Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/MdHfzZSHUq8-pwvuj-dvTS0NgHI.roa
File: MdHfzZSHUq8-pwvuj-dvTS0NgHI.roa (raw, json)
Hash identifier: cxWMVNp7+fcChSxxsjuECuVGdhyeHB3YUC4PG15C9Gk=
Subject key identifier: 31:D1:DF:CD:94:87:52:AF:3E:A7:0B:EE:8F:E7:6F:4D:2D:0D:80:72
Certificate issuer: /CN=87f1cac0de8f66a7076f2810f3f3518aa70643ba
Certificate serial: 018571D7AA18F3D03BB48B830020B678732F
Authority key identifier: 87:F1:CA:C0:DE:8F:66:A7:07:6F:28:10:F3:F3:51:8A:A7:06:43:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/MdHfzZSHUq8-pwvuj-dvTS0NgHI.roa
Signing time: Mon 02 Jan 2023 09:37:17 +0000
ROA not before: Mon 02 Jan 2023 09:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210964
IP address blocks: 194.150.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:aa:18:f3:d0:3b:b4:8b:83:00:20:b6:78:73:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87f1cac0de8f66a7076f2810f3f3518aa70643ba
Validity
Not Before: Jan 2 09:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d1dfcd948752af3ea70bee8fe76f4d2d0d8072
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:4a:96:6f:4d:af:d0:4a:42:3f:53:21:e5:99:
53:24:ca:c0:25:b9:3c:19:c5:28:e4:b6:bd:ad:f5:
f4:9a:70:5b:82:22:f5:09:ae:4f:d1:4f:f3:4a:02:
58:d3:07:08:6c:82:3b:97:df:61:dc:15:cb:7f:8e:
09:c5:0a:8e:46:95:c3:67:8b:7f:7b:24:a8:d4:73:
95:25:d5:32:ae:86:f6:60:14:e5:fd:e5:a3:e9:55:
ce:b0:4d:a3:51:e2:4b:9a:45:7f:73:cd:55:ce:4b:
ad:79:e3:d7:2e:2d:ed:eb:a3:cf:80:01:00:a3:ef:
d1:a5:8d:5f:d0:e2:c8:83:5e:77:e9:02:32:55:cf:
9d:ae:a7:bf:21:c0:f0:e6:a8:f4:3d:f9:21:a2:3d:
82:8b:dd:6d:7a:fb:a9:06:6d:72:51:b1:6f:20:75:
71:d6:8a:c3:9f:52:6f:c4:61:12:a4:cf:4f:3e:64:
62:87:d7:d9:a4:88:8a:21:14:3b:93:23:e5:1e:62:
79:0a:03:ed:6b:8d:1c:6c:6a:41:dc:6f:91:b0:e5:
98:bf:9b:a4:3c:7a:3f:03:3e:0c:af:22:30:d5:5a:
1d:13:c2:b1:7f:32:41:46:10:63:34:65:0b:8e:4c:
89:19:12:e2:cb:7b:52:a5:06:af:41:43:d0:ab:a5:
c3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D1:DF:CD:94:87:52:AF:3E:A7:0B:EE:8F:E7:6F:4D:2D:0D:80:72
X509v3 Authority Key Identifier:
keyid:87:F1:CA:C0:DE:8F:66:A7:07:6F:28:10:F3:F3:51:8A:A7:06:43:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/MdHfzZSHUq8-pwvuj-dvTS0NgHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f6b1b9-9ed6-4af2-a73b-f8874a6bad38/1/h_HKwN6PZqcHbygQ8_NRiqcGQ7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.78.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:33:ed:66:e7:e0:ce:c1:81:ef:d0:b9:95:18:5c:46:3b:13:
