Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/nM2QjNLrUWRtcvHrK7ffv0NiQO4.roa
File: nM2QjNLrUWRtcvHrK7ffv0NiQO4.roa (raw, json)
Hash identifier: tC3ELBGtySj5SGnX0AP1YdrZ3bYPM33gPVa391ADNEI=
Subject key identifier: 9C:CD:90:8C:D2:EB:51:64:6D:72:F1:EB:2B:B7:DF:BF:43:62:40:EE
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 018572C373CDCFE5074407B38F2FD00C4EC9
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/nM2QjNLrUWRtcvHrK7ffv0NiQO4.roa
Signing time: Mon 02 Jan 2023 13:54:49 +0000
ROA not before: Mon 02 Jan 2023 13:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20940
IP address blocks: 185.225.251.0/24 maxlen: 24
185.225.250.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:c3:73:cd:cf:e5:07:44:07:b3:8f:2f:d0:0c:4e:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 2 13:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ccd908cd2eb51646d72f1eb2bb7dfbf436240ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:01:49:40:e4:5b:54:95:ca:f0:f5:53:a6:0b:
43:01:b0:eb:8c:5f:45:21:8a:3d:96:4e:eb:70:68:
73:22:a5:71:24:ff:36:84:e9:35:17:69:77:12:9e:
00:28:1d:c1:08:d9:f9:47:cc:a5:ae:42:52:f3:70:
2f:3a:7f:aa:ee:6e:f1:63:16:0b:e9:65:bc:00:a8:
99:48:db:f3:98:56:14:e4:14:22:2c:a6:52:8f:7c:
9d:17:da:54:63:cf:b2:30:1b:ab:9c:58:f6:9c:41:
1f:04:e0:19:32:0f:e3:73:a7:2e:9f:c8:94:9f:80:
32:89:29:b0:65:ed:f9:24:be:fa:95:e6:32:92:11:
65:11:9c:a6:d3:74:35:21:d0:a6:14:12:c5:99:ec:
0c:4b:75:eb:5f:a2:22:2c:cb:7a:a0:b9:5d:ae:59:
5f:54:f9:b1:6e:9b:54:40:d9:45:eb:cc:e7:31:70:
9e:c5:4e:36:f6:de:7c:71:48:01:47:dc:e6:af:9c:
0d:af:89:d8:5a:ff:89:a7:1d:e0:26:2b:1f:1f:a6:
5b:b1:b5:90:9e:3e:e4:4f:92:69:aa:65:87:ee:e6:
1d:dd:82:41:5c:07:1f:c1:46:78:43:74:d7:95:c4:
59:e6:93:30:ea:a7:55:30:c3:c7:2b:5b:ad:d5:62:
e8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:CD:90:8C:D2:EB:51:64:6D:72:F1:EB:2B:B7:DF:BF:43:62:40:EE
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/nM2QjNLrUWRtcvHrK7ffv0NiQO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.250.0/23
Signature Algorithm: sha256WithRSAEncryption
71:e4:20:4c:48:93:c9:77:20:4f:4d:74:b9:82:e9:c6:9f:fe:
43:e9:e8:a2:3f:70:71:d0:3a:8e:2b:e1:cc:b4:02:74:d9:4d:
8c:da:95:06:34:ca:5c:96:6d:33:9c:a9:5e:d7:00:5b:1c:bc:
04:9c:c1:6b:07:9b:0c:a5:fb:ff:56:1b:14:3c:10:09:9b:15:
10:fb:8e:95:fe:41:ce:a1:89:45:39:4c:86:2b:db:bd:67:5c:
e5:e8:ec:20:12:f0:62:24:c1:8b:4f:3e:ea:be:7f:a7:1c:89:
46:67:bd:5f:bb:1e:0a:92:dc:2c:1c:94:ad:67:0b:9a:98:0d:
a0:65:6e:df:06:61:60:d3:11:a7:98:40:5e:e9:99:2a:53:bc:
15:f0:20:a4:64:ba:7f:e2:65:43:93:6d:86:68:42:a8:58:a3:
b3:97:11:d0:ba:e1:62:3d:d1:03:75:4c:e5:3c:69:12:40:d7:
af:0e:e6:57:7e:56:47:07:60:d2:b1:46:e2:f6:c0:0d:76:22:
bc:1c:99:09:79:2a:93:b1:76:27:7e:b7:ad:99:a0:62:53:2a:
44:aa:c9:1b:cb:82:b7:54:ff:a5:ac:35:d8:3a:5a:25:66:4a:
a9:d8:99:ee:26:c8:35:1c:d4:ce:77:2a:ce:23:bd:52:27:e1:
44:89:04:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyw3PNz+UHRAezjy/QDE7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjMwMTAyMTM1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2NkOTA4Y2QyZWI1MTY0NmQ3MmYxZWIyYmI3ZGZiZjQzNjI0MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQFJQORbVJXK8PVTpgtDAbDrjF9F
IYo9lk7rcGhzIqVxJP82hOk1F2l3Ep4AKB3BCNn5R8ylrkJS83AvOn+q7m7xYxYL
6WW8AKiZSNvzmFYU5BQiLKZSj3ydF9pUY8+yMBurnFj2nEEfBOAZMg/jc6cun8iU
n4AyiSmwZe35JL76leYykhFlEZym03Q1IdCmFBLFmewMS3XrX6IiLMt6oLldrllf
VPmxbptUQNlF68znMXCexU429t58cUgBR9zmr5wNr4nYWv+Jpx3gJisfH6ZbsbWQ
nj7kT5JpqmWH7uYd3YJBXAcfwUZ4Q3TXlcRZ5pMw6qdVMMPHK1ut1WLo9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJzNkIzS61FkbXLx6yu3379DYkDuMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvbk0yUWpOTHJVV1J0Y3ZIcks3ZmZ2ME5pUU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueH6MA0G
CSqGSIb3DQEBCwUAA4IBAQBx5CBMSJPJdyBPTXS5gunGn/5D6eiiP3Bx0DqOK+HM
tAJ02U2M2pUGNMpclm0znKle1wBbHLwEnMFrB5sMpfv/VhsUPBAJmxUQ+46V/kHO
oYlFOUyGK9u9Z1zl6OwgEvBiJMGLTz7qvn+nHIlGZ71fux4KktwsHJStZwuamA2g
ZW7fBmFg0xGnmEBe6ZkqU7wV8CCkZLp/4mVDk22GaEKoWKOzlxHQuuFiPdEDdUzl
PGkSQNevDuZXflZHB2DSsUbi9sANdiK8HJkJeSqTsXYnfretmaBiUypEqskby4K3
VP+lrDXYOlolZkqp2JnuJsg1HNTOdyrOI71SJ+FEiQQC
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:28:02 2024 by rpki-client on console-fra.rpki-client.org