Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/mf-jnMTYE0qgGr9HAog5D-4Z5WE.roa
File: mf-jnMTYE0qgGr9HAog5D-4Z5WE.roa (raw, json)
Hash identifier: 6Np4E8xOGZCbK6XDA5/xlPE46poNxv0CRbD7oTpsnQI=
Subject key identifier: 99:FF:A3:9C:C4:D8:13:4A:A0:1A:BF:47:02:88:39:0F:EE:19:E5:61
Certificate issuer: /CN=ee1cce901e5fb7c92f09a915cf6e656f693ba100
Certificate serial: 018570E74592D7115C1DA5AAB0E514233D12
Authority key identifier: EE:1C:CE:90:1E:5F:B7:C9:2F:09:A9:15:CF:6E:65:6F:69:3B:A1:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hzOkB5ft8kvCakVz25lb2k7oQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/mf-jnMTYE0qgGr9HAog5D-4Z5WE.roa
Signing time: Mon 02 Jan 2023 05:14:42 +0000
ROA not before: Mon 02 Jan 2023 05:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212879
IP address blocks: 185.155.136.0/24 maxlen: 24
185.155.139.0/24 maxlen: 24
185.155.138.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:e7:45:92:d7:11:5c:1d:a5:aa:b0:e5:14:23:3d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1cce901e5fb7c92f09a915cf6e656f693ba100
Validity
Not Before: Jan 2 05:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99ffa39cc4d8134aa01abf470288390fee19e561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ab:93:3b:05:fa:50:cf:af:37:45:50:70:fd:
76:c7:20:4c:8e:ba:d7:79:46:8f:eb:64:eb:6f:b6:
93:3f:7f:b3:b2:bf:92:c3:b8:ec:9e:a6:9f:ee:b4:
d0:36:1a:19:29:28:4c:bd:c6:19:e4:fa:9e:31:b1:
36:45:7a:b0:6a:68:10:b8:fa:5c:d3:c6:9a:99:27:
1f:fb:92:74:dc:92:91:91:71:b2:b9:1e:16:20:43:
99:59:a5:95:77:79:69:96:98:c5:d5:44:70:b5:39:
3c:0a:89:f1:ac:c8:77:f9:f5:59:a1:da:be:17:a3:
af:64:b6:a8:c6:ae:cb:c1:67:59:58:fe:2c:96:82:
0e:fd:48:1a:d0:b8:91:a7:b1:7c:d5:a2:4a:cc:18:
57:96:8b:9d:3e:b8:c9:8b:6b:02:37:58:51:cb:7c:
d6:27:c2:51:de:f3:91:11:ef:4c:7e:6c:bd:d7:92:
e1:bc:e8:77:c1:d7:e6:0e:7f:7b:68:f5:29:82:6a:
5f:7c:78:d7:4f:38:15:f9:c6:32:db:48:65:db:7c:
fd:96:df:02:a8:48:a8:44:31:71:28:f5:91:4e:3b:
be:87:db:79:a3:30:23:8c:8e:e1:c5:b0:d4:aa:57:
b3:83:cc:95:8d:ae:cd:3a:f0:c4:c3:ef:4a:b5:17:
ff:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FF:A3:9C:C4:D8:13:4A:A0:1A:BF:47:02:88:39:0F:EE:19:E5:61
X509v3 Authority Key Identifier:
keyid:EE:1C:CE:90:1E:5F:B7:C9:2F:09:A9:15:CF:6E:65:6F:69:3B:A1:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hzOkB5ft8kvCakVz25lb2k7oQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/mf-jnMTYE0qgGr9HAog5D-4Z5WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/39d5f1-66f7-49d8-afba-14a1909b1237/1/7hzOkB5ft8kvCakVz25lb2k7oQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.136.0/24
