Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/mtlZBdscShSHbpcs12apdf1dCYY.roa
File: mtlZBdscShSHbpcs12apdf1dCYY.roa (raw, json)
Hash identifier: uREdJV+27kAa73V2mF1NbDd5GohRH6cGyyVgtr9rlHg=
Subject key identifier: 9A:D9:59:05:DB:1C:4A:14:87:6E:97:2C:D7:66:A9:75:FD:5D:09:86
Certificate issuer: /CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Certificate serial: 018BEC7215D6E5FA0ED41112BAE22A17C788
Authority key identifier: A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/mtlZBdscShSHbpcs12apdf1dCYY.roa
Signing time: Mon 20 Nov 2023 11:16:21 +0000
ROA not before: Mon 20 Nov 2023 11:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20676
IP address blocks: 153.98.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ec:72:15:d6:e5:fa:0e:d4:11:12:ba:e2:2a:17:c7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a76fcfad966ae7e8171cfce26db3f65776d26fe8
Validity
Not Before: Nov 20 11:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ad95905db1c4a14876e972cd766a975fd5d0986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e6:ad:d9:32:9d:27:a9:97:42:6e:b1:f7:3f:
46:68:81:06:d0:d8:37:70:72:0f:95:6b:94:0d:96:
86:5c:1f:24:30:56:81:1e:73:2b:88:82:9b:71:08:
d4:56:c7:60:69:6a:a4:2a:89:19:71:34:22:a8:4d:
ee:10:f8:92:6b:59:bf:83:87:bb:c8:34:40:62:0b:
6b:e3:19:65:63:bc:0b:a5:e3:c1:2a:20:50:72:b2:
c6:18:3c:fd:2d:84:b7:ef:12:4a:fd:9d:fc:95:fb:
bb:d5:ed:43:b9:2b:ca:72:92:e8:c9:7d:e4:32:53:
72:8a:be:cb:19:07:f3:96:b7:30:53:03:0e:8a:87:
8b:b5:96:d7:bf:33:8f:55:c8:14:1f:e5:f0:e2:f5:
61:44:bd:49:cf:84:2e:a8:d9:5f:70:58:03:20:25:
48:6b:49:86:bd:ca:65:35:5e:02:0b:90:06:77:76:
f3:20:e7:45:a6:1d:54:a7:9a:cc:90:fb:68:a5:2a:
18:96:45:e3:63:80:ec:9e:77:9e:2f:cf:fe:92:a1:
7d:89:90:4e:8f:06:21:e5:0a:d5:b3:38:2b:9a:8c:
9a:48:ba:d9:f5:7b:c3:15:95:fd:fc:d8:ef:9f:e3:
b9:73:8f:94:cc:32:d6:c4:bc:35:38:1a:41:54:76:
5b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D9:59:05:DB:1C:4A:14:87:6E:97:2C:D7:66:A9:75:FD:5D:09:86
X509v3 Authority Key Identifier:
keyid:A7:6F:CF:AD:96:6A:E7:E8:17:1C:FC:E2:6D:B3:F6:57:76:D2:6F:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2_PrZZq5-gXHPzibbP2V3bSb-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/mtlZBdscShSHbpcs12apdf1dCYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/db8752-84b2-438a-9bc1-c5401f6d91d1/1/p2_PrZZq5-gXHPzibbP2V3bSb-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.98.203.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f2:f1:b9:8f:d6:85:8d:83:34:1d:62:6c:fa:e8:98:9a:06:
