Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/mLR6MXUsIsm15Id-5YbmmkMtcGA.roa
File: mLR6MXUsIsm15Id-5YbmmkMtcGA.roa (raw, json)
Hash identifier: S+iSWczidoWsCmWmZjR0gc0yfWQ7W6rxEaTUEYjEkc0=
Subject key identifier: 98:B4:7A:31:75:2C:22:C9:B5:E4:87:7E:E5:86:E6:9A:43:2D:70:60
Certificate issuer: /CN=fc961dfc5f70bf1b76f05e44a74ed0293125e4be
Certificate serial: 01856C4A7D392DE5C23811487EA1280E2923
Authority key identifier: FC:96:1D:FC:5F:70:BF:1B:76:F0:5E:44:A7:4E:D0:29:31:25:E4:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_JYd_F9wvxt28F5Ep07QKTEl5L4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/mLR6MXUsIsm15Id-5YbmmkMtcGA.roa
Signing time: Sun 01 Jan 2023 07:44:59 +0000
ROA not before: Sun 01 Jan 2023 07:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28850
IP address blocks: 195.190.158.0/24 maxlen: 24
194.59.185.0/24 maxlen: 24
194.116.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:7d:39:2d:e5:c2:38:11:48:7e:a1:28:0e:29:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc961dfc5f70bf1b76f05e44a74ed0293125e4be
Validity
Not Before: Jan 1 07:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98b47a31752c22c9b5e4877ee586e69a432d7060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c2:6e:ea:35:8f:40:b7:cd:67:78:eb:72:82:
d0:c9:1f:75:14:b8:4f:cf:32:a4:4b:c3:23:b8:e7:
45:1b:fb:7d:3a:35:13:4d:e4:af:ff:16:5d:47:e6:
7b:c0:47:b6:d1:92:69:21:1c:08:70:34:06:ab:a4:
78:23:3c:4a:b3:4f:f8:ed:48:74:a5:31:81:51:3c:
19:d2:0f:13:11:e9:2a:00:34:e0:1d:f8:39:d2:3e:
23:5d:0c:43:aa:08:19:45:e7:9d:6f:e6:ff:c3:8c:
a4:e1:ba:19:e3:8c:52:a9:2f:8a:4f:16:f9:0f:5e:
39:dd:82:2e:5b:f7:e6:a4:d4:d1:32:ad:7e:90:c4:
20:39:64:41:4c:45:71:71:be:1c:27:76:02:73:9a:
82:b2:36:6b:e9:a6:09:35:05:07:c0:ad:6f:96:6a:
8d:fc:93:33:e1:3a:c7:e6:be:3b:41:fa:b2:66:28:
d0:cc:2f:ae:6e:88:27:56:a2:74:a9:df:a1:44:23:
f3:07:b3:30:9c:85:d9:6b:09:12:a2:a6:ed:5c:49:
cc:54:bc:90:e6:49:c9:3b:26:ee:cc:a4:7a:83:d8:
e1:4e:54:ea:f4:1a:c8:63:fa:a0:09:ac:b4:15:c1:
a8:86:52:8d:ef:b9:b6:bd:4e:57:92:ac:73:1e:bc:
ab:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:B4:7A:31:75:2C:22:C9:B5:E4:87:7E:E5:86:E6:9A:43:2D:70:60
X509v3 Authority Key Identifier:
keyid:FC:96:1D:FC:5F:70:BF:1B:76:F0:5E:44:A7:4E:D0:29:31:25:E4:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_JYd_F9wvxt28F5Ep07QKTEl5L4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/mLR6MXUsIsm15Id-5YbmmkMtcGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/ffe8cc-7851-432d-8c02-5029d0c999b6/1/_JYd_F9wvxt28F5Ep07QKTEl5L4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.185.0/24
194.116.204.0/23
195.190.158.0/24
Signature Algorithm: sha256WithRSAEncryption
08:5b:81:24:07:99:f0:1b:11:59:65:16:fc:3d:a6:91:58:9d:
5d:db:c3:a2:de:d1:f4:26:3e:05:d6:d6:b2:b2:9b:b9:77:0c:
bd:3b:6e:79:22:78:5e:c8:e8:89:ab:3b:17:b3:f9:2d:47:c9:
4f:74:38:84:a8:82:16:a4:cc:36:94:fc:51:6c:0b:df:f2:e8:
7e:e5:bf:27:c8:30:a2:57:2b:95:e6:c5:51:27:61:ec:2a:86:
8f:7b:37:6e:01:16:b7:f6:1e:83:49:86:7f:29:72:7a:e6:e4:
28:60:a0:39:16:05:52:fe:3e:d7:db:df:b6:60:d3:d6:5d:43:
be:b9:41:80:ec:83:34:69:78:21:34:c7:d9:01:fc:71:85:76:
f9:97:2a:54:80:2c:94:3f:16:ae:8f:9a:ef:4b:12:29:39:0f:
91:e9:63:4f:56:77:30:8b:b4:80:19:5c:4b:af:30:a4:0a:53:
a2:c8:71:85:ba:b6:07:08:76:69:c9:c8:ef:3b:4a:5b:39:ca:
c0:f4:f5:02:62:2d:68:ab:e7:09:8c:8e:e0:29:e3:2a:62:79:
eb:20:df:19:e3:f3:09:c8:68:ba:ac:b6:f0:5a:7d:90:a0:e3:
31:c6:c4:61:05:c9:ba:ec:05:71:ca:2d:83:c5:a2:ee:97:e5:
11:76:53:fd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsSn05LeXCOBFIfqEoDikjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjOTYxZGZjNWY3MGJmMWI3NmYwNWU0NGE3NGVkMDI5MzEy
NWU0YmUwHhcNMjMwMTAxMDc0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGI0N2EzMTc1MmMyMmM5YjVlNDg3N2VlNTg2ZTY5YTQzMmQ3MDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2cJu6jWPQLfNZ3jrcoLQyR91FLhP
zzKkS8MjuOdFG/t9OjUTTeSv/xZdR+Z7wEe20ZJpIRwIcDQGq6R4IzxKs0/47Uh0
pTGBUTwZ0g8TEekqADTgHfg50j4jXQxDqggZReedb+b/w4yk4boZ44xSqS+KTxb5
D1453YIuW/fmpNTRMq1+kMQgOWRBTEVxcb4cJ3YCc5qCsjZr6aYJNQUHwK1vlmqN
/JMz4TrH5r47QfqyZijQzC+ubognVqJ0qd+hRCPzB7MwnIXZawkSoqbtXEnMVLyQ
5knJOybuzKR6g9jhTlTq9BrIY/qgCay0FcGohlKN77m2vU5XkqxzHryrJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJi0ejF1LCLJteSHfuWG5ppDLXBgMB8GA1UdIwQY
MBaAFPyWHfxfcL8bdvBeRKdO0CkxJeS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0pZZF9GOXd2eHQyOEY1RXAwN1FLVEVsNUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mZmU4Y2MtNzg1MS00MzJkLThjMDIt
NTAyOWQwYzk5OWI2LzEvbUxSNk1YVXNJc20xNUlkLTVZYm1ta010Y0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mZmU4Y2MtNzg1MS00MzJkLThjMDItNTAyOWQwYzk5OWI2
LzEvX0pZZF9GOXd2eHQyOEY1RXAwN1FLVEVsNUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwju5AwQB
wnTMAwQAw76eMA0GCSqGSIb3DQEBCwUAA4IBAQAIW4EkB5nwGxFZZRb8PaaRWJ1d
28Oi3tH0Jj4F1tayspu5dwy9O255InheyOiJqzsXs/ktR8lPdDiEqIIWpMw2lPxR
bAvf8uh+5b8nyDCiVyuV5sVRJ2HsKoaPezduARa39h6DSYZ/KXJ65uQoYKA5FgVS
/j7X29+2YNPWXUO+uUGA7IM0aXghNMfZAfxxhXb5lypUgCyUPxauj5rvSxIpOQ+R
6WNPVncwi7SAGVxLrzCkClOiyHGFurYHCHZpycjvO0pbOcrA9PUCYi1oq+cJjI7g
KeMqYnnrIN8Z4/MJyGi6rLbwWn2QoOMxxsRhBcm67AVxyi2DxaLul+URdlP9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:16 2024 by rpki-client on console-ams.rpki-client.org