Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/mqZFblmtuXl1QNHPJb32aOV_WPM.roa
File: mqZFblmtuXl1QNHPJb32aOV_WPM.roa (raw, json)
Hash identifier: taahmQUwH7xOfs6nvpnlgDc9xC3NX0QgcachL+KefWo=
Subject key identifier: 9A:A6:45:6E:59:AD:B9:79:75:40:D1:CF:25:BD:F6:68:E5:7F:58:F3
Certificate issuer: /CN=6810aa89239242dacc9d03e3af22d4e87a783414
Certificate serial: 01856CC15F434D09450CF008198ADE996A73
Authority key identifier: 68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/mqZFblmtuXl1QNHPJb32aOV_WPM.roa
Signing time: Sun 01 Jan 2023 09:54:50 +0000
ROA not before: Sun 01 Jan 2023 09:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51093
IP address blocks: 185.108.16.0/24 maxlen: 24
212.48.224.0/22 maxlen: 24
212.48.232.0/24 maxlen: 24
212.48.228.0/22 maxlen: 24
2a06:300::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:5f:43:4d:09:45:0c:f0:08:19:8a:de:99:6a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6810aa89239242dacc9d03e3af22d4e87a783414
Validity
Not Before: Jan 1 09:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9aa6456e59adb9797540d1cf25bdf668e57f58f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:20:13:26:9e:06:f7:07:fa:0f:32:82:3b:d8:
84:90:43:ac:73:f7:db:a4:f0:85:ed:d9:71:f0:be:
38:61:76:26:b1:e1:2f:2a:a8:e8:eb:2f:37:f8:62:
ac:72:f2:d1:d7:c2:73:18:57:36:fa:e3:fa:10:91:
b1:6e:41:9b:45:97:36:64:e2:9b:da:d3:50:13:e7:
3c:fb:89:73:ca:9f:1d:da:d8:c5:df:63:a3:c0:3e:
e9:f6:e7:84:ca:26:15:f6:07:da:e2:b2:67:29:3a:
30:23:07:1a:8f:22:70:13:79:1e:1e:a0:52:18:da:
50:e8:3d:2b:60:2d:f6:c9:c4:86:15:99:2e:2c:b9:
23:00:70:52:10:52:58:57:55:d4:fa:e9:8e:d2:77:
9a:02:34:5f:64:46:e4:3c:45:dd:f6:90:31:b4:a3:
d1:3c:27:82:c8:9f:9d:a1:d6:ca:bd:42:2b:11:fa:
6f:4f:a3:79:32:53:75:19:95:ec:80:db:cb:47:cb:
dd:67:1f:9d:3c:3f:73:b0:ef:6f:cc:5e:fd:17:4f:
9b:15:53:0a:35:3c:d8:c8:bd:17:f9:2e:7a:84:0a:
67:b2:cb:94:97:02:44:fa:2b:ac:22:6d:9d:c9:8f:
6f:70:4e:93:02:a7:12:5d:93:e6:37:a2:49:9b:d6:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:A6:45:6E:59:AD:B9:79:75:40:D1:CF:25:BD:F6:68:E5:7F:58:F3
X509v3 Authority Key Identifier:
keyid:68:10:AA:89:23:92:42:DA:CC:9D:03:E3:AF:22:D4:E8:7A:78:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/mqZFblmtuXl1QNHPJb32aOV_WPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0244e4-73e3-449d-a06a-1f689935b90f/1/aBCqiSOSQtrMnQPjryLU6Hp4NBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.16.0/24
212.48.224.0-212.48.232.255
IPv6:
2a06:300::/29
