Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/9364bf-01ab-447b-ab1a-1d772e2e6438/1/mSrOPVBMFAh7eZzYJu2NXo7uZAs.roa
File: mSrOPVBMFAh7eZzYJu2NXo7uZAs.roa (raw, json)
Hash identifier: IjZR4KJxvBYQ2hb8OMN7ARaHzT0WLtpCb/jUtEmNTgA=
Subject key identifier: 99:2A:CE:3D:50:4C:14:08:7B:79:9C:D8:26:ED:8D:5E:8E:EE:64:0B
Certificate issuer: /CN=12731f6d7e3e20ad9bf31b8acd606f0893b9fe04
Certificate serial: 01857246BDE83386D09E7804BAE4068BD7E2
Authority key identifier: 12:73:1F:6D:7E:3E:20:AD:9B:F3:1B:8A:CD:60:6F:08:93:B9:FE:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EnMfbX4-IK2b8xuKzWBvCJO5_gQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/9364bf-01ab-447b-ab1a-1d772e2e6438/1/mSrOPVBMFAh7eZzYJu2NXo7uZAs.roa
Signing time: Mon 02 Jan 2023 11:38:36 +0000
ROA not before: Mon 02 Jan 2023 11:38:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8820
IP address blocks: 92.119.104.0/22 maxlen: 24
2a09:b0c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:bd:e8:33:86:d0:9e:78:04:ba:e4:06:8b:d7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12731f6d7e3e20ad9bf31b8acd606f0893b9fe04
Validity
Not Before: Jan 2 11:38:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=992ace3d504c14087b799cd826ed8d5e8eee640b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:93:48:e0:b6:3c:44:2e:6a:7c:ac:4b:7d:ef:
7b:20:b8:f5:85:42:67:21:e8:c9:1a:ee:ef:f0:77:
5e:c1:e7:fa:73:d9:2f:00:40:12:7d:e1:24:8f:76:
f9:31:db:a1:e8:3d:b2:f5:49:77:8f:3b:54:4f:ca:
8e:a7:b5:c6:8b:f6:35:a5:31:15:1d:3a:0b:a5:5a:
48:1c:ac:9a:de:d5:83:77:12:9e:07:4a:2f:4f:b9:
17:6e:27:b2:41:80:af:ca:22:84:7f:bb:70:f2:3e:
69:10:36:48:20:85:95:5e:1d:0d:7c:fb:00:2b:55:
c6:5b:02:d1:bb:d1:e4:8c:7c:4c:12:47:6e:89:cb:
52:3d:cc:67:46:b4:9a:04:81:1a:e1:9f:73:a1:28:
97:bd:ca:81:49:ad:86:af:86:5d:b7:9e:b7:3f:d1:
f8:51:75:6d:3c:47:b2:2c:35:8c:7e:71:92:37:67:
5f:c5:2b:78:5d:92:ea:38:76:2a:0d:40:8e:c1:26:
00:27:36:91:6d:28:43:39:2a:11:1d:27:1a:0d:56:
9b:82:d7:40:9b:0c:af:0a:9e:84:04:00:26:9e:13:
09:2b:87:39:79:c4:9f:c8:ec:ba:73:15:20:29:28:
30:a9:70:3e:43:9e:a6:f0:71:34:43:6c:88:7f:30:
f6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2A:CE:3D:50:4C:14:08:7B:79:9C:D8:26:ED:8D:5E:8E:EE:64:0B
X509v3 Authority Key Identifier:
keyid:12:73:1F:6D:7E:3E:20:AD:9B:F3:1B:8A:CD:60:6F:08:93:B9:FE:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EnMfbX4-IK2b8xuKzWBvCJO5_gQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9364bf-01ab-447b-ab1a-1d772e2e6438/1/mSrOPVBMFAh7eZzYJu2NXo7uZAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/9364bf-01ab-447b-ab1a-1d772e2e6438/1/EnMfbX4-IK2b8xuKzWBvCJO5_gQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.104.0/22
