Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/mhFmsQaKw4gkf8-gFRYnhcQPwaw.roa
File: mhFmsQaKw4gkf8-gFRYnhcQPwaw.roa (raw, json)
Hash identifier: v+iRHAJUaXPORRtswDr4KpGplpT7Taa6iBCyFaZNb5Y=
Subject key identifier: 9A:11:66:B1:06:8A:C3:88:24:7F:CF:A0:15:16:27:85:C4:0F:C1:AC
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFF76F80ACB72F6E70BF7D13803E5
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/mhFmsQaKw4gkf8-gFRYnhcQPwaw.roa
Signing time: Sun 01 Jan 2023 09:34:46 +0000
ROA not before: Sun 01 Jan 2023 09:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47692
IP address blocks: 151.236.31.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:ff:76:f8:0a:cb:72:f6:e7:0b:f7:d1:38:03:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1166b1068ac388247fcfa015162785c40fc1ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:61:4f:b0:ff:2c:78:55:97:30:29:21:2f:44:
c4:86:5e:62:f0:d4:30:2a:88:96:6d:80:7b:3c:64:
29:8e:30:65:54:93:6e:a5:20:da:aa:62:20:82:95:
7b:78:32:ef:64:96:0c:fe:8d:68:26:0a:62:a0:07:
bf:ca:0f:45:1e:f8:0b:a2:ec:b0:5c:74:d7:b2:ec:
25:0e:eb:b6:c9:de:36:89:96:85:b3:78:23:fc:0d:
34:a3:a6:2a:54:49:f4:e9:d7:c2:92:db:ee:83:c3:
a0:3f:1f:a8:81:5c:aa:fc:7c:02:0e:09:14:54:7d:
cf:8c:4d:34:0d:16:55:93:69:7d:00:bc:e1:ab:bc:
c8:22:42:f5:92:26:9b:4b:9b:cb:9f:9c:45:d4:00:
f9:4b:a5:9f:b8:d9:16:d5:cd:5f:bd:37:dd:cb:3e:
37:cf:09:85:07:5c:46:dc:16:fe:bf:b9:8a:f9:b8:
ff:91:29:ba:94:07:7d:f7:53:82:b0:60:0d:38:4d:
5b:32:ed:bd:a2:0c:85:75:2d:ab:d4:9c:b0:2e:d2:
83:75:68:f4:68:54:ed:85:5e:5b:16:c5:bc:86:33:
a5:3d:77:ea:c9:8f:7e:1f:61:ea:9c:92:76:1b:b1:
82:7a:ac:6d:61:a9:0d:41:e5:54:31:eb:5b:d4:55:
14:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:11:66:B1:06:8A:C3:88:24:7F:CF:A0:15:16:27:85:C4:0F:C1:AC
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/mhFmsQaKw4gkf8-gFRYnhcQPwaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.31.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:2d:e6:5c:97:aa:02:11:53:c8:ae:38:7d:85:ef:36:1d:0b:
21:0e:68:8d:27:df:2e:10:2f:f7:6e:b0:c3:6e:a5:43:02:00:
c8:86:c8:6f:a1:d3:29:0a:ad:83:93:8d:6a:94:7c:7b:4c:16:
4a:2f:b9:71:1f:92:f0:f3:a6:2a:25:11:8a:0b:31:ea:57:90:
97:a5:5d:56:43:07:03:73:8d:0c:b6:7a:20:20:88:fb:da:d0:
48:14:55:13:fd:8c:8a:c4:bc:4a:e7:f7:cc:1a:79:5a:9d:5c:
80:b8:87:e9:59:34:74:d1:6d:1b:15:4a:20:03:59:6d:b0:64:
fb:93:15:01:08:f9:11:57:de:ff:81:15:fb:d0:99:11:9b:9e:
98:83:91:df:d8:15:70:b1:94:c0:b4:a8:37:53:7c:08:26:6c:
53:5f:ff:9a:15:18:ca:70:c7:f9:5d:d5:cb:1c:b3:9a:ff:d0:
ec:4d:38:dc:ce:a8:da:a7:df:15:78:95:a6:ca:4a:24:51:7a:
41:7f:08:2a:22:a1:21:dc:2a:cb:18:8f:31:4d:69:84:ed:e6:
10:01:6c:2e:4f:d5:02:91:df:c6:f2:54:b5:13:da:6e:90:38:
80:0c:1b:f7:8a:9c:e7:c4:59:87:d5:b0:3e:ed:97:03:77:8c:
ef:04:36:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsrv92+ArLcvbnC/fROAPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTExNjZiMTA2OGFjMzg4MjQ3ZmNmYTAxNTE2Mjc4NWM0MGZjMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6WFPsP8seFWXMCkhL0TEhl5i8NQw
KoiWbYB7PGQpjjBlVJNupSDaqmIggpV7eDLvZJYM/o1oJgpioAe/yg9FHvgLouyw
XHTXsuwlDuu2yd42iZaFs3gj/A00o6YqVEn06dfCktvug8OgPx+ogVyq/HwCDgkU
VH3PjE00DRZVk2l9ALzhq7zIIkL1kiabS5vLn5xF1AD5S6WfuNkW1c1fvTfdyz43
zwmFB1xG3Bb+v7mK+bj/kSm6lAd991OCsGANOE1bMu29ogyFdS2r1JywLtKDdWj0
aFTthV5bFsW8hjOlPXfqyY9+H2HqnJJ2G7GCeqxtYakNQeVUMetb1FUUYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoRZrEGisOIJH/PoBUWJ4XED8GsMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvbWhGbXNRYUt3NGdrZjgtZ0ZSWW5oY1FQd2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl+wfMA0G
CSqGSIb3DQEBCwUAA4IBAQAOLeZcl6oCEVPIrjh9he82HQshDmiNJ98uEC/3brDD
bqVDAgDIhshvodMpCq2Dk41qlHx7TBZKL7lxH5Lw86YqJRGKCzHqV5CXpV1WQwcD
c40MtnogIIj72tBIFFUT/YyKxLxK5/fMGnlanVyAuIfpWTR00W0bFUogA1ltsGT7
kxUBCPkRV97/gRX70JkRm56Yg5Hf2BVwsZTAtKg3U3wIJmxTX/+aFRjKcMf5XdXL
HLOa/9DsTTjczqjap98VeJWmykokUXpBfwgqIqEh3CrLGI8xTWmE7eYQAWwuT9UC
kd/G8lS1E9pukDiADBv3ipznxFmH1bA+7ZcDd4zvBDY9
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:24 2024 by rpki-client on console-ams.rpki-client.org