Signature Algorithm: sha256WithRSAEncryption
44:e7:3e:0e:5d:9a:ac:ff:f1:85:a0:59:2a:30:cf:0c:4b:7e:
d7:2b:dd:03:b3:ba:5e:37:cf:79:c2:5a:b6:da:3b:d0:d0:e8:
e4:32:3a:d7:68:04:12:3d:35:4a:cd:84:a0:cc:be:78:75:bb:
30:3a:56:a7:91:aa:bb:09:d0:6d:6c:6e:80:99:ab:4f:f9:31:
29:97:f9:ff:70:32:28:c0:0c:2e:a2:04:25:ca:45:6a:8f:68:
bb:20:9a:9e:75:3a:52:02:b1:f1:25:9a:ff:b3:e7:fd:68:c1:
2a:7e:f8:05:aa:b1:67:02:2f:e0:d8:68:f9:c2:f9:30:fd:be:
3c:6d:e7:64:1f:16:af:11:d3:7a:42:db:8e:06:38:ee:ac:96:
41:80:48:d0:ed:8b:9e:c8:6f:03:6a:f1:08:e9:93:46:c7:22:
7f:94:71:0f:14:e1:4a:f3:58:91:16:71:1d:93:15:1e:ff:7d:
cc:68:a4:63:b8:c7:9f:10:81:2a:10:27:92:04:fd:62:85:b6:
79:01:5e:ed:44:e5:95:74:1e:e6:df:ba:5f:7b:f8:cc:ce:db:
48:f5:6e:62:41:2a:8c:44:4c:2f:cf:53:62:af:25:8c:11:54:
ba:c3:ea:f1:27:12:33:14:84:8d:51:39:4a:3a:6b:56:01:66:
91:a6:1f:37
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVswV9DTQlFDPAIGYremWpzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MTBhYTg5MjM5MjQyZGFjYzlkMDNlM2FmMjJkNGU4N2E3
ODM0MTQwHhcNMjMwMTAxMDk1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWE2NDU2ZTU5YWRiOTc5NzU0MGQxY2YyNWJkZjY2OGU1N2Y1OGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyATJp4G9wf6DzKCO9iEkEOsc/fb
pPCF7dlx8L44YXYmseEvKqjo6y83+GKscvLR18JzGFc2+uP6EJGxbkGbRZc2ZOKb
2tNQE+c8+4lzyp8d2tjF32OjwD7p9ueEyiYV9gfa4rJnKTowIwcajyJwE3keHqBS
GNpQ6D0rYC32ycSGFZkuLLkjAHBSEFJYV1XU+umO0neaAjRfZEbkPEXd9pAxtKPR
PCeCyJ+dodbKvUIrEfpvT6N5MlN1GZXsgNvLR8vdZx+dPD9zsO9vzF79F0+bFVMK
NTzYyL0X+S56hApnssuUlwJE+iusIm2dyY9vcE6TAqcSXZPmN6JJm9YSoQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJqmRW5Zrbl5dUDRzyW99mjlf1jzMB8GA1UdIwQY
MBaAFGgQqokjkkLazJ0D468i1Oh6eDQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEt
MWY2ODk5MzViOTBmLzEvbXFaRmJsbXR1WGwxUU5IUEpiMzJhT1ZfV1BNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wMjQ0ZTQtNzNlMy00NDlkLWEwNmEtMWY2ODk5MzViOTBm
LzEvYUJDcWlTT1NRdHJNblFQanJ5TFU2SHA0TkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAuWwQMAwD
BAXUMOADBADUMOgwDQQCAAIwBwMFAyoGAwAwDQYJKoZIhvcNAQELBQADggEBAETn
Pg5dmqz/8YWgWSowzwxLftcr3QOzul43z3nCWrbaO9DQ6OQyOtdoBBI9NUrNhKDM
vnh1uzA6VqeRqrsJ0G1sboCZq0/5MSmX+f9wMijADC6iBCXKRWqPaLsgmp51OlIC
sfElmv+z5/1owSp++AWqsWcCL+DYaPnC+TD9vjxt52QfFq8R03pC244GOO6slkGA
SNDti57IbwNq8Qjpk0bHIn+UcQ8U4UrzWJEWcR2TFR7/fcxopGO4x58QgSoQJ5IE
/WKFtnkBXu1E5ZV0Hubful97+MzO20j1bmJBKoxETC/PU2KvJYwRVLrD6vEnEjMU
hI1ROUo6a1YBZpGmHzc=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:54 2023 by rpki-client on console.sobornost.net