Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Mhx-9kOdPNl278cLTcBwdGG0W38.roa
File: Mhx-9kOdPNl278cLTcBwdGG0W38.roa (raw, json)
Hash identifier: s4sdEzBAB8jVffUuomGzSfND+WGVSv5poIDteSS85ds=
Subject key identifier: 32:1C:7E:F6:43:9D:3C:D9:76:EF:C7:0B:4D:C0:70:74:61:B4:5B:7F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01856EAFD3CD1867E2D5C679FD6DD24339C4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Mhx-9kOdPNl278cLTcBwdGG0W38.roa
Signing time: Sun 01 Jan 2023 18:54:54 +0000
ROA not before: Sun 01 Jan 2023 18:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211936
IP address blocks: 88.216.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 06:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:d3:cd:18:67:e2:d5:c6:79:fd:6d:d2:43:39:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 18:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=321c7ef6439d3cd976efc70b4dc0707461b45b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a7:c3:a2:ff:a3:0f:44:dc:bc:c1:26:a7:7f:
71:ef:13:83:3c:2b:c6:fb:98:62:72:b9