24:a0:40:8d:87:47:ae:7f:0b:0f:4d:f6:1f:3a:42:3e:21:ff:
c0:57:9e:19:4f:45:1b:f1:71:8f:70:aa:7b:c3:31:05:c9:21:
73:f0:e3:4e:24:1b:7d:e7:34:76:04:80:20:68:cb:c2:c8:d0:
a1:6f:7e:a8:0a:72:7b:49:7b:84:32:be:32:c8:c1:e9:25:ee:
7a:b0:d8:a3:18:1e:52:7b:0e:a3:8d:08:7a:15:05:6b:ee:86:
ec:2e:98:43:e1:ef:d9:86:ba:70:38:9f:5b:be:fc:73:ce:47:
d3:e6:36:2d:39:d8:c3:41:8d:00:d0:18:a3:1f:ef:b7:1c:7b:
91:d8:c4:5f:2e:da:68:71:6e:c6:50:6e:7e:0f:64:8e:a1:a9:
a0:6e:34:84:9c:85:13:a8:6b:11:31:bb:63:58:c9:49:55:8e:
07:31:6e:5b:bc:f9:94:95:29:87:ac:a4:32:44:6f:34:8d:92:
f2:ff:30:81:f5:2d:0f:eb:f3:5d:bd:7b:64:56:53:ae:4d:33:
21:ea:82:4e:2b:3d:80:71:d5:3f:40:1b:a9:34:d0:d8:2e:1a:
72:cf:dc:e8:67:dc:cd:60:d1:a9:68:1f:c6:22:e4:3a:66:f9:
b2:67:b8:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx16oY89A7tIuDACC2eHMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZjFjYWMwZGU4ZjY2YTcwNzZmMjgxMGYzZjM1MThhYTcw
NjQzYmEwHhcNMjMwMTAyMDkzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQxZGZjZDk0ODc1MmFmM2VhNzBiZWU4ZmU3NmY0ZDJkMGQ4MDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUqWb02v0EpCP1Mh5ZlTJMrAJbk8
GcUo5La9rfX0mnBbgiL1Ca5P0U/zSgJY0wcIbII7l99h3BXLf44JxQqORpXDZ4t/
eySo1HOVJdUyrob2YBTl/eWj6VXOsE2jUeJLmkV/c81VzkuteePXLi3t66PPgAEA
o+/RpY1f0OLIg1536QIyVc+drqe/IcDw5qj0Pfkhoj2Ci91tevupBm1yUbFvIHVx
1orDn1JvxGESpM9PPmRih9fZpIiKIRQ7kyPlHmJ5CgPta40cbGpB3G+RsOWYv5uk
PHo/Az4MryIw1VodE8KxfzJBRhBjNGULjkyJGRLiy3tSpQavQUPQq6XD4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHR382Uh1KvPqcL7o/nb00tDYByMB8GA1UdIwQY
MBaAFIfxysDej2anB28oEPPzUYqnBkO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaF9IS3dONlBacWNIYnlnUThfTlJpcWNHUTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNmIxYjktOWVkNi00YWYyLWE3M2It
Zjg4NzRhNmJhZDM4LzEvTWRIZnpaU0hVcTgtcHd2dWotZHZUUzBOZ0hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNmIxYjktOWVkNi00YWYyLWE3M2ItZjg4NzRhNmJhZDM4
LzEvaF9IS3dONlBacWNIYnlnUThfTlJpcWNHUTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpZOMA0G
CSqGSIb3DQEBCwUAA4IBAQAdM+1m5+DOwYHv0LmVGFxGOxMkoECNh0eufwsPTfYf
OkI+If/AV54ZT0Ub8XGPcKp7wzEFySFz8ONOJBt95zR2BIAgaMvCyNChb36oCnJ7
SXuEMr4yyMHpJe56sNijGB5Sew6jjQh6FQVr7obsLphD4e/ZhrpwOJ9bvvxzzkfT
5jYtOdjDQY0A0BijH++3HHuR2MRfLtpocW7GUG5+D2SOoamgbjSEnIUTqGsRMbtj
WMlJVY4HMW5bvPmUlSmHrKQyRG80jZLy/zCB9S0P6/NdvXtkVlOuTTMh6oJOKz2A
cdU/QBupNNDYLhpyz9zoZ9zNYNGpaB/GIuQ6ZvmyZ7gA
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:07 2024 by rpki-client on console-ams.rpki-client.org