Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/MXrcFkfq2gwKar4zz95gyXbYhH8.roa
File: MXrcFkfq2gwKar4zz95gyXbYhH8.roa (raw, json)
Hash identifier: x92gal2K6aTEdxxKRgs2uCf0MzyT7SUnS8ydrAOcXuM=
Subject key identifier: 31:7A:DC:16:47:EA:DA:0C:0A:6A:BE:33:CF:DE:60:C9:76:D8:84:7F
Certificate issuer: /CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Certificate serial: 018CC4250CA4086BA94B5FB544257554CB62
Authority key identifier: CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/MXrcFkfq2gwKar4zz95gyXbYhH8.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.64.73.0/24 maxlen: 24
185.64.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 09:34:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0c:a4:08:6b:a9:4b:5f:b5:44:25:75:54:cb:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdea4adee80b06519ce40dd3d13f28ba9f575957
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=317adc1647eada0c0a6abe33cfde60c976d8847f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:14:e5:2e:4b:e1:dc:40:41:b4:7c:e8:66:40:
28:4a:48:3d:fa:14:1e:c7:c0:02:61:de:d0:1c:96:
72:25:d6:9b:68:b7:e0:7c:00:4c:10:0a:f3:73:b8:
d4:ce:79:25:bd:87:25:e1:09:27:a3:2c:4c:bb:71:
6a:27:5f:dc:3d:88:c8:77:3c:f2:bf:11:eb:25:2e:
02:3f:e1:11:7a:67:93:bc:78:87:6a:06:92:66:20:
02:ec:fe:4f:80:69:44:79:d9:b3:d5:40:67:0f:48:
25:de:43:df:00:d4:51:08:f7:5f:d9:a6:fc:81:82:
bf:ee:19:cb:8a:ae:10:26:ef:3f:50:91:89:b3:a3:
8c:89:43:72:c6:3f:31:4e:54:11:d3:88:45:fe:f2:
4b:c7:64:fd:d0:3e:1d:f3:f8:36:04:5a:2f:44:5a:
d3:33:be:e2:3d:fb:40:2a:06:ec:da:3a:7c:66:f4:
4e:75:85:0e:04:9c:0b:9c:27:5e:17:23:bf:57:fe:
21:ad:2a:bb:38:85:b7:44:50:4d:37:15:fe:72:b4:
f3:c6:da:d4:41:20:e0:b7:93:fd:7f:0a:d5:9a:8d:
94:c1:f8:5b:d9:b2:42:c7:ac:58:1b:77:09:89:a6:
ef:03:26:0c:2f:9f:e6:ec:8e:cb:3d:7a:fd:a3:c9:
dc:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7A:DC:16:47:EA:DA:0C:0A:6A:BE:33:CF:DE:60:C9:76:D8:84:7F
X509v3 Authority Key Identifier:
keyid:CD:EA:4A:DE:E8:0B:06:51:9C:E4:0D:D3:D1:3F:28:BA:9F:57:59:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zepK3ugLBlGc5A3T0T8oup9XWVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/MXrcFkfq2gwKar4zz95gyXbYhH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5b5f0c-3c3d-4e20-b035-056c7bf6d7d8/1/zepK3ugLBlGc5A3T0T8oup9XWVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.73.0-185.64.74.255
Signature Algorithm: sha256WithRSAEncryption
2a:65:4a:41:c2:84:71:9c:c5:e1:2d:d1:01:40:70:b5:2e:35:
4a:e7:d6:f6:a3:cc:cd:74:b1:ce:b0:19:1b:d0:5f:db:b9:b5:
e2:2a:74:65:5a:91:ec:3c:bf:7c:56:44:f2:a0:77:c9:f8:08:
d8:03:38:bd:0b:95:d2:6d:b5:a0:6c:6b:5b:b6:45:6b:ee:fc:
bb:09:d9:87:9d:2f:34:29:aa:ba:7b:85:30:85:2d:d6:65:96:
c0:80:94:81:2c:22:52:08:a8:c7:a8:c3:d8:88:c9:21:e7:04:
f1:e2:17:8e:8e:f2:64:1d:71:b8:7c:e2:d7:3f:b6:65:4e:7a:
4a:59:eb:ac:f6:f3:56:f0:3a:ba:10:d9:75:5e:1c:ad:5e:53:
79:cd:c4:3a:4f:d6:3f:6a:cd:2a:3c:12:63:d8:57:0d:da:8a:
de:02:15:4d:fe:40:1c:35:53:9b:ce:3b:2f:cb:54:7a:b8:dc:
e7:8b:b5:b1:f7:05:a6:eb:64:7b:bd:02:1e:c8:7a:d4:7d:36:
7b:d5:00:9d:ed:bf:9d:41:19:0d:49:37:8e:f7:37:ab:b8:d1:
84:b9:c9:23:cd:86:01:5e:83:83:86:c1:81:28:f0:a9:47:2d:
59:9f:3c:11:0e:6d:0b:d1:45:12:6f:dd:21:b8:04:0e:00:5f:
d4:59:4d:64
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJQykCGupS1+1RCV1VMtiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZWE0YWRlZTgwYjA2NTE5Y2U0MGRkM2QxM2YyOGJhOWY1
NzU5NTcwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdhZGMxNjQ3ZWFkYTBjMGE2YWJlMzNjZmRlNjBjOTc2ZDg4NDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhTlLkvh3EBBtHzoZkAoSkg9+hQe
x8ACYd7QHJZyJdabaLfgfABMEArzc7jUznklvYcl4QknoyxMu3FqJ1/cPYjIdzzy
vxHrJS4CP+ERemeTvHiHagaSZiAC7P5PgGlEedmz1UBnD0gl3kPfANRRCPdf2ab8
gYK/7hnLiq4QJu8/UJGJs6OMiUNyxj8xTlQR04hF/vJLx2T90D4d8/g2BFovRFrT
M77iPftAKgbs2jp8ZvROdYUOBJwLnCdeFyO/V/4hrSq7OIW3RFBNNxX+crTzxtrU
QSDgt5P9fwrVmo2Uwfhb2bJCx6xYG3cJiabvAyYML5/m7I7LPXr9o8ncnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDF63BZH6toMCmq+M8/eYMl22IR/MB8GA1UdIwQY
MBaAFM3qSt7oCwZRnOQN09E/KLqfV1lXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUt
MDU2YzdiZjZkN2Q4LzEvTVhyY0ZrZnEyZ3dLYXI0eno5NWd5WGJZaEg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81YjVmMGMtM2MzZC00ZTIwLWIwMzUtMDU2YzdiZjZkN2Q4
LzEvemVwSzN1Z0xCbEdjNUEzVDBUOG91cDlYV1ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5QEkD
BAC5QEowDQYJKoZIhvcNAQELBQADggEBACplSkHChHGcxeEt0QFAcLUuNUrn1vaj
zM10sc6wGRvQX9u5teIqdGVakew8v3xWRPKgd8n4CNgDOL0LldJttaBsa1u2RWvu
/LsJ2YedLzQpqrp7hTCFLdZllsCAlIEsIlIIqMeow9iIySHnBPHiF46O8mQdcbh8
4tc/tmVOekpZ66z281bwOroQ2XVeHK1eU3nNxDpP1j9qzSo8EmPYVw3ait4CFU3+
QBw1U5vOOy/LVHq43OeLtbH3BabrZHu9Ah7IetR9NnvVAJ3tv51BGQ1JN473N6u4
0YS5ySPNhgFeg4OGwYEo8KlHLVmfPBEObQvRRRJv3SG4BA4AX9RZTWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:31 2024 by rpki-client on console-fra.rpki-client.org