IPv6:
2a09:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:47:f8:a7:cc:e6:ea:d1:70:b1:08:63:7e:6c:c3:62:e6:0a:
02:df:ed:a7:e0:5b:f9:b4:6d:20:28:aa:9d:ea:48:0f:1e:8c:
0f:0e:49:f9:1c:8d:57:2f:f2:a4:31:75:51:99:a3:d2:61:52:
4c:d9:2d:73:8e:d4:a0:8f:ec:b0:74:74:77:a5:59:dd:be:96:
c1:f8:e2:23:15:25:36:3a:77:d1:8e:fb:6c:38:d0:09:3f:8b:
a8:4e:15:23:ea:b3:d5:14:bb:3b:d2:da:51:0d:5c:d9:a1:d8:
70:2e:ec:b9:7c:6b:25:46:0b:d9:0d:c1:0f:d7:85:95:0e:a3:
6c:db:a6:73:d1:88:5b:83:b9:98:7d:d2:de:20:89:4d:81:26:
f9:b4:f7:79:06:e6:10:25:ad:ae:ae:8a:f8:af:a8:8c:d7:f8:
6e:e0:20:1d:13:eb:2b:59:75:96:2e:e8:08:64:20:95:39:49:
b9:c4:d5:89:cc:13:62:30:6c:f2:56:c4:95:43:51:f9:89:73:
06:e8:72:20:16:dc:26:d3:b8:ec:db:75:c8:40:af:02:9c:35:
e8:4a:e2:3e:69:8a:54:d1:99:1e:02:3a:ce:f3:71:ff:e2:0d:
6e:f9:fe:c2:86:05:99:fc:db:60:05:68:b3:39:19:82:5f:e3:
fc:f2:bb:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyRr3oM4bQnngEuuQGi9fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNzMxZjZkN2UzZTIwYWQ5YmYzMWI4YWNkNjA2ZjA4OTNi
OWZlMDQwHhcNMjMwMTAyMTEzODM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTJhY2UzZDUwNGMxNDA4N2I3OTljZDgyNmVkOGQ1ZThlZWU2NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJNI4LY8RC5qfKxLfe97ILj1hUJn
IejJGu7v8Hdewef6c9kvAEASfeEkj3b5Mduh6D2y9Ul3jztUT8qOp7XGi/Y1pTEV
HToLpVpIHKya3tWDdxKeB0ovT7kXbieyQYCvyiKEf7tw8j5pEDZIIIWVXh0NfPsA
K1XGWwLRu9HkjHxMEkduictSPcxnRrSaBIEa4Z9zoSiXvcqBSa2Gr4Zdt563P9H4
UXVtPEeyLDWMfnGSN2dfxSt4XZLqOHYqDUCOwSYAJzaRbShDOSoRHScaDVabgtdA
mwyvCp6EBAAmnhMJK4c5ecSfyOy6cxUgKSgwqXA+Q56m8HE0Q2yIfzD22wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJkqzj1QTBQIe3mc2CbtjV6O7mQLMB8GA1UdIwQY
MBaAFBJzH21+PiCtm/Mbis1gbwiTuf4EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW5NZmJYNC1JSzJiOHh1S3pXQnZDSk81X2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC85MzY0YmYtMDFhYi00NDdiLWFiMWEt
MWQ3NzJlMmU2NDM4LzEvbVNyT1BWQk1GQWg3ZVp6WUp1Mk5Ybzd1WkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC85MzY0YmYtMDFhYi00NDdiLWFiMWEtMWQ3NzJlMmU2NDM4
LzEvRW5NZmJYNC1JSzJiOHh1S3pXQnZDSk81X2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXHdoMA0E
AgACMAcDBQAqCbDAMA0GCSqGSIb3DQEBCwUAA4IBAQCgR/inzObq0XCxCGN+bMNi
5goC3+2n4Fv5tG0gKKqd6kgPHowPDkn5HI1XL/KkMXVRmaPSYVJM2S1zjtSgj+yw
dHR3pVndvpbB+OIjFSU2OnfRjvtsONAJP4uoThUj6rPVFLs70tpRDVzZodhwLuy5
fGslRgvZDcEP14WVDqNs26Zz0Yhbg7mYfdLeIIlNgSb5tPd5BuYQJa2uror4r6iM
1/hu4CAdE+srWXWWLugIZCCVOUm5xNWJzBNiMGzyVsSVQ1H5iXMG6HIgFtwm07js
23XIQK8CnDXoSuI+aYpU0ZkeAjrO83H/4g1u+f7ChgWZ/NtgBWizORmCX+P88ruC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:49 2024 by rpki-client on console-fra.rpki-client.org