Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mMXZdrGH-TtVO6M6x5cafELVYD8.roa
File: mMXZdrGH-TtVO6M6x5cafELVYD8.roa (raw, json)
Hash identifier: pmv0ZZNdcJvdfEr4t02xZ29+eKakftN7TuBOz/RPv8A=
Subject key identifier: 98:C5:D9:76:B1:87:F9:3B:55:3B:A3:3A:C7:97:1A:7C:42:D5:60:3F
Certificate issuer: /CN=8db34774b01979284fd9e754fea68fa3c61783d0
Certificate serial: 01929FA7C8B2216B66A25FB3A2F2109C327C
Authority key identifier: 8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mMXZdrGH-TtVO6M6x5cafELVYD8.roa
Signing time: Fri 18 Oct 2024 12:43:46 +0000
ROA not before: Fri 18 Oct 2024 12:43:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61347
IP address blocks: 213.226.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:a7:c8:b2:21:6b:66:a2:5f:b3:a2:f2:10:9c:32:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db34774b01979284fd9e754fea68fa3c61783d0
Validity
Not Before: Oct 18 12:43:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98c5d976b187f93b553ba33ac7971a7c42d5603f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d2:b8:9e:08:7d:2c:cc:00:8b:74:56:83:ce:
df:de:93:f7:fa:d6:60:5c:92:5e:4a:e5:eb:8d:fd:
5c:9c:22:70:c6:87:5c:8b:db:75:09:48:88:04:49:
0a:31:b4:15:53:36:db:be:99:c2:a1:8b:fd:5d:bb:
e6:24:90:71:3a:90:ee:00:d7:e1:40:04:0b:eb:ec:
67:07:1a:21:d0:8f:70:fb:f1:23:5b:34:bd:d7:0c:
7a:3f:de:59:83:30:53:98:e4:56:41:c2:71:28:89:
e8:09:b8:fb:3d:18:68:03:dc:30:20:e0:e1:ba:aa:
2a:f1:e4:7b:49:dd:7f:7e:b6:aa:fd:ee:83:a0:3a:
e7:6a:af:e0:80:ba:9f:71:05:7d:aa:66:de:4b:46:
52:d4:96:33:50:75:56:6d:74:8b:f9:f3:31:85:42:
65:3e:8c:d0:77:a9:a1:64:ba:78:c8:3c:0a:ce:0a:
af:23:92:04:9e:23:45:4d:f2:b4:41:97:88:f7:f4:
44:a3:bd:74:f7:f1:28:3f:4a:cc:8a:cd:1c:34:bb:
b2:da:d4:28:cc:cc:42:1c:b8:9c:70:8a:3e:dc:59:
e3:4d:99:e3:c4:d8:64:b3:42:95:bc:1d:55:b8:35:
01:6c:82:2c:c2:76:b1:28:c6:f9:54:a9:7f:63:70:
c9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C5:D9:76:B1:87:F9:3B:55:3B:A3:3A:C7:97:1A:7C:42:D5:60:3F
X509v3 Authority Key Identifier:
keyid:8D:B3:47:74:B0:19:79:28:4F:D9:E7:54:FE:A6:8F:A3:C6:17:83:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbNHdLAZeShP2edU_qaPo8YXg9A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/mMXZdrGH-TtVO6M6x5cafELVYD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/70a8f1-d8eb-42b5-bddb-6265521f6df7/1/jbNHdLAZeShP2edU_qaPo8YXg9A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.226.116.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:41:63:f2:4c:97:e8:81:7d:5d:c9:b5:b3:d8:20:44:d4:f9:
6c:df:77:61:bc:87:46:25:fa:e8:8c:c1:ea:0e:fe:21:7c:27:
80:16:63:7a:4b:5d:f6:1d:dc:a1:f3:2d:41:3a:fc:0c:de:07:
64:33:f6:41:b4:59:dd:63:8d:36:25:07:a6:da:91:01:de:01:
fb:c6:e0:d9:ca:cf:8d:93:91:42:c0:da:7c:20:c6:54:02:66:
cd:d4:cb:c5:d7:dd:a5:6c:89:17:8b:3b:a3:34:fa:86:f5:a9:
02:f3:25:be:59:9c:42:6f:1d:72:63:76:7c:5f:d2:bf:f5:bd:
0a:e0:0f:bb:9a:38:06:b1:a5:9f:8f:f7:43:15:54:aa:6a:3b:
db:6c:26:1b:aa:6f:80:14:81:22:c4:51:c4:51:69:be:4f:87:
97:80:48:b6:c8:9a:35:19:19:fe:f6:fc:c5:89:58:4d:16:71:
90:d6:ff:1c:c5:38:db:b5:be:e4:a9:66:4a:8a:b4:82:7a:4c:
1b:68:61:ee:db:65:03:09:4d:bc:f3:08:18:b2:ff:ea:50:f5:
93:63:61:0a:f5:e5:f8:0e:8f:2b:2b:d0:03:ce:fd:b3:32:22:
fb:d3:ec:b9:54:57:68:97:e1:d0:a7:20:c7:c6:a2:b7:b9:f4:
6b:5f:1a:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKfp8iyIWtmol+zovIQnDJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjM0Nzc0YjAxOTc5Mjg0ZmQ5ZTc1NGZlYTY4ZmEzYzYx
NzgzZDAwHhcNMjQxMDE4MTI0MzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGM1ZDk3NmIxODdmOTNiNTUzYmEzM2FjNzk3MWE3YzQyZDU2MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNK4ngh9LMwAi3RWg87f3pP3+tZg
XJJeSuXrjf1cnCJwxodci9t1CUiIBEkKMbQVUzbbvpnCoYv9XbvmJJBxOpDuANfh
QAQL6+xnBxoh0I9w+/EjWzS91wx6P95ZgzBTmORWQcJxKInoCbj7PRhoA9wwIODh
uqoq8eR7Sd1/fraq/e6DoDrnaq/ggLqfcQV9qmbeS0ZS1JYzUHVWbXSL+fMxhUJl
PozQd6mhZLp4yDwKzgqvI5IEniNFTfK0QZeI9/REo7109/EoP0rMis0cNLuy2tQo
zMxCHLiccIo+3FnjTZnjxNhks0KVvB1VuDUBbIIswnaxKMb5VKl/Y3DJqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjF2Xaxh/k7VTujOseXGnxC1WA/MB8GA1UdIwQY
MBaAFI2zR3SwGXkoT9nnVP6mj6PGF4PQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGIt
NjI2NTUyMWY2ZGY3LzEvbU1YWmRyR0gtVHRWTzZNNng1Y2FmRUxWWUQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy83MGE4ZjEtZDhlYi00MmI1LWJkZGItNjI2NTUyMWY2ZGY3
LzEvamJOSGRMQVplU2hQMmVkVV9xYVBvOFlYZzlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1eJ0MA0G
CSqGSIb3DQEBCwUAA4IBAQAeQWPyTJfogX1dybWz2CBE1Pls33dhvIdGJfrojMHq
Dv4hfCeAFmN6S132Hdyh8y1BOvwM3gdkM/ZBtFndY402JQem2pEB3gH7xuDZys+N
k5FCwNp8IMZUAmbN1MvF192lbIkXizujNPqG9akC8yW+WZxCbx1yY3Z8X9K/9b0K
4A+7mjgGsaWfj/dDFVSqajvbbCYbqm+AFIEixFHEUWm+T4eXgEi2yJo1GRn+9vzF
iVhNFnGQ1v8cxTjbtb7kqWZKirSCekwbaGHu22UDCU288wgYsv/qUPWTY2EK9eX4
Do8rK9ADzv2zMiL70+y5VFdol+HQpyDHxqK3ufRrXxpx
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:54 2025 by rpki-client