Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/mfzXAQcbnC_j6ryVzQjKTyh3dvI.roa
File: mfzXAQcbnC_j6ryVzQjKTyh3dvI.roa (raw, json)
Hash identifier: O0dIDgWX/4rLRln5uzlHHp8ZkxiluFIKUgjZwEcEGbE=
Subject key identifier: 99:FC:D7:01:07:1B:9C:2F:E3:EA:BC:95:CD:08:CA:4F:28:77:76:F2
Certificate issuer: /CN=8ad9281aafefc8375ad8b4b7e604899555952237
Certificate serial: 0185730CAA1D4AE84C932D79EE0F93B44866
Authority key identifier: 8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/mfzXAQcbnC_j6ryVzQjKTyh3dvI.roa
Signing time: Mon 02 Jan 2023 15:14:47 +0000
ROA not before: Mon 02 Jan 2023 15:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50864
IP address blocks: 185.160.89.0/24 maxlen: 24
185.160.88.0/24 maxlen: 24
2a07:bbc2:1::/48 maxlen: 48
2a07:bbc2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:0c:aa:1d:4a:e8:4c:93:2d:79:ee:0f:93:b4:48:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad9281aafefc8375ad8b4b7e604899555952237
Validity
Not Before: Jan 2 15:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99fcd701071b9c2fe3eabc95cd08ca4f287776f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7b:9e:4f:33:db:60:15:c2:d5:aa:0b:5c:f4:
44:98:20:62:96:ee:a1:0c:57:b3:af:37:b7:88:c9:
6f:f8:00:fb:9d:d1:2e:d2:d3:77:84:d6:c1:6e:cc:
45:1d:4c:f6:2f:ff:22:ce:6d:a7:0d:c5:fa:89:fd:
0f:ac:a1:a6:9d:3a:49:1e:a0:77:69:75:a9:07:1e:
b0:d6:71:bc:61:0a:5d:7d:0c:47:c9:5a:31:67:20:
97:ba:d8:41:30:41:72:b6:56:5d:12:96:c8:ed:2f:
de:8b:e6:90:5d:7d:91:ad:49:07:ab:4f:71:2e:cb:
52:7e:a7:70:8a:80:7b:a0:61:c6:1b:31:6a:b5:d6:
6c:ec:7a:76:44:2c:1c:6b:71:61:c3:d9:3d:36:3f:
d0:27:00:ad:63:f7:da:79:54:6e:02:86:42:60:d3:
ac:da:27:0c:a3:44:02:6c:fd:4e:87:89:f6:a0:a2:
c3:a1:28:19:83:f2:1f:77:c8:7c:f4:d2:77:b8:b1:
22:a1:a3:ea:5d:d8:2e:77:49:61:65:0c:16:a3:20:
a2:34:7d:d3:a3:5a:0f:3d:48:77:b8:35:1c:73:09:
74:bf:eb:e8:27:02:51:5b:cf:e9:92:58:8b:0e:3d:
2c:7b:40:a7:f3:18:89:b7:af:2f:c0:1d:ed:21:8c:
6d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FC:D7:01:07:1B:9C:2F:E3:EA:BC:95:CD:08:CA:4F:28:77:76:F2
X509v3 Authority Key Identifier:
keyid:8A:D9:28:1A:AF:EF:C8:37:5A:D8:B4:B7:E6:04:89:95:55:95:22:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itkoGq_vyDda2LS35gSJlVWVIjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/mfzXAQcbnC_j6ryVzQjKTyh3dvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/058509-2fe7-486b-b4ad-8c74f9dd67fc/1/itkoGq_vyDda2LS35gSJlVWVIjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.88.0/23
IPv6:
