Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/MRl2ZMW95sD-cudCnyEEztNfhzc.roa
File: MRl2ZMW95sD-cudCnyEEztNfhzc.roa (raw, json)
Hash identifier: C2YVJaQOudg8cOmon0ihIvqsZEvlTVNgZpZUaTF2V/s=
Subject key identifier: 31:19:76:64:C5:BD:E6:C0:FE:72:E7:42:9F:21:04:CE:D3:5F:87:37
Certificate issuer: /CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Certificate serial: 01856C41265C25911EA6E8F9BC9D81AA820D
Authority key identifier: 92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/MRl2ZMW95sD-cudCnyEEztNfhzc.roa
Signing time: Sun 01 Jan 2023 07:34:47 +0000
ROA not before: Sun 01 Jan 2023 07:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202680
IP address blocks: 185.152.104.0/22 maxlen: 22
2a07:8180::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:26:5c:25:91:1e:a6:e8:f9:bc:9d:81:aa:82:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=921c4fda367c5383b15c2a7143ad4b10c955cea0
Validity
Not Before: Jan 1 07:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31197664c5bde6c0fe72e7429f2104ced35f8737
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:c0:ac:f7:32:22:8c:cd:37:eb:c6:15:41:
48:fa:57:a2:c4:5e:fe:84:c2:17:a9:b0:e5:3f:dd:
85:5e:0f:7e:e9:c8:88:e0:06:93:12:8f:27:3c:66:
75:8f:fd:89:c4:ab:62:fe:2b:55:1d:9a:98:a5:af:
65:18:1e:ed:d1:5f:a6:11:9b:d9:50:89:01:f4:fb:
50:cd:b0:9d:4c:54:3f:5b:c6:4a:26:68:49:5c:68:
1d:a0:e8:2d:74:26:4d:fa:ec:84:e5:7f:3c:c3:b1:
04:1e:a0:4e:3d:07:79:8d:45:f6:32:77:f2:88:70:
25:98:3c:9d:00:83:ea:a3:69:0c:dc:1f:de:93:6b:
52:20:42:c1:74:42:12:25:18:c9:ca:4f:fe:0b:bb:
f6:f6:cf:8f:f1:28:41:6c:6c:f0:ac:95:9e:9d:4c:
ed:93:ce:30:6e:51:17:17:4e:25:f6:22:2f:ef:98:
9f:2c:f6:3c:96:ee:a7:d4:40:40:c3:11:b5:5b:21:
57:de:38:65:be:fa:99:4d:9c:f1:f3:d8:11:6a:92:
c4:77:d2:52:00:35:e5:13:2b:7a:3f:8f:e3:3a:e5:
bd:e0:de:a3:59:b5:0f:7f:f4:d3:0a:2d:6a:c2:12:
5f:6e:f2:75:09:5c:01:63:3e:43:90:33:8d:56:23:
de:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:19:76:64:C5:BD:E6:C0:FE:72:E7:42:9F:21:04:CE:D3:5F:87:37
X509v3 Authority Key Identifier:
keyid:92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/MRl2ZMW95sD-cudCnyEEztNfhzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.104.0/22
IPv6:
2a07:8180::/29
Signature Algorithm: sha256WithRSAEncryption
70:91:42:4d:2a:3e:d1:14:dc:6b:d2:15:ec:27:82:ea:1b:e9:
c0:cc:d3:7c:94:d5:06:5c:b4:38:9d:ec:6d:b9:2d:47:c3:be:
1d:ef:63:84:d8:33:cd:d7:09:d7:a2:17:ac:76:23:59:f9:ee:
ea:36:40:78:2d:76:f2:d3:56:db:12:4a:7a:a0:38:08:04:89:
02:75:f5:3a:b7:50:83:96:93:98:d0:bc:a3:3e:cd:53:de:d1:
b5:67:6e:4e:55:37:fb:cc:12:c0:75:e2:42:41:13:64:f4:37:
f8:4a:90:97:22:49:eb:ff:ca:06:58:b1:68:8f:58:e2:6c:ed:
d8:29:8f:39:9f:b2:d8:42:00:5c:a2:1d:74:2a:99:f2:8f:f9:
58:ce:7e:c5:2c:92:e7:4e:38:9a:47:37:f5:95:eb:ee:54:89:
ef:90:fd:06:01:10:30:82:c6:bb:fb:a0:3c:2e:f1:87:56:20:
08:f2:4f:d9:c0:2b:9b:e5:69:78:93:ea:b9:37:90:23:75:3c:
08:c2:ee:63:59:8b:12:d8:73:6a:84:99:d8:2f:28:33:8b:c1:
f1:d7:c5:89:cc:21:12:1c:20:6d:47:a1:9c:73:91:01:03:6a:
4f:a4:9e:eb:92:51:64:26:ce:25:69:e5:26:7b:ef:67:3a:38:
51:46:27:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQSZcJZEepuj5vJ2BqoINMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMWM0ZmRhMzY3YzUzODNiMTVjMmE3MTQzYWQ0YjEwYzk1
NWNlYTAwHhcNMjMwMTAxMDczNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTE5NzY2NGM1YmRlNmMwZmU3MmU3NDI5ZjIxMDRjZWQzNWY4NzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAps7ArPcyIozNN+vGFUFI+leixF7+
hMIXqbDlP92FXg9+6ciI4AaTEo8nPGZ1j/2JxKti/itVHZqYpa9lGB7t0V+mEZvZ
UIkB9PtQzbCdTFQ/W8ZKJmhJXGgdoOgtdCZN+uyE5X88w7EEHqBOPQd5jUX2Mnfy
iHAlmDydAIPqo2kM3B/ek2tSIELBdEISJRjJyk/+C7v29s+P8ShBbGzwrJWenUzt
k84wblEXF04l9iIv75ifLPY8lu6n1EBAwxG1WyFX3jhlvvqZTZzx89gRapLEd9JS
ADXlEyt6P4/jOuW94N6jWbUPf/TTCi1qwhJfbvJ1CVwBYz5DkDONViPeuwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDEZdmTFvebA/nLnQp8hBM7TX4c3MB8GA1UdIwQY
MBaAFJIcT9o2fFODsVwqcUOtSxDJVc6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmIt
MjM2MDhmNmFlMmVhLzEvTVJsMlpNVzk1c0QtY3VkQ255RUV6dE5maHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmItMjM2MDhmNmFlMmVh
LzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZhoMA0E
AgACMAcDBQMqB4GAMA0GCSqGSIb3DQEBCwUAA4IBAQBwkUJNKj7RFNxr0hXsJ4Lq
G+nAzNN8lNUGXLQ4nextuS1Hw74d72OE2DPN1wnXohesdiNZ+e7qNkB4LXby01bb
Ekp6oDgIBIkCdfU6t1CDlpOY0LyjPs1T3tG1Z25OVTf7zBLAdeJCQRNk9Df4SpCX
Iknr/8oGWLFoj1jibO3YKY85n7LYQgBcoh10Kpnyj/lYzn7FLJLnTjiaRzf1levu
VInvkP0GARAwgsa7+6A8LvGHViAI8k/ZwCub5Wl4k+q5N5AjdTwIwu5jWYsS2HNq
hJnYLygzi8Hx18WJzCESHCBtR6Gcc5EBA2pPpJ7rklFkJs4laeUme+9nOjhRRid/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:01 2024 by rpki-client on console-fra.rpki-client.org