Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mt0bt9zccg05CNuZAOFNCGH7_wc.roa
File: mt0bt9zccg05CNuZAOFNCGH7_wc.roa (raw, json)
Hash identifier: 1AT5n7gxJumbmdcdwy8Kn2OCOWS+ceTy57bRRV9Uids=
Subject key identifier: 9A:DD:1B:B7:DC:DC:72:0D:39:08:DB:99:00:E1:4D:08:61:FB:FF:07
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 01856D0A823C04A841B60B7452C3B1B2F0D3
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mt0bt9zccg05CNuZAOFNCGH7_wc.roa
Signing time: Sun 01 Jan 2023 11:14:43 +0000
ROA not before: Sun 01 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57643
IP address blocks: 185.188.164.0/22 maxlen: 22
185.174.120.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:82:3c:04:a8:41:b6:0b:74:52:c3:b1:b2:f0:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9add1bb7dcdc720d3908db9900e14d0861fbff07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a2:11:9f:78:99:89:9f:31:d1:7a:cb:7e:ad:
61:3d:69:b2:62:41:68:74:fa:34:86:88:84:a7:3c:
7b:16:d1:66:4f:78:c4:78:01:9f:b1:00:0c:08:fb:
a6:60:8a:8d:2f:eb:1c:5a:80:99:92:26:18:ca:fd:
35:7f:6f:da:2c:a9:b0:1c:65:34:78:a6:fe:d7:ad:
8b:cb:d4:0e:13:3b:9f:3d:2f:d3:dc:ef:2f:8f:a6:
a7:84:bd:c3:df:88:23:4d:bd:54:ad:f3:a8:74:dc:
f9:6f:c0:17:8a:db:89:7d:10:53:b4:0f:07:66:13:
1c:21:4a:44:64:72:ad:22:56:15:80:7e:1e:94:20:
eb:51:7e:a3:d4:84:67:73:77:6f:ee:f2:6a:2a:a8:
0b:4f:8b:8b:a2:0c:a9:ef:39:84:82:c5:d0:81:81:
1b:9c:c9:cb:63:e5:a1:4b:df:86:3a:1f:ac:d4:1b:
72:03:58:02:f4:3a:b7:a6:93:95:91:f4:ad:67:5a:
bf:d4:a0:fd:c8:33:4e:3f:f5:b7:91:6c:6f:2c:8d:
90:3b:62:7f:8c:e7:f0:e6:c7:da:41:7c:24:ba:12:
18:7c:b6:47:6c:cd:51:89:e8:69:6e:d5:f1:b5:49:
1a:32:69:70:14:2a:79:3b:5a:05:48:1a:40:2c:84:
96:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:DD:1B:B7:DC:DC:72:0D:39:08:DB:99:00:E1:4D:08:61:FB:FF:07
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mt0bt9zccg05CNuZAOFNCGH7_wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.120.0/22
185.188.164.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:09:aa:d0:a9:51:05:67:c9:7c:34:df:8a:97:f5:16:84:ae:
4b:95:05:bb:bf:77:7d:fa:a9:5c:86:a7:3d:6b:bb:b7:9a:5f:
87:69:40:9e:73:f9:50:ef:dd:5c:ca:f0:43:53:63:2e:61:92:
33:1e:e5:31:27:10:c2:0b:74:03:49:04:0b:18:b3:dc:0a:c9:
ad:3f:21:73:9a:dd:04:c6:be:2d:ec:cd:63:06:36:1b:a0:4f:
ef:79:7e:b0:29:7e:b3:e5:7d:0d:04:b9:a6:ed:d6:da:58:2e:
8a:2a:ee:39:f3:6f:04:79:6e:e4:c6:af:d6:af:66:d6:40:f6:
ed:69:6a:d7:24:7a:0a:96:f8:5a:58:e2:11:1f:48:c5:f6:42:
e3:68:9f:df:02:b4:28:a2:86:71:ba:1c:d8:65:51:c3:e8:da:
a4:b0:b4:31:78:d0:97:19:03:31:97:f4:03:be:c3:56:35:0e:
3b:61:b5:0d:d5:d2:d2:45:19:a7:e6:df:14:5f:0d:cf:2f:98:
c0:ac:e8:56:79:af:12:f7:71:3d:22:ae:2e:23:7e:c5:79:ff:
34:41:0a:c8:4b:ec:4f:67:4e:b0:1e:64:9e:2b:33:74:ac:88:
9a:51:07:2c:ba:2a:07:e8:fd:18:20:ed:d5:0b:95:5c:f8:be:
88:a1:1b:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCoI8BKhBtgt0UsOxsvDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjMwMTAxMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWRkMWJiN2RjZGM3MjBkMzkwOGRiOTkwMGUxNGQwODYxZmJmZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqIRn3iZiZ8x0XrLfq1hPWmyYkFo
dPo0hoiEpzx7FtFmT3jEeAGfsQAMCPumYIqNL+scWoCZkiYYyv01f2/aLKmwHGU0
eKb+162Ly9QOEzufPS/T3O8vj6anhL3D34gjTb1UrfOodNz5b8AXituJfRBTtA8H
ZhMcIUpEZHKtIlYVgH4elCDrUX6j1IRnc3dv7vJqKqgLT4uLogyp7zmEgsXQgYEb
nMnLY+WhS9+GOh+s1BtyA1gC9Dq3ppOVkfStZ1q/1KD9yDNOP/W3kWxvLI2QO2J/
jOfw5sfaQXwkuhIYfLZHbM1RiehpbtXxtUkaMmlwFCp5O1oFSBpALISW2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJrdG7fc3HINOQjbmQDhTQhh+/8HMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvbXQwYnQ5emNjZzA1Q051WkFPRk5DR0g3X3djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua54AwQC
ubykMA0GCSqGSIb3DQEBCwUAA4IBAQANCarQqVEFZ8l8NN+Kl/UWhK5LlQW7v3d9
+qlchqc9a7u3ml+HaUCec/lQ791cyvBDU2MuYZIzHuUxJxDCC3QDSQQLGLPcCsmt
PyFzmt0Exr4t7M1jBjYboE/veX6wKX6z5X0NBLmm7dbaWC6KKu45828EeW7kxq/W
r2bWQPbtaWrXJHoKlvhaWOIRH0jF9kLjaJ/fArQoooZxuhzYZVHD6NqksLQxeNCX
GQMxl/QDvsNWNQ47YbUN1dLSRRmn5t8UXw3PL5jArOhWea8S93E9Iq4uI37Fef80
QQrIS+xPZ06wHmSeKzN0rIiaUQcsuioH6P0YIO3VC5Vc+L6IoRsS
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:55:33 2024 by rpki-client on console.sobornost.net