2a07:bbc2::/47
Signature Algorithm: sha256WithRSAEncryption
61:bc:b1:08:05:3c:e5:05:b2:85:58:49:06:3c:17:b0:be:dd:
a6:9b:65:0e:b6:5c:90:43:6a:fd:22:60:14:ab:41:41:ba:b8:
df:35:19:5c:87:1f:14:ed:1a:47:c9:61:b7:f8:87:df:cd:cc:
69:96:15:2c:36:1d:c5:82:9f:33:c0:3d:21:ae:06:ce:d9:40:
6d:6c:db:2c:12:f1:6a:3c:59:9e:27:9b:4e:ac:5e:2b:0c:96:
84:3d:8e:88:3e:ad:50:90:92:fa:ed:15:c2:ff:d1:10:f4:59:
c1:aa:04:c8:45:6a:9d:e2:76:20:53:0c:f3:b0:0c:1c:68:58:
34:73:71:75:9e:c9:54:d2:5c:bd:bb:b2:09:90:13:b2:e3:b3:
62:81:d2:7b:34:6d:2e:fe:91:6e:3d:0f:90:ea:93:bc:0c:c0:
fa:fe:24:6a:96:c9:df:96:fe:0b:aa:3b:85:5e:37:bb:44:9a:
2f:b9:74:30:0d:67:11:de:0c:12:92:f9:09:71:50:48:c8:f2:
1e:09:39:87:e2:31:28:49:b1:66:f4:31:85:fe:98:19:84:e5:
9b:be:e6:f7:06:5e:c4:47:b6:c8:11:f7:e8:e7:f5:35:19:ec:
53:1b:23:66:d1:4b:f3:3b:3c:24:b3:29:42:23:be:30:5e:c7:
e4:31:d0:69
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVzDKodSuhMky157g+TtEhmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDkyODFhYWZlZmM4Mzc1YWQ4YjRiN2U2MDQ4OTk1NTU5
NTIyMzcwHhcNMjMwMTAyMTUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWZjZDcwMTA3MWI5YzJmZTNlYWJjOTVjZDA4Y2E0ZjI4Nzc3NmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXueTzPbYBXC1aoLXPREmCBilu6h
DFezrze3iMlv+AD7ndEu0tN3hNbBbsxFHUz2L/8izm2nDcX6if0PrKGmnTpJHqB3
aXWpBx6w1nG8YQpdfQxHyVoxZyCXuthBMEFytlZdEpbI7S/ei+aQXX2RrUkHq09x
LstSfqdwioB7oGHGGzFqtdZs7Hp2RCwca3Fhw9k9Nj/QJwCtY/faeVRuAoZCYNOs
2icMo0QCbP1Oh4n2oKLDoSgZg/Ifd8h89NJ3uLEioaPqXdgud0lhZQwWoyCiNH3T
o1oPPUh3uDUccwl0v+voJwJRW8/pkliLDj0se0Cn8xiJt68vwB3tIYxtLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJn81wEHG5wv4+q8lc0Iyk8od3byMB8GA1UdIwQY
MBaAFIrZKBqv78g3Wti0t+YEiZVVlSI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQt
OGM3NGY5ZGQ2N2ZjLzEvbWZ6WEFRY2JuQ19qNnJ5VnpRaktUeWgzZHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wNTg1MDktMmZlNy00ODZiLWI0YWQtOGM3NGY5ZGQ2N2Zj
LzEvaXRrb0dxX3Z5RGRhMkxTMzVnU0psVldWSWpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuaBYMA8E
AgACMAkDBwEqB7vCAAAwDQYJKoZIhvcNAQELBQADggEBAGG8sQgFPOUFsoVYSQY8
F7C+3aabZQ62XJBDav0iYBSrQUG6uN81GVyHHxTtGkfJYbf4h9/NzGmWFSw2HcWC
nzPAPSGuBs7ZQG1s2ywS8Wo8WZ4nm06sXisMloQ9jog+rVCQkvrtFcL/0RD0WcGq
BMhFap3idiBTDPOwDBxoWDRzcXWeyVTSXL27sgmQE7Ljs2KB0ns0bS7+kW49D5Dq
k7wMwPr+JGqWyd+W/guqO4VeN7tEmi+5dDANZxHeDBKS+QlxUEjI8h4JOYfiMShJ
sWb0MYX+mBmE5Zu+5vcGXsRHtsgR9+jn9TUZ7FMbI2bRS/M7PCSzKUIjvjBex+Qx
0Gk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:40 2024 by rpki-client on console-ams.rpki-client.org