Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/mOT4XrWZC70uzLVS15K6X7QfLAY.roa
File: mOT4XrWZC70uzLVS15K6X7QfLAY.roa (raw, json)
Hash identifier: m/oKNcD7t04AeJfsPiY2xZaWoW7rNtl96R3fPjGiXzc=
Subject key identifier: 98:E4:F8:5E:B5:99:0B:BD:2E:CC:B5:52:D7:92:BA:5F:B4:1F:2C:06
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 018CCFBB0006D6A8D52F9056AE6A27A0ADF4
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/mOT4XrWZC70uzLVS15K6X7QfLAY.roa
Signing time: Wed 03 Jan 2024 14:29:48 +0000
ROA not before: Wed 03 Jan 2024 14:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138968
IP address blocks: 116.206.92.0/22 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 26 Mar 2024 13:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:bb:00:06:d6:a8:d5:2f:90:56:ae:6a:27:a0:ad:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jan 3 14:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98e4f85eb5990bbd2eccb552d792ba5fb41f2c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:91:81:3b:5d:5d:bd:38:94:37:3e:db:93:
7b:47:0d:97:d5:c3:8d:b5:c9:e6:0c:55:08:96:bf:
cd:60:bc:0a:9b:4f:42:e8:0c:24:d7:9d:5b:3c:72:
ec:02:7f:3e:e7:76:30:4f:12:ff:ff:80:74:3c:8e:
e9:a0:50:14:3c:5b:e7:b4:93:35:c7:21:f3:17:05:
83:1c:e7:2b:b9:49:67:c3:6b:1d:3b:59:1b:ba:4e:
83:6e:4c:05:56:c3:1f:8c:ac:ba:7f:ad:53:61:5d:
90:3f:58:6f:6e:22:1d:a8:a3:75:0c:e5:dc:b8:43:
d8:8e:a8:ea:56:06:5a:c5:45:93:e9:e7:2d:89:ba:
93:f4:29:92:a3:cf:b3:51:ee:50:b8:29:e9:3d:80:
78:ad:4d:81:23:a9:d7:b3:fb:05:46:40:0e:1f:cf:
03:a2:5f:d6:3f:c5:ac:01:68:3c:99:60:ee:73:f3:
fb:93:10:2f:b1:64:9d:35:44:f9:7d:df:4c:0a:ed:
10:03:4b:9d:f8:0e:2e:29:1a:9c:9e:05:88:78:3d:
e4:12:30:f8:32:2b:99:64:45:b1:cf:c5:ef:c9:40:
c0:63:7e:5b:ec:ea:f0:d8:a3:06:5a:0b:82:da:5b:
69:65:a4:d4:66:e3:85:6c:27:98:85:94:cd:ee:77:
b8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E4:F8:5E:B5:99:0B:BD:2E:CC:B5:52:D7:92:BA:5F:B4:1F:2C:06
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/mOT4XrWZC70uzLVS15K6X7QfLAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.206.92.0/22
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
79:61:df:69:fc:aa:19:d6:68:d1:a4:32:db:eb:e3:55:7e:17:
77:2b:cb:9a:58:d5:2e:82:0c:c8:f4:e2:3a:f9:1d:17:4c:1d:
0f:87:40:70:36:b4:cf:6d:57:c5:e6:d9:cf:75:32:25:00:93:
22:04:ba:29:5f:d1:4a:b2:79:d0:31:c8:09:4b:31:cd:7e:28:
4a:ef:3f:04:7e:7e:62:b6:00:28:66:6d:08:09:3e:74:ea:be:
cb:c3:b0:2c:06:1f:ce:ca:53:78:da:75:46:62:89:8d:e2:f9:
64:05:a6:13:0d:9c:99:c4:14:55:34:ce:3a:00:7c:1e:6c:47:
b6:3b:de:77:b9:51:42:02:f4:2e:40:73:05:59:a2:fe:3c:ff:
a0:bf:76:99:94:67:b8:d4:5c:c1:3e:3a:e1:75:fb:7c:0f:f2:
e6:f2:98:62:ac:52:ef:94:86:70:9c:77:2d:1c:a3:a1:ec:3a:
0b:e1:ba:41:4d:dc:b0:26:87:56:46:4f:1f:55:49:80:bb:3e:
c1:e9:ec:2c:4f:88:ae:70:5b:df:65:dc:50:37:49:41:6c:18:
db:fa:92:6d:bc:b7:f8:8c:ff:f8:37:99:19:fc:da:c5:03:cc:
58:c8:ad:2e:f4:91:8c:43:9c:5f:94:1d:ea:19:80:d6:04:ce:
cd:45:a9:40
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzPuwAG1qjVL5BWrmonoK30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjQwMTAzMTQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU0Zjg1ZWI1OTkwYmJkMmVjY2I1NTJkNzkyYmE1ZmI0MWYyYzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp6RgTtdXb04lDc+25N7Rw2X1cON
tcnmDFUIlr/NYLwKm09C6Awk151bPHLsAn8+53YwTxL//4B0PI7poFAUPFvntJM1
xyHzFwWDHOcruUlnw2sdO1kbuk6DbkwFVsMfjKy6f61TYV2QP1hvbiIdqKN1DOXc
uEPYjqjqVgZaxUWT6ectibqT9CmSo8+zUe5QuCnpPYB4rU2BI6nXs/sFRkAOH88D
ol/WP8WsAWg8mWDuc/P7kxAvsWSdNUT5fd9MCu0QA0ud+A4uKRqcngWIeD3kEjD4
MiuZZEWxz8XvyUDAY35b7Orw2KMGWguC2ltpZaTUZuOFbCeYhZTN7ne46QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJjk+F61mQu9Lsy1UteSul+0HywGMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvbU9UNFhyV1pDNzB1ekxWUzE1SzZYN1FmTEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCdM5cMA0E
AgACMAcDBQMqD2cAMA0GCSqGSIb3DQEBCwUAA4IBAQB5Yd9p/KoZ1mjRpDLb6+NV
fhd3K8uaWNUuggzI9OI6+R0XTB0Ph0BwNrTPbVfF5tnPdTIlAJMiBLopX9FKsnnQ
McgJSzHNfihK7z8Efn5itgAoZm0ICT506r7Lw7AsBh/OylN42nVGYomN4vlkBaYT
DZyZxBRVNM46AHwebEe2O953uVFCAvQuQHMFWaL+PP+gv3aZlGe41FzBPjrhdft8
D/Lm8phirFLvlIZwnHctHKOh7DoL4bpBTdywJodWRk8fVUmAuz7B6ewsT4iucFvf
ZdxQN0lBbBjb+pJtvLf4jP/4N5kZ/NrFA8xYyK0u9JGMQ5xflB3qGYDWBM7NRalA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:33 2024 by rpki-client on console-fra.rpki-client.org