Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MpPNFjaP8RJH7x-xzSweDC8ns98.roa
File: MpPNFjaP8RJH7x-xzSweDC8ns98.roa (raw, json)
Hash identifier: +1a1u7DA0XgVx+IorKVokRrfKmXG+krzbJt20pHnB9I=
Subject key identifier: 32:93:CD:16:36:8F:F1:12:47:EF:1F:B1:CD:2C:1E:0C:2F:27:B3:DF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BF700B97E477C68B0139CA32B60EA1BC7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MpPNFjaP8RJH7x-xzSweDC8ns98.roa
Signing time: Wed 22 Nov 2023 12:28:21 +0000
ROA not before: Wed 22 Nov 2023 12:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60528
IP address blocks: 87.120.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:00:b9:7e:47:7c:68:b0:13:9c:a3:2b:60:ea:1b:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 22 12:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3293cd16368ff11247ef1fb1cd2c1e0c2f27b3df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0d:05:c1:17:2e:f6:8d:79:84:19:46:ca:8d:
c7:94:10:ac:7a:6f:2b:cb:bc:01:16:0e:fa:23:9e:
48:09:fd:d8:87:eb:4c:08:df:e7:69:b3:dd:10:14:
a0:17:a9:5b:f8:52:ed:29:1c:46:13:f3:2e:4a:a3:
29:f0:77:36:f7:49:12:9b:5d:26:2b:d2:9c:83:99:
95:b1:8b:b9:cf:d0:5b:db:56:f6:dd:b5:6f:3c:48:
f5:8c:c1:db:7d:63:03:a7:14:a2:82:35:4a:7e:7f:
84:53:86:cb:d6:a7:d1:43:c0:35:56:77:3c:42:07:
aa:7b:06:84:ee:17:99:e3:17:4c:5c:38:6e:86:fa:
a5:b6:bb:b6:29:a3:ef:54:3a:44:ed:ca:a0:7a:b5:
05:d2:fd:69:cb:0c:04:6c:b1:c5:55:70:26:44:b8:
ed:f4:07:57:b3:bf:ae:ca:32:de:7a:a2:64:3f:1d:
5a:e9:bc:9e:df:0b:ea:bc:00:cf:65:47:d7:ff:56:
12:42:d2:1b:d4:7b:53:6b:22:bc:41:41:a7:c7:c3:
c5:44:46:7b:59:82:68:4e:cf:f2:4d:4d:81:f5:46:
cc:dc:b2:7e:ef:fe:15:d2:89:9c:0e:7f:7e:20:3d:
82:9e:82:e0:25:4b:60:a7:a0:00:55:25:30:fc:8e:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:93:CD:16:36:8F:F1:12:47:EF:1F:B1:CD:2C:1E:0C:2F:27:B3:DF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MpPNFjaP8RJH7x-xzSweDC8ns98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.33.0/24
Signature Algorithm: sha256WithRSAEncryption
73:2d:7a:f1:c7:ff:04:95:7e:ff:14:82:3f:22:0f:07:23:cf:
63:99:3e:c5:e9:92:30:e8:13:62:e1:29:5f:d6:9f:e6:76:43:
46:55:e3:a0:b4:6e:3c:11:7f:70:52:3a:4a:c6:3a:41:5e:3d:
b2:7c:88:3e:95:65:c6:4d:74:14:16:97:27:ef:be:be:77:ab:
55:9d:18:71:26:65:4e:ae:64:b4:6b:1c:58:22:9f:5f:6b:09:
1e:d3:e1:db:e7:6a:82:b0:f2:29:73:0d:a3:2e:70:f8:ab:45:
ab:5d:d2:9a:05:4f:22:0b:bd:bf:e8:16:32:61:d7:4f:e4:57:
f1:c3:0e:b5:17:59:e0:7d:34:04:19:ea:61:61:e1:af:ae:10:
57:e0:62:ed:77:5f:a8:59:0f:46:71:48:9e:9a:e0:bf:1a:19:
53:60:e4:50:29:2b:44:fa:d0:98:4d:a6:be:42:9b:c4:c0:49:
54:a3:85:9c:d7:c2:6b:7a:af:bc:76:f7:bd:ca:2d:54:d7:e7:
34:b2:3d:aa:f5:cb:0a:07:3d:16:29:3f:7a:e6:81:b1:9f:4f:
b7:8a:20:43:22:81:c5:99:2e:dc:1e:82:f4:f4:a5:1c:c1:ae:
49:e7:90:f8:62:20:49:6e:fe:58:5a:34:39:16:3b:46:19:20:
f2:6d:fa:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv3ALl+R3xosBOcoytg6hvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIyMTIyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkzY2QxNjM2OGZmMTEyNDdlZjFmYjFjZDJjMWUwYzJmMjdiM2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ0FwRcu9o15hBlGyo3HlBCsem8r
y7wBFg76I55ICf3Yh+tMCN/nabPdEBSgF6lb+FLtKRxGE/MuSqMp8Hc290kSm10m
K9Kcg5mVsYu5z9Bb21b23bVvPEj1jMHbfWMDpxSigjVKfn+EU4bL1qfRQ8A1Vnc8
QgeqewaE7heZ4xdMXDhuhvqltru2KaPvVDpE7cqgerUF0v1pywwEbLHFVXAmRLjt
9AdXs7+uyjLeeqJkPx1a6bye3wvqvADPZUfX/1YSQtIb1HtTayK8QUGnx8PFREZ7
WYJoTs/yTU2B9UbM3LJ+7/4V0omcDn9+ID2CnoLgJUtgp6AAVSUw/I7jRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDKTzRY2j/ESR+8fsc0sHgwvJ7PfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTXBQTkZqYVA4UkpIN3gteHpTd2VEQzhuczk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3ghMA0G
CSqGSIb3DQEBCwUAA4IBAQBzLXrxx/8ElX7/FII/Ig8HI89jmT7F6ZIw6BNi4Slf
1p/mdkNGVeOgtG48EX9wUjpKxjpBXj2yfIg+lWXGTXQUFpcn776+d6tVnRhxJmVO
rmS0axxYIp9fawke0+Hb52qCsPIpcw2jLnD4q0WrXdKaBU8iC72/6BYyYddP5Ffx
ww61F1ngfTQEGephYeGvrhBX4GLtd1+oWQ9GcUiemuC/GhlTYORQKStE+tCYTaa+
QpvEwElUo4Wc18Jreq+8dve9yi1U1+c0sj2q9csKBz0WKT965oGxn0+3iiBDIoHF
mS7cHoL09KUcwa5J55D4YiBJbv5YWjQ5FjtGGSDybfoR
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:10 2024 by rpki-client on console-ams.rpki-client.org