Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/mPBknKprHYS2abm-fuLB69oE2eY.roa
File: mPBknKprHYS2abm-fuLB69oE2eY.roa (raw, json)
Hash identifier: 28UuJPfPqbMLuhNCGhjk8nuVA1HlIyFhnQXD9KUEPw8=
Subject key identifier: 98:F0:64:9C:AA:6B:1D:84:B6:69:B9:BE:7E:E2:C1:EB:DA:04:D9:E6
Certificate issuer: /CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Certificate serial: 01856F42A56FDAF5B75896348463185AABC0
Authority key identifier: B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/mPBknKprHYS2abm-fuLB69oE2eY.roa
Signing time: Sun 01 Jan 2023 21:35:16 +0000
ROA not before: Sun 01 Jan 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25084
IP address blocks: 212.87.240.0/23 maxlen: 23
212.87.244.0/22 maxlen: 22
2a01:699::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a5:6f:da:f5:b7:58:96:34:84:63:18:5a:ab:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b02aa961b477d5423d85b7d43f3efa26326d7090
Validity
Not Before: Jan 1 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98f0649caa6b1d84b669b9be7ee2c1ebda04d9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d5:ec:24:a4:bd:fd:8a:22:5b:03:d2:d9:2a:
88:13:02:14:72:00:e9:a6:33:9b:e3:75:57:cd:e9:
81:89:0e:43:c9:d6:30:62:0f:66:cd:e8:83:82:97:
3e:84:27:7d:2e:8c:0a:87:42:4b:8a:b4:24:de:e5:
2e:90:0a:0b:3d:4a:37:3f:3a:f5:03:53:51:22:5e:
66:96:61:da:cb:0d:48:33:10:4d:65:a4:a2:00:9a:
b8:07:f6:0d:60:c1:31:c5:94:e4:b5:3a:1c:dd:68:
4f:6b:e3:a5:6d:d4:07:ff:fb:91:4a:de:14:0f:f1:
fa:fa:5e:fe:b4:d6:8f:bc:6c:1a:a1:c0:a6:f6:b5:
bd:f7:48:cc:80:c8:ed:08:82:0a:b1:37:6d:82:03:
55:08:76:0c:15:92:a2:3b:ae:e7:a6:bb:0d:36:d1:
8f:dc:52:e3:d3:27:e9:ee:32:32:cf:f7:93:2c:01:
89:ca:19:65:74:84:f4:a5:ad:56:21:cd:78:ed:84:
f7:7a:06:63:d8:d7:82:37:a7:cb:6f:2b:2a:52:26:
07:ce:ad:f4:2f:d1:cd:c6:10:3d:8f:7a:f5:b2:84:
cc:d7:99:0e:82:7e:d0:15:ea:15:5f:0a:15:39:58:
b9:1a:94:45:e3:7e:f8:05:69:ad:8d:b5:d2:57:90:
f7:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F0:64:9C:AA:6B:1D:84:B6:69:B9:BE:7E:E2:C1:EB:DA:04:D9:E6
X509v3 Authority Key Identifier:
keyid:B0:2A:A9:61:B4:77:D5:42:3D:85:B7:D4:3F:3E:FA:26:32:6D:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCqpYbR31UI9hbfUPz76JjJtcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/mPBknKprHYS2abm-fuLB69oE2eY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01484c-5f28-42f5-b9ea-0787a503ca69/1/sCqpYbR31UI9hbfUPz76JjJtcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.240.0/23
212.87.244.0/22
IPv6:
2a01:699::/32
