Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/MkpDbfHEISiFJrWHkNWWxfpohZY.roa
File: MkpDbfHEISiFJrWHkNWWxfpohZY.roa (raw, json)
Hash identifier: D7hwM+h8GcIAZixjGtsP0QqkK9srm6MQaOtkEPxdkkQ=
Subject key identifier: 32:4A:43:6D:F1:C4:21:28:85:26:B5:87:90:D5:96:C5:FA:68:85:96
Certificate issuer: /CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Certificate serial: 01856CC1733188CEEB115674E8627D846A35
Authority key identifier: F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/MkpDbfHEISiFJrWHkNWWxfpohZY.roa
Signing time: Sun 01 Jan 2023 09:54:55 +0000
ROA not before: Sun 01 Jan 2023 09:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60729
IP address blocks: 185.177.207.0/24 maxlen: 24
2a0a:4587:2010::/46 maxlen: 46
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:73:31:88:ce:eb:11:56:74:e8:62:7d:84:6a:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8a966664ec96edbd12e8e82e940bfb9faec105e
Validity
Not Before: Jan 1 09:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=324a436df1c421288526b58790d596c5fa688596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6a:7f:bd:39:63:70:ce:b9:6a:72:86:96:f4:
87:5e:01:d8:ca:1c:26:32:ff:02:68:c6:c4:db:de:
bc:0b:9b:92:d2:de:f0:cc:36:ca:a6:81:78:2f:cc:
a2:19:1c:7b:9a:93:68:5b:75:4b:3f:57:92:ff:30:
4c:80:dc:45:48:90:8e:b1:c8:50:cc:ca:81:e7:3d:
36:1f:a8:7a:65:7a:fc:23:a5:78:e5:4e:0e:03:04:
15:a8:af:1f:5d:b0:f4:c6:73:7f:23:c6:2a:71:36:
bc:63:f6:ed:28:bf:a8:41:70:85:5e:b7:e7:53:50:
60:2f:6f:bc:a6:d0:5b:87:d0:58:64:23:59:4b:3e:
78:31:09:3e:11:48:6e:8a:9a:34:a7:77:3e:47:49:
51:8a:93:1c:c2:d3:4e:fa:48:96:96:03:e7:c1:80:
80:05:e1:60:5c:dc:96:d4:c6:a6:b8:63:22:df:64:
a7:11:94:61:e3:a8:ff:c6:c0:db:f5:4b:70:5a:f1:
c9:79:5e:94:fe:a4:c4:34:d7:56:2e:f7:4d:97:b8:
c7:e1:96:9d:6d:c0:9e:99:b7:ca:96:2d:33:fa:38:
a0:a7:65:5b:0e:a7:92:13:f4:b8:8b:8b:b2:5a:32:
c1:ee:47:a4:65:ca:ff:f1:a3:88:90:b6:9e:15:90:
eb:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4A:43:6D:F1:C4:21:28:85:26:B5:87:90:D5:96:C5:FA:68:85:96
X509v3 Authority Key Identifier:
keyid:F8:A9:66:66:4E:C9:6E:DB:D1:2E:8E:82:E9:40:BF:B9:FA:EC:10:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/MkpDbfHEISiFJrWHkNWWxfpohZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/64ab99-49aa-4aae-8dd5-382355fc2ff1/1/1-KlmZk7JbtvRLo6C6UC_ufrsEF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.207.0/24
IPv6:
2a0a:4587:2010::/46
Signature Algorithm: sha256WithRSAEncryption
00:9f:ae:b4:63:33:3f:b4:da:62:7c:4c:e9:80:dd:fa:b4:b1:
