Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/mfqULojmIp22nHh1Bcs6o_nPETY.roa
File: mfqULojmIp22nHh1Bcs6o_nPETY.roa (raw, json)
Hash identifier: eQVujoD2vitOYcMHKQ+O904ToToJKSpoIAyNJPV2vz0=
Subject key identifier: 99:FA:94:2E:88:E6:22:9D:B6:9C:78:75:05:CB:3A:A3:F9:CF:11:36
Certificate issuer: /CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Certificate serial: 018572311778111B919D6FBA1DB391632535
Authority key identifier: A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/mfqULojmIp22nHh1Bcs6o_nPETY.roa
Signing time: Mon 02 Jan 2023 11:14:57 +0000
ROA not before: Mon 02 Jan 2023 11:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60341
IP address blocks: 185.251.236.0/22 maxlen: 24
2a0c:1ec0::/29 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:31:17:78:11:1b:91:9d:6f:ba:1d:b3:91:63:25:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a538bb0c2b41efa8c3b02064ebc52fba92c23626
Validity
Not Before: Jan 2 11:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99fa942e88e6229db69c787505cb3aa3f9cf1136
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:23:2a:04:e6:79:24:b7:52:4c:dc:73:7a:83:
da:48:f3:c4:3c:5f:f9:c8:6f:1c:66:06:0e:dd:9b:
d6:66:66:84:2b:f5:f2:9e:75:dc:0f:1b:02:f8:c8:
60:95:e9:d5:0b:d6:be:e4:92:10:14:11:27:30:5d:
b1:1c:65:21:c1:c2:b4:ab:95:d3:f1:d0:d9:95:0c:
38:e5:6f:3d:fa:37:38:7d:68:b4:b9:0d:59:3a:24:
6c:f6:b6:b8:e5:91:46:27:40:37:e9:21:a5:a2:46:
7d:52:0b:bf:e0:0b:ca:28:18:12:bf:57:22:5a:2d:
81:46:2e:be:a2:09:3d:71:f1:bc:a3:bf:86:78:8b:
0a:27:b8:ba:1a:39:3a:89:90:35:5f:9e:5a:0a:ea:
f6:4e:8a:9f:a8:e5:8e:7e:c5:a3:af:f3:64:f1:c7:
11:e6:40:58:61:aa:c3:f2:9e:78:18:59:cb:f0:bd:
31:25:d1:38:7a:38:27:9a:09:ad:e3:77:2b:b8:58:
ec:46:e3:2d:33:c6:61:05:ad:1d:91:3f:05:b5:5c:
c9:f3:ee:00:85:81:22:33:76:5a:77:1c:d7:ab:88:
1e:30:68:01:03:9e:85:3b:5e:8d:19:bc:e3:a5:51:
b1:f1:56:36:20:0f:08:43:d6:0f:15:10:56:ba:b9:
3b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FA:94:2E:88:E6:22:9D:B6:9C:78:75:05:CB:3A:A3:F9:CF:11:36
X509v3 Authority Key Identifier:
keyid:A5:38:BB:0C:2B:41:EF:A8:C3:B0:20:64:EB:C5:2F:BA:92:C2:36:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTi7DCtB76jDsCBk68UvupLCNiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/mfqULojmIp22nHh1Bcs6o_nPETY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/ceba5c-e9d9-4e91-babc-67282d7138a0/1/pTi7DCtB76jDsCBk68UvupLCNiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.236.0/22
IPv6:
2a0c:1ec0::/29
Signature Algorithm: sha256WithRSAEncryption
59:f1:70:42:8c:ae:36:3a:3c:57:a6:f8:9d:d5:b0:0e:dc:87:
b0:c3:58:b3:f0:80:10:5e:23:55:7e:f6:18:b0:28:08:78:41:
ca:c1:11:4a:a1:2b:0f:62:ab:67:a0:86:0f:e0:46:81:da:d2:
3f:6e:04:cd:55:13:5c:85:33:68:6a:dd:38:99:91:dc:f7:47:
d5:a7:7f:cb:b5:90:67:07:b2:a2:bc:79:d0:dd:45:68:6a:27:
84:62:c9:96:57:28:5f:a3:3d:de:18:61:4f:5a:03:19:80:e2:
20:58:97:42:62:b3:e3:f3:07:d0:c5:c5:38:36:89:fd:28:f8:
e4:42:66:55:61:26:c4:e3:30:92:47:17:e0:e9:e2:c5:54:dc:
9f:31:f0:e9:54:96:cb:98:f3:db:17:d0:ef:71:78:5b:41:a4:
87:f8:e8:f3:94:5c:f6:2d:a6:8e:29:a9:3f:21:f6:0d:a1:92:
f7:b4:3f:58:84:16:0c:bc:09:a7:33:66:4a:16:d8:ca:01:5d:
09:8e:a8:b5:d7:f1:5f:4c:34:53:98:d4:88:b0:d7:f0:9b:50:
d0:e9:53:ed:61:1b:8f:bd:2c:f1:04:53:1e:9d:44:63:c1:08:
a6:07:b1:48:b1:6b:b5:7c:64:96:39:58:c4:c1:42:d6:3a:9f:
e5:ec:e2:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyMRd4ERuRnW+6HbORYyU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzhiYjBjMmI0MWVmYThjM2IwMjA2NGViYzUyZmJhOTJj
MjM2MjYwHhcNMjMwMTAyMTExNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZhOTQyZTg4ZTYyMjlkYjY5Yzc4NzUwNWNiM2FhM2Y5Y2YxMTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyMqBOZ5JLdSTNxzeoPaSPPEPF/5
yG8cZgYO3ZvWZmaEK/XynnXcDxsC+MhglenVC9a+5JIQFBEnMF2xHGUhwcK0q5XT
8dDZlQw45W89+jc4fWi0uQ1ZOiRs9ra45ZFGJ0A36SGlokZ9Ugu/4AvKKBgSv1ci
Wi2BRi6+ogk9cfG8o7+GeIsKJ7i6Gjk6iZA1X55aCur2ToqfqOWOfsWjr/Nk8ccR
5kBYYarD8p54GFnL8L0xJdE4ejgnmgmt43cruFjsRuMtM8ZhBa0dkT8FtVzJ8+4A
hYEiM3ZadxzXq4geMGgBA56FO16NGbzjpVGx8VY2IA8IQ9YPFRBWurk7DQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJn6lC6I5iKdtpx4dQXLOqP5zxE2MB8GA1UdIwQY
MBaAFKU4uwwrQe+ow7AgZOvFL7qSwjYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMt
NjcyODJkNzEzOGEwLzEvbWZxVUxvam1JcDIybkhoMUJjczZvX25QRVRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jZWJhNWMtZTlkOS00ZTkxLWJhYmMtNjcyODJkNzEzOGEw
LzEvcFRpN0RDdEI3NmpEc0NCazY4VXZ1cExDTmlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufvsMA0E
AgACMAcDBQMqDB7AMA0GCSqGSIb3DQEBCwUAA4IBAQBZ8XBCjK42OjxXpvid1bAO
3Ieww1iz8IAQXiNVfvYYsCgIeEHKwRFKoSsPYqtnoIYP4EaB2tI/bgTNVRNchTNo
at04mZHc90fVp3/LtZBnB7KivHnQ3UVoaieEYsmWVyhfoz3eGGFPWgMZgOIgWJdC
YrPj8wfQxcU4Non9KPjkQmZVYSbE4zCSRxfg6eLFVNyfMfDpVJbLmPPbF9DvcXhb
QaSH+OjzlFz2LaaOKak/IfYNoZL3tD9YhBYMvAmnM2ZKFtjKAV0Jjqi11/FfTDRT
mNSIsNfwm1DQ6VPtYRuPvSzxBFMenURjwQimB7FIsWu1fGSWOVjEwULWOp/l7OL8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org