Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/mntzthKxxlRUswoqlLDmf4wmsXY.roa
File: mntzthKxxlRUswoqlLDmf4wmsXY.roa (raw, json)
Hash identifier: hFfIxp2TkKMX/VuCpIfJT2owIQd9rbBMt69KTHhHVaQ=
Subject key identifier: 9A:7B:73:B6:12:B1:C6:54:54:B3:0A:2A:94:B0:E6:7F:8C:26:B1:76
Certificate issuer: /CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
Certificate serial: 01856F14AC438EB9571743EA3AD6CF2B8427
Authority key identifier: B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/mntzthKxxlRUswoqlLDmf4wmsXY.roa
Signing time: Sun 01 Jan 2023 20:45:03 +0000
ROA not before: Sun 01 Jan 2023 20:45:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206160
IP address blocks: 185.141.253.0/24 maxlen: 24
2a07:2781:a4a3::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ac:43:8e:b9:57:17:43:ea:3a:d6:cf:2b:84:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b19f07669e58ec32b9d9132e2ca6d19c2e949360
Validity
Not Before: Jan 1 20:45:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a7b73b612b1c65454b30a2a94b0e67f8c26b176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8d:31:0f:f5:9c:78:c5:0f:0e:f2:65:d1:34:
2b:e2:7b:b1:4a:ac:16:83:af:bf:cd:eb:ad:fe:17:
5c:d4:0d:a6:ae:57:ad:ce:d6:97:66:a6:bd:5c:75:
6b:98:49:95:00:5a:d9:62:1c:50:10:0f:67:ef:50:
6e:ae:ba:51:a8:db:15:52:df:5d:aa:1d:b8:e5:b7:
73:18:ec:30:36:85:23:08:4d:c7:8e:43:6a:5e:a3:
ad:89:da:75:25:3b:6a:04:ca:b3:28:b8:4e:1a:77:
c5:26:71:c9:db:44:f8:50:c1:c4:05:d6:cc:19:0f:
ad:98:df:89:18:fa:8e:c7:5e:40:32:84:13:ec:4a:
08:3d:0e:59:dc:09:a3:38:ff:6e:ad:d8:e7:99:15:
7f:56:b8:59:af:ef:23:9b:e0:80:19:95:4b:71:66:
0e:57:69:46:96:bf:b4:05:fe:09:86:fd:73:27:e5:
14:7d:49:9c:2e:bc:dd:31:88:c1:5f:92:46:4b:ed:
4a:8f:07:32:80:a2:56:04:82:36:7c:34:c2:7e:71:
0f:2f:9a:98:7c:f7:5d:a0:fc:62:ee:9e:4e:f9:01:
90:8c:7b:7b:07:91:b8:6a:94:a3:51:aa:4c:a2:ed:
3e:55:c3:12:f4:6f:3c:27:e5:74:6e:d1:10:71:a1:
ec:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:7B:73:B6:12:B1:C6:54:54:B3:0A:2A:94:B0:E6:7F:8C:26:B1:76
X509v3 Authority Key Identifier:
keyid:B1:9F:07:66:9E:58:EC:32:B9:D9:13:2E:2C:A6:D1:9C:2E:94:93:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/mntzthKxxlRUswoqlLDmf4wmsXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/626eef-12d0-47fa-b633-641dd4288c40/1/sZ8HZp5Y7DK52RMuLKbRnC6Uk2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.253.0/24
IPv6:
2a07:2781:a4a3::/48
Signature Algorithm: sha256WithRSAEncryption
b7:b8:83:3f:b0:c0:09:5e:2d:de:bb:a1:a8:cb:95:d4:04:5a:
21:bd:bc:a5:40:36:fe:ab:6d:50:3a:c3:49:c4:d5:08:60:b7:
01:9f:41:79:d9:03:a0:af:23:76:86:c1:a6:2b:ea:71:85:5a:
ac:b6:0d:81:28:86:e4:fe:5f:e7:63:6b:b8:0f:63:14:5b:42:
6d:12:86:d7:60:00:03:3f:9a:09:80:77:14:df:b7:b8:53:19:
31:a6:a3:aa:6b:8e:38:70:a3:bc:b6:a1:c3:5c:75:f8:fe:e3:
87:47:e0:33:89:4b:cb:f6:85:e1:14:c1:d6:64:dc:c4:6a:06:
36:54:b5:af:5e:9f:09:ae:27:58:72:ed:70:79:d6:6c:7b:40:
cc:7c:64:b9:c0:da:83:d0:dd:21:8e:bc:c6:e1:77:86:79:b7:
9c:45:a9:ae:cc:56:37:6b:16:d3:b0:ed:15:92:8e:7c:ec:68:
f7:88:2c:18:fd:eb:c4:e0:67:b4:ad:c0:86:e1:f8:12:3c:70:
7b:d7:f3:26:b9:74:e8:c1:af:64:b9:6d:37:93:ba:b3:62:c3:
c6:b9:b6:fc:49:60:fa:d6:72:85:32:1e:e2:fc:6c:35:90:6d:
a0:45:5e:ed:2f:d1:81:05:0b:13:09:9d:b8:ab:34:60:52:9c:
85:4f:20:7e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVvFKxDjrlXF0PqOtbPK4QnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOWYwNzY2OWU1OGVjMzJiOWQ5MTMyZTJjYTZkMTljMmU5
NDkzNjAwHhcNMjMwMTAxMjA0NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTdiNzNiNjEyYjFjNjU0NTRiMzBhMmE5NGIwZTY3ZjhjMjZiMTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsI0xD/WceMUPDvJl0TQr4nuxSqwW
g6+/zeut/hdc1A2mrletztaXZqa9XHVrmEmVAFrZYhxQEA9n71BurrpRqNsVUt9d
qh245bdzGOwwNoUjCE3HjkNqXqOtidp1JTtqBMqzKLhOGnfFJnHJ20T4UMHEBdbM
GQ+tmN+JGPqOx15AMoQT7EoIPQ5Z3AmjOP9urdjnmRV/VrhZr+8jm+CAGZVLcWYO
V2lGlr+0Bf4Jhv1zJ+UUfUmcLrzdMYjBX5JGS+1KjwcygKJWBII2fDTCfnEPL5qY
fPddoPxi7p5O+QGQjHt7B5G4apSjUapMou0+VcMS9G88J+V0btEQcaHsowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJp7c7YSscZUVLMKKpSw5n+MJrF2MB8GA1UdIwQY
MBaAFLGfB2aeWOwyudkTLiym0ZwulJNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1o4SFpwNVk3REs1MlJNdUxLYlJuQzZVazJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy82MjZlZWYtMTJkMC00N2ZhLWI2MzMt
NjQxZGQ0Mjg4YzQwLzEvbW50enRoS3h4bFJVc3dvcWxMRG1mNHdtc1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy82MjZlZWYtMTJkMC00N2ZhLWI2MzMtNjQxZGQ0Mjg4YzQw
LzEvc1o4SFpwNVk3REs1MlJNdUxLYlJuQzZVazJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuY39MA8E
AgACMAkDBwAqByeBpKMwDQYJKoZIhvcNAQELBQADggEBALe4gz+wwAleLd67oajL
ldQEWiG9vKVANv6rbVA6w0nE1QhgtwGfQXnZA6CvI3aGwaYr6nGFWqy2DYEohuT+
X+dja7gPYxRbQm0ShtdgAAM/mgmAdxTft7hTGTGmo6prjjhwo7y2ocNcdfj+44dH
4DOJS8v2heEUwdZk3MRqBjZUta9enwmuJ1hy7XB51mx7QMx8ZLnA2oPQ3SGOvMbh
d4Z5t5xFqa7MVjdrFtOw7RWSjnzsaPeILBj968TgZ7StwIbh+BI8cHvX8ya5dOjB
r2S5bTeTurNiw8a5tvxJYPrWcoUyHuL8bDWQbaBFXu0v0YEFCxMJnbirNGBSnIVP
IH4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:20:16 2024 by rpki-client on console-ams.rpki-client.org