f5:b6:cc:c3:75:02:6a:36:63:c5:40:d7:73:97:91:44:60:84:
fd:02:ff:4e:ca:99:0e:9f:b8:8f:b1:be:27:80:b4:96:e1:d4:
70:0d:0f:4d:ed:4b:a0:fa:3e:a3:64:91:df:a9:f8:03:44:6d:
82:e4:b3:ad:2c:b7:fa:7f:8a:e3:c4:9b:b5:65:eb:08:39:82:
6c:c0:2a:e2:0a:91:9d:b1:7a:d0:aa:32:b4:75:16:c0:4a:01:
a0:0d:62:a3:e1:63:e9:94:cf:36:9c:81:e3:1b:e1:27:43:e8:
cd:82:a6:a5:00:a2:0c:e5:ad:14:4b:23:63:f5:84:6c:5d:3e:
ea:8c:23:da:53:5d:f5:5c:49:58:91:0f:e4:63:fe:0a:1c:c7:
66:9d:c9:67:95:44:70:16:43:0e:09:66:74:84:7a:89:5f:9c:
4b:4a:9b:dd:b5:43:23:05:4f:d9:6a:58:25:9f:49:1a:52:17:
bb:1c:43:4e:46:83:79:cf:52:47:41:b9:14:95:a8:d4:4f:ef:
8e:02:77:51:71:bf:3e:77:67:47:a6:13:fb:4f:19:db:7d:d9:
03:b5:b7:69:09:b9:b5:c3:91:40:bf:85:ee:a8:cf:ec:fc:65:
22:b6:27:fb
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYVswXMxiM7rEVZ06GJ9hGo1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4YTk2NjY2NGVjOTZlZGJkMTJlOGU4MmU5NDBiZmI5ZmFl
YzEwNWUwHhcNMjMwMTAxMDk1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRhNDM2ZGYxYzQyMTI4ODUyNmI1ODc5MGQ1OTZjNWZhNjg4NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2p/vTljcM65anKGlvSHXgHYyhwm
Mv8CaMbE2968C5uS0t7wzDbKpoF4L8yiGRx7mpNoW3VLP1eS/zBMgNxFSJCOschQ
zMqB5z02H6h6ZXr8I6V45U4OAwQVqK8fXbD0xnN/I8YqcTa8Y/btKL+oQXCFXrfn
U1BgL2+8ptBbh9BYZCNZSz54MQk+EUhuipo0p3c+R0lRipMcwtNO+kiWlgPnwYCA
BeFgXNyW1MamuGMi32SnEZRh46j/xsDb9UtwWvHJeV6U/qTENNdWLvdNl7jH4Zad
bcCembfKli0z+jigp2VbDqeSE/S4i4uyWjLB7kekZcr/8aOIkLaeFZDrLQIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFDJKQ23xxCEohSa1h5DVlsX6aIWWMB8GA1UdIwQY
MBaAFPipZmZOyW7b0S6OgulAv7n67BBeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1LbG1aazdKYnR2UkxvNkM2VUNfdWZyc0VGNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1
LTM4MjM1NWZjMmZmMS8xL01rcERiZkhFSVNpRkpyV0hrTldXeGZwb2haWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDUvNjRhYjk5LTQ5YWEtNGFhZS04ZGQ1LTM4MjM1NWZjMmZm
MS8xLzEtS2xtWms3SmJ0dlJMbzZDNlVDX3VmcnNFRjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBAC5sc8w
DwQCAAIwCQMHAioKRYcgEDANBgkqhkiG9w0BAQsFAAOCAQEAAJ+utGMzP7TaYnxM
6YDd+rSx9bbMw3UCajZjxUDXc5eRRGCE/QL/TsqZDp+4j7G+J4C0luHUcA0PTe1L
oPo+o2SR36n4A0RtguSzrSy3+n+K48SbtWXrCDmCbMAq4gqRnbF60KoytHUWwEoB
oA1io+Fj6ZTPNpyB4xvhJ0PozYKmpQCiDOWtFEsjY/WEbF0+6owj2lNd9VxJWJEP
5GP+ChzHZp3JZ5VEcBZDDglmdIR6iV+cS0qb3bVDIwVP2WpYJZ9JGlIXuxxDTkaD
ec9SR0G5FJWo1E/vjgJ3UXG/PndnR6YT+08Z233ZA7W3aQm5tcORQL+F7qjP7Pxl
IrYn+w==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:45 2024 by rpki-client on console-ams.rpki-client.org