Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/mXkZeYebiKCWtnXLM3pJR4o8IVY.roa
File: mXkZeYebiKCWtnXLM3pJR4o8IVY.roa (raw, json)
Hash identifier: T4bO5HmsiXlwJIuTWdq3ADlPKaERnK8Tfbrzhs3BvXM=
Subject key identifier: 99:79:19:79:87:9B:88:A0:96:B6:75:CB:33:7A:49:47:8A:3C:21:56
Certificate issuer: /CN=a91fe2672c8f1c12b27ada0fccbaa7c212cbd71c
Certificate serial: 0188D9794744D16B4276244163ED66C66B18
Authority key identifier: A9:1F:E2:67:2C:8F:1C:12:B2:7A:DA:0F:CC:BA:A7:C2:12:CB:D7:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qR_iZyyPHBKyetoPzLqnwhLL1xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/mXkZeYebiKCWtnXLM3pJR4o8IVY.roa
Signing time: Tue 20 Jun 2023 15:43:03 +0000
ROA not before: Tue 20 Jun 2023 15:43:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50133
IP address blocks: 185.182.40.0/22 maxlen: 24
109.71.128.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:79:47:44:d1:6b:42:76:24:41:63:ed:66:c6:6b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a91fe2672c8f1c12b27ada0fccbaa7c212cbd71c
Validity
Not Before: Jun 20 15:43:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99791979879b88a096b675cb337a49478a3c2156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:20:00:e6:9c:4c:43:9c:e3:1b:9f:d1:46:61:
57:40:56:70:02:5d:8f:72:b3:96:d6:0f:91:3f:3a:
94:b9:c6:eb:7b:80:1d:ca:98:83:e5:fa:c6:47:ee:
87:ef:50:2b:bd:7f:bc:47:b5:1d:1f:e0:ff:51:5d:
02:a0:ba:9b:db:0a:56:36:d4:29:f2:7f:66:db:53:
39:7b:cc:47:06:9d:b2:02:ea:36:e1:4d:68:1e:7c:
6d:11:ce:6e:8c:7b:1e:10:4f:4b:eb:3b:84:ef:53:
8c:2b:cb:77:f8:af:d6:fc:1b:cc:23:ed:96:24:40:
88:81:69:fa:dc:79:54:8b:e0:aa:f0:4d:92:11:1a:
d7:29:f0:4a:43:da:b4:65:8d:f7:c2:68:93:77:54:
87:06:34:13:ea:c8:8f:c3:37:7b:28:46:ab:eb:a2:
26:6c:82:9d:43:b2:cb:ff:8f:4c:a4:1b:17:6d:76:
31:a8:87:ee:8f:0e:1f:1e:54:28:07:1d:1f:57:27:
8b:ef:83:35:87:43:c8:04:33:aa:ba:f9:74:67:ee:
78:71:bc:ed:de:41:2c:2d:ca:42:00:8c:97:34:58:
d6:3d:80:45:4b:7d:e1:67:23:d4:4a:93:b4:7b:33:
cd:93:38:a5:1e:e0:ac:b2:83:39:67:51:0d:7b:d3:
73:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:79:19:79:87:9B:88:A0:96:B6:75:CB:33:7A:49:47:8A:3C:21:56
X509v3 Authority Key Identifier:
keyid:A9:1F:E2:67:2C:8F:1C:12:B2:7A:DA:0F:CC:BA:A7:C2:12:CB:D7:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qR_iZyyPHBKyetoPzLqnwhLL1xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/mXkZeYebiKCWtnXLM3pJR4o8IVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6c06c9-3f46-4658-ae89-9bf226402fd4/1/qR_iZyyPHBKyetoPzLqnwhLL1xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.128.0/21