Signature Algorithm: sha256WithRSAEncryption
5c:76:94:2a:07:17:b7:3a:cc:7e:ee:d8:66:38:58:52:f5:d5:
48:be:56:8e:f3:b1:51:dd:47:84:66:ed:c7:be:8e:0c:ca:a5:
39:d2:b4:9f:34:a8:30:69:12:d1:6c:de:88:8e:22:b3:eb:98:
ef:71:ad:24:11:97:3f:56:9a:76:cb:51:66:d9:b1:04:91:bb:
0f:46:31:84:eb:3d:0c:ab:f2:63:0b:59:d8:a2:c1:6a:8b:7e:
67:ce:ec:0c:86:bd:69:7c:55:aa:48:35:05:7a:46:c9:43:6b:
42:63:dc:6f:0b:f9:47:f1:83:25:0e:46:73:61:d0:bb:8e:7a:
30:08:41:a7:65:35:d1:1a:fe:06:da:ec:f5:5d:27:28:3e:3f:
f6:03:93:cb:8f:c9:39:25:8d:c2:60:7c:11:14:f1:06:89:cf:
bd:dd:b6:ac:1b:0b:2f:4a:15:a9:fc:2f:f6:e1:9e:06:08:f1:
81:48:b9:4e:d9:5b:d3:ce:79:e5:01:b5:cc:0d:32:80:5d:19:
58:6b:15:ee:df:31:4a:55:e5:45:ab:a2:91:66:7c:87:71:64:
3c:6c:ae:34:79:7c:18:ef:87:3b:f5:dd:a0:1b:93:be:d2:b7:
0b:e3:71:66:39:d7:91:58:af:05:5a:f7:1f:33:43:fc:3e:cf:
77:8d:c9:28
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvQqVv2vW3WJY0hGMYWqvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMmFhOTYxYjQ3N2Q1NDIzZDg1YjdkNDNmM2VmYTI2MzI2
ZDcwOTAwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGYwNjQ5Y2FhNmIxZDg0YjY2OWI5YmU3ZWUyYzFlYmRhMDRkOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktXsJKS9/YoiWwPS2SqIEwIUcgDp
pjOb43VXzemBiQ5DydYwYg9mzeiDgpc+hCd9LowKh0JLirQk3uUukAoLPUo3Pzr1
A1NRIl5mlmHayw1IMxBNZaSiAJq4B/YNYMExxZTktToc3WhPa+OlbdQH//uRSt4U
D/H6+l7+tNaPvGwaocCm9rW990jMgMjtCIIKsTdtggNVCHYMFZKiO67nprsNNtGP
3FLj0yfp7jIyz/eTLAGJyhlldIT0pa1WIc147YT3egZj2NeCN6fLbysqUiYHzq30
L9HNxhA9j3r1soTM15kOgn7QFeoVXwoVOVi5GpRF4374BWmtjbXSV5D3UwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJjwZJyqax2Etmm5vn7iwevaBNnmMB8GA1UdIwQY
MBaAFLAqqWG0d9VCPYW31D8++iYybXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEt
MDc4N2E1MDNjYTY5LzEvbVBCa25LcHJIWVMyYWJtLWZ1TEI2OW9FMmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMTQ4NGMtNWYyOC00MmY1LWI5ZWEtMDc4N2E1MDNjYTY5
LzEvc0NxcFliUjMxVUk5aGJmVVB6NzZKakp0Y0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQB1FfwAwQC
1Ff0MA0EAgACMAcDBQAqAQaZMA0GCSqGSIb3DQEBCwUAA4IBAQBcdpQqBxe3Osx+
7thmOFhS9dVIvlaO87FR3UeEZu3Hvo4MyqU50rSfNKgwaRLRbN6IjiKz65jvca0k
EZc/Vpp2y1Fm2bEEkbsPRjGE6z0Mq/JjC1nYosFqi35nzuwMhr1pfFWqSDUFekbJ
Q2tCY9xvC/lH8YMlDkZzYdC7jnowCEGnZTXRGv4G2uz1XScoPj/2A5PLj8k5JY3C
YHwRFPEGic+93basGwsvShWp/C/24Z4GCPGBSLlO2VvTznnlAbXMDTKAXRlYaxXu
3zFKVeVFq6KRZnyHcWQ8bK40eXwY74c79d2gG5O+0rcL43FmOdeRWK8FWvcfM0P8
Ps93jcko
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:09 2024 by rpki-client on console-ams.rpki-client.org