185.155.138.0/23
Signature Algorithm: sha256WithRSAEncryption
30:39:0e:41:02:63:52:53:11:ba:8f:7d:ab:64:00:19:7d:cd:
e2:e6:89:d5:9f:09:ef:02:0a:fd:31:fa:b7:d4:23:8f:09:91:
a7:85:0b:fe:65:16:f5:91:70:73:67:e3:27:b5:41:a2:9b:a8:
9e:94:f6:7c:59:57:dc:38:1b:90:0c:93:30:75:3e:ee:37:5d:
ca:0f:40:8b:fc:3e:0d:16:cb:11:2e:44:77:d2:2b:78:76:89:
93:d7:1e:88:4a:1f:04:a5:68:30:42:37:97:6a:cb:e8:d7:94:
0f:1f:1a:ac:2d:dd:d1:10:3c:17:31:19:80:04:fe:50:2a:bc:
77:37:d3:48:f2:08:d6:7f:71:26:23:d4:c8:06:9d:d4:ed:fa:
a1:2d:e4:97:82:93:61:11:cc:1b:e7:d4:c9:6e:fa:8c:21:ca:
00:91:db:14:16:a6:f0:66:1b:6b:51:5d:c1:04:5f:cd:15:fb:
b5:54:d8:3e:ba:01:fd:69:df:8f:14:46:cd:62:a1:0c:85:8c:
d5:1b:dd:2d:5a:18:91:79:82:cc:24:a4:6f:56:88:ad:8b:61:
b4:9c:a3:24:82:db:59:4a:90:4f:1f:3b:04:74:08:85:26:31:
9e:fd:b7:7b:91:9c:79:29:d9:ba:1b:a8:76:3e:aa:fb:4d:f5:
af:b4:06:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw50WS1xFcHaWqsOUUIz0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWNjZTkwMWU1ZmI3YzkyZjA5YTkxNWNmNmU2NTZmNjkz
YmExMDAwHhcNMjMwMTAyMDUxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZmYTM5Y2M0ZDgxMzRhYTAxYWJmNDcwMjg4MzkwZmVlMTllNTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmauTOwX6UM+vN0VQcP12xyBMjrrX
eUaP62Trb7aTP3+zsr+Sw7jsnqaf7rTQNhoZKShMvcYZ5PqeMbE2RXqwamgQuPpc
08aamScf+5J03JKRkXGyuR4WIEOZWaWVd3lplpjF1URwtTk8ConxrMh3+fVZodq+
F6OvZLaoxq7LwWdZWP4sloIO/Uga0LiRp7F81aJKzBhXloudPrjJi2sCN1hRy3zW
J8JR3vOREe9Mfmy915LhvOh3wdfmDn97aPUpgmpffHjXTzgV+cYy20hl23z9lt8C
qEioRDFxKPWRTju+h9t5ozAjjI7hxbDUqlezg8yVja7NOvDEw+9KtRf/0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJn/o5zE2BNKoBq/RwKIOQ/uGeVhMB8GA1UdIwQY
MBaAFO4czpAeX7fJLwmpFc9uZW9pO6EAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h6T2tCNWZ0OGt2Q2FrVnoyNWxiMms3b1FBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOWQ1ZjEtNjZmNy00OWQ4LWFmYmEt
MTRhMTkwOWIxMjM3LzEvbWYtam5NVFlFMHFnR3I5SEFvZzVELTRaNVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOWQ1ZjEtNjZmNy00OWQ4LWFmYmEtMTRhMTkwOWIxMjM3
LzEvN2h6T2tCNWZ0OGt2Q2FrVnoyNWxiMms3b1FBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZuIAwQB
uZuKMA0GCSqGSIb3DQEBCwUAA4IBAQAwOQ5BAmNSUxG6j32rZAAZfc3i5onVnwnv
Agr9Mfq31COPCZGnhQv+ZRb1kXBzZ+MntUGim6ielPZ8WVfcOBuQDJMwdT7uN13K
D0CL/D4NFssRLkR30it4domT1x6ISh8EpWgwQjeXasvo15QPHxqsLd3REDwXMRmA
BP5QKrx3N9NI8gjWf3EmI9TIBp3U7fqhLeSXgpNhEcwb59TJbvqMIcoAkdsUFqbw
ZhtrUV3BBF/NFfu1VNg+ugH9ad+PFEbNYqEMhYzVG90tWhiReYLMJKRvVoiti2G0
nKMkgttZSpBPHzsEdAiFJjGe/bd7kZx5Kdm6G6h2Pqr7TfWvtAaJ
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:10 2024 by rpki-client on console-fra.rpki-client.org