185.182.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:e9:c5:47:57:f9:51:61:7b:eb:b9:43:f8:a4:5c:14:05:fa:
42:50:fe:2e:bc:9c:d7:a0:af:15:31:7f:98:f4:6a:e6:99:8a:
9e:7c:1a:2f:23:4f:74:31:e8:e6:e0:50:18:84:ea:9a:e2:15:
a9:44:50:21:8a:5e:4b:49:52:4e:d3:3b:72:f3:5a:c8:95:2e:
43:4a:63:b9:fe:22:8f:47:06:79:f7:81:86:27:63:80:b5:da:
f8:de:e6:c9:72:b6:9b:08:bc:8f:9b:ef:53:39:09:de:8a:1d:
5d:28:26:8d:e4:31:41:c8:8d:ff:91:d0:54:a1:b0:50:44:91:
03:17:3b:1f:45:71:3a:90:5e:cd:c4:cb:88:ae:30:8b:3a:e5:
ac:f6:d7:50:13:1f:ff:af:84:3c:76:ff:7b:88:de:e3:ea:89:
dd:c8:ef:84:2d:cf:f7:26:c7:b8:a7:05:f8:b9:5c:77:1e:1c:
03:db:e5:f3:c0:c5:d9:ef:fb:a8:52:93:a9:7e:d2:a1:f3:5f:
9e:52:87:16:f4:de:da:b5:eb:ca:0c:15:8b:fe:56:c4:05:9e:
a0:63:56:37:90:69:7f:75:b8:46:f1:af:21:c3:54:28:cc:03:
8e:71:51:ae:be:58:ba:6e:73:e2:13:2a:a7:a5:6f:dd:46:b8:
10:8e:05:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYjZeUdE0WtCdiRBY+1mxmsYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MWZlMjY3MmM4ZjFjMTJiMjdhZGEwZmNjYmFhN2MyMTJj
YmQ3MWMwHhcNMjMwNjIwMTU0MzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc5MTk3OTg3OWI4OGEwOTZiNjc1Y2IzMzdhNDk0NzhhM2MyMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyAA5pxMQ5zjG5/RRmFXQFZwAl2P
crOW1g+RPzqUucbre4AdypiD5frGR+6H71ArvX+8R7UdH+D/UV0CoLqb2wpWNtQp
8n9m21M5e8xHBp2yAuo24U1oHnxtEc5ujHseEE9L6zuE71OMK8t3+K/W/BvMI+2W
JECIgWn63HlUi+Cq8E2SERrXKfBKQ9q0ZY33wmiTd1SHBjQT6siPwzd7KEar66Im
bIKdQ7LL/49MpBsXbXYxqIfujw4fHlQoBx0fVyeL74M1h0PIBDOquvl0Z+54cbzt
3kEsLcpCAIyXNFjWPYBFS33hZyPUSpO0ezPNkzilHuCssoM5Z1ENe9NzgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJl5GXmHm4iglrZ1yzN6SUeKPCFWMB8GA1UdIwQY
MBaAFKkf4mcsjxwSsnraD8y6p8ISy9ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVJfaVp5eVBIQkt5ZXRvUHpMcW53aExMMXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82YzA2YzktM2Y0Ni00NjU4LWFlODkt
OWJmMjI2NDAyZmQ0LzEvbVhrWmVZZWJpS0NXdG5YTE0zcEpSNG84SVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82YzA2YzktM2Y0Ni00NjU4LWFlODktOWJmMjI2NDAyZmQ0
LzEvcVJfaVp5eVBIQkt5ZXRvUHpMcW53aExMMXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDbUeAAwQC
ubYoMA0GCSqGSIb3DQEBCwUAA4IBAQAs6cVHV/lRYXvruUP4pFwUBfpCUP4uvJzX
oK8VMX+Y9GrmmYqefBovI090Mejm4FAYhOqa4hWpRFAhil5LSVJO0zty81rIlS5D
SmO5/iKPRwZ594GGJ2OAtdr43ubJcrabCLyPm+9TOQneih1dKCaN5DFByI3/kdBU
obBQRJEDFzsfRXE6kF7NxMuIrjCLOuWs9tdQEx//r4Q8dv97iN7j6ondyO+ELc/3
Jse4pwX4uVx3HhwD2+XzwMXZ7/uoUpOpftKh81+eUocW9N7atevKDBWL/lbEBZ6g
Y1Y3kGl/dbhG8a8hw1QozAOOcVGuvli6bnPiEyqnpW/dRrgQjgVa
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org