4Cz+I4JEOsZQZmg/uyC65TYPTfKjWJx3EeYch+/yMsDMirVu
/5SzFUvWeFASlW6IKBJMHlGcZtC3D2pBXjitBcwKDJMScY1G9HGlesBDyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJlvc4LsRp1XBZG0BMpJ+np85/raMB8GA1UdIwQY
MBaAFLvFX7JK1VbgQgJlH21aiyfVvt+XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMt
OTNiZDVlNDA4ZjkxLzEvbVc5emd1eEduVmNGa2JRRXlrbjZlbnpuLXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80NjkyMmYtNWNiNi00ZDk4LWI0ZmMtOTNiZDVlNDA4Zjkx
LzEvdThWZnNrclZWdUJDQW1VZmJWcUxKOVctMzVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuajkMA0E
AgACMAcDBQAqC/CAMA0GCSqGSIb3DQEBCwUAA4IBAQCohfWihp61rHCCEehXzDkA
qazsCZbQZUQaFicyS14oZ3tJB8p0piP4NXFAGrjx1aqzo01ERgk6Ki0t3KllqJWJ
cKywfqWjU5TOoKYstXbPq7bW1cWkcnNtEPaf/P8aW7ymdSTBsqPgSVqxIr6BwJpd
4lrWwF1Lr+o9wU/yCXkj5vHEL4GCbckq/7MMALaykhSCXuWf0U5UfcGKLxRJL659
awDcquDo+rL9RGuna6SjRPbvLef8f9RssC4BylrReKVFKWfJN+oTE5hK+WiNjs1+
+tqePJKHWPaZhOs9jLWdwDaoP86NaGGmHYFWPv7HirntamYmci8CHjSU/fpltM0J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:09 2024 by rpki-client on console-fra.rpki-client.org