7c:f0:a3:17:7d:d6:25:cd:43:a6:b4:44:a1:03:df:06:42:b6:
ea:b1:ba:fd:7f:b0:98:d9:ba:7b:45:05:2a:34:e2:3f:59:9f:
4f:bc:9a:0e:fd:f5:e9:9d:51:ed:b7:23:6d:70:86:a9:a5:8b:
e4:39:05:cc:02:a5:04:64:d8:91:97:89:82:57:ba:e7:00:9d:
42:c8:9b:f4:da:ff:1a:6e:db:73:67:7b:63:ea:fb:07:79:9d:
a5:94:6f:d5:f5:d5:07:b9:4a:8c:9f:6a:e2:2b:a4:7e:e2:05:
7d:bd:05:2c:bb:ae:a5:49:60:4b:28:77:e4:f0:8b:c1:4a:24:
dc:ee:7e:4e:8d:44:49:65:b6:e3:53:0d:3c:a8:b3:a8:c7:50:
37:7f:61:96:82:c9:a6:45:fa:4f:64:58:31:36:73:ec:44:89:
26:c8:2b:04:4a:ea:34:ce:2e:37:b8:84:3f:d3:0b:6f:2e:12:
d4:bf:f9:ea:72:35:2d:29:bf:2a:9a:df:2a:56:09:1b:ec:9f:
d4:4a:83:e7:9b:be:b5:d4:27:33:e9:e2:50:d9:b7:44:d3:8a:
45:d8:d9:0c:e1:5b:f1:08:3c:10:4c:2c:27:93:b2:b2:65:14:
96:d9:eb:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvschXW5foO1BESuuIqF8eIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NmZjZmFkOTY2YWU3ZTgxNzFjZmNlMjZkYjNmNjU3NzZk
MjZmZTgwHhcNMjMxMTIwMTExNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ5NTkwNWRiMWM0YTE0ODc2ZTk3MmNkNzY2YTk3NWZkNWQwOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+at2TKdJ6mXQm6x9z9GaIEG0Ng3
cHIPlWuUDZaGXB8kMFaBHnMriIKbcQjUVsdgaWqkKokZcTQiqE3uEPiSa1m/g4e7
yDRAYgtr4xllY7wLpePBKiBQcrLGGDz9LYS37xJK/Z38lfu71e1DuSvKcpLoyX3k
MlNyir7LGQfzlrcwUwMOioeLtZbXvzOPVcgUH+Xw4vVhRL1Jz4QuqNlfcFgDICVI
a0mGvcplNV4CC5AGd3bzIOdFph1Up5rMkPtopSoYlkXjY4DsnneeL8/+kqF9iZBO
jwYh5QrVszgrmoyaSLrZ9XvDFZX9/Njvn+O5c4+UzDLWxLw1OBpBVHZbdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrZWQXbHEoUh26XLNdmqXX9XQmGMB8GA1UdIwQY
MBaAFKdvz62WaufoFxz84m2z9ld20m/oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEt
YzU0MDFmNmQ5MWQxLzEvbXRsWkJkc2NTaFNIYnBjczEyYXBkZjFkQ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kYjg3NTItODRiMi00MzhhLTliYzEtYzU0MDFmNmQ5MWQx
LzEvcDJfUHJaWnE1LWdYSFB6aWJiUDJWM2JTYi1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmWLLMA0G
CSqGSIb3DQEBCwUAA4IBAQBb8vG5j9aFjYM0HWJs+uiYmgZ88KMXfdYlzUOmtESh
A98GQrbqsbr9f7CY2bp7RQUqNOI/WZ9PvJoO/fXpnVHttyNtcIappYvkOQXMAqUE
ZNiRl4mCV7rnAJ1CyJv02v8abttzZ3tj6vsHeZ2llG/V9dUHuUqMn2riK6R+4gV9
vQUsu66lSWBLKHfk8IvBSiTc7n5OjURJZbbjUw08qLOox1A3f2GWgsmmRfpPZFgx
NnPsRIkmyCsESuo0zi43uIQ/0wtvLhLUv/nqcjUtKb8qmt8qVgkb7J/USoPnm761
1Ccz6eJQ2bdE04pF2NkM4VvxCDwQTCwnk7KyZRSW2esy
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:15 2024 by rpki-client on console-ams.rpki-client.org