Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/mdcyhb3iUvvb4dXQGzE1QxY8m5E.roa
File: mdcyhb3iUvvb4dXQGzE1QxY8m5E.roa (raw, json)
Hash identifier: sXnmFK2oHDT/lEgnNv3DVwEI0FPLF+JfeZtQybNB3cQ=
Subject key identifier: 99:D7:32:85:BD:E2:52:FB:DB:E1:D5:D0:1B:31:35:43:16:3C:9B:91
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018C34969C33E7D27EE9F45CBF3C3AF90C38
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/mdcyhb3iUvvb4dXQGzE1QxY8m5E.roa
Signing time: Mon 04 Dec 2023 11:28:54 +0000
ROA not before: Mon 04 Dec 2023 11:28:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63018
IP address blocks: 194.110.173.0/24 maxlen: 24
2a09:ff00:102::/48 maxlen: 48
2a09:ff00:101::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:96:9c:33:e7:d2:7e:e9:f4:5c:bf:3c:3a:f9:0c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 4 11:28:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99d73285bde252fbdbe1d5d01b313543163c9b91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:ff:60:52:84:11:3c:33:18:74:d5:35:f3:
bc:13:9c:4e:f5:b1:94:9b:6e:80:df:99:f9:c8:65:
dd:5e:49:c7:bf:53:43:0f:fd:75:99:1a:b4:0b:25:
2d:7e:0b:3b:9a:4d:62:d2:88:19:9f:5d:73:d8:11:
79:aa:b4:1c:de:e1:79:63:7c:c0:a6:20:69:c9:23:
4f:36:71:2c:dd:13:d1:20:53:3f:1a:70:62:c0:37:
f8:c4:1d:77:fa:80:b6:a7:e1:28:d3:21:e7:65:df:
78:22:92:70:a2:e0:dc:a1:3c:0c:05:1f:a0:45:57:
31:f4:e8:58:b4:00:b0:3d:5f:8a:12:71:4f:20:f2:
17:1b:20:2a:04:23:6c:4c:75:70:43:8d:8b:71:17:
41:42:28:c2:61:86:b5:d4:97:3d:31:1d:c1:17:fc:
35:51:8b:45:31:8c:f0:34:73:5d:0f:d3:05:08:3c:
db:32:6f:1f:7d:2e:31:4d:49:be:49:26:59:37:85:
a8:30:7d:5b:03:b3:69:5d:f1:46:3c:1b:8c:97:d7:
13:1a:25:21:e7:1f:77:4c:2c:38:0c:c3:9f:10:e3:
81:71:c0:d6:4e:e8:b3:ae:c4:f7:52:6a:6a:d4:22:
1b:19:d6:19:88:6a:7c:cb:0d:d0:df:04:6d:c2:ee:
e2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D7:32:85:BD:E2:52:FB:DB:E1:D5:D0:1B:31:35:43:16:3C:9B:91
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/mdcyhb3iUvvb4dXQGzE1QxY8m5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.173.0/24
IPv6:
2a09:ff00:101::-2a09:ff00:102:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
33:b4:23:03:0d:b8:90:ab:e6:eb:24:71:f9:23:6f:8d:3a:b7:
67:86:c9:9b:05:5b:e5:41:d7:c4:54:31:fe:bf:3d:c8:ec:b0:
7a:b1:63:cc:a8:80:4e:7d:fd:09:c6:d9:de:da:98:b3:2f:12:
16:b9:f7:ba:90:35:a4:f9:a2:a2:7f:24:f2:0e:33:4f:65:cd:
84:1e:21:11:28:a9:a9:04:c8:d1:6d:6e:a8:15:ad:bd:a2:15:
cd:12:2c:43:f9:0a:48:7f:f1:e1:21:d2:40:3e:e9:fe:f1:13:
1a:57:d1:c3:5a:b8:ba:81:fb:f4:5e:12:f7:e1:a5:99:82:3c:
d3:af:59:58:53:ba:13:00:89:43:b8:c7:c6:7a:d3:28:ce:dd:
a7:b0:24:d9:de:d0:83:30:59:a0:51:bd:37:ce:d6:97:6f:4d:
be:ff:ea:65:e3:82:b5:3f:6f:92:51:2a:ef:38:14:67:fa:a6:
7b:14:3f:c6:69:26:10:a8:54:d4:41:8f:ac:54:1f:f4:b7:9a:
8f:a8:ab:a7:cb:e8:7d:ab:27:db:79:e1:21:59:45:15:5d:db:
ef:cd:66:64:ef:a6:d2:cc:84:94:25:f4:9c:36:a7:3a:ab:da:
34:cc:b7:3d:5a:2a:f6:83:5b:5f:18:4f:98:64:93:de:b3:d1:
9c:bf:23:55
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYw0lpwz59J+6fRcvzw6+Qw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMxMjA0MTEyODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ3MzI4NWJkZTI1MmZiZGJlMWQ1ZDAxYjMxMzU0MzE2M2M5YjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA247/YFKEETwzGHTVNfO8E5xO9bGU
m26A35n5yGXdXknHv1NDD/11mRq0CyUtfgs7mk1i0ogZn11z2BF5qrQc3uF5Y3zA
piBpySNPNnEs3RPRIFM/GnBiwDf4xB13+oC2p+Eo0yHnZd94IpJwouDcoTwMBR+g
RVcx9OhYtACwPV+KEnFPIPIXGyAqBCNsTHVwQ42LcRdBQijCYYa11Jc9MR3BF/w1
UYtFMYzwNHNdD9MFCDzbMm8ffS4xTUm+SSZZN4WoMH1bA7NpXfFGPBuMl9cTGiUh
5x93TCw4DMOfEOOBccDWTuizrsT3Umpq1CIbGdYZiGp8yw3Q3wRtwu7idwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJnXMoW94lL72+HV0BsxNUMWPJuRMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvbWRjeWhiM2lVdnZiNGRYUUd6RTFReFk4bTVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAwm6tMBoE
AgACMBQwEgMHACoJ/wABAQMHACoJ/wABAjANBgkqhkiG9w0BAQsFAAOCAQEAM7Qj
Aw24kKvm6yRx+SNvjTq3Z4bJmwVb5UHXxFQx/r89yOywerFjzKiATn39CcbZ3tqY
sy8SFrn3upA1pPmion8k8g4zT2XNhB4hESipqQTI0W1uqBWtvaIVzRIsQ/kKSH/x
4SHSQD7p/vETGlfRw1q4uoH79F4S9+GlmYI8069ZWFO6EwCJQ7jHxnrTKM7dp7Ak
2d7QgzBZoFG9N87Wl29Nvv/qZeOCtT9vklEq7zgUZ/qmexQ/xmkmEKhU1EGPrFQf
9Leaj6irp8vofasn23nhIVlFFV3b781mZO+m0syElCX0nDanOqvaNMy3PVoq9oNb
XxhPmGST3rPRnL8jVQ==
-----END CERTIFICATE-----
Generated at Mon Jan 1 09:30:58 2024 by rpki-client on console-ams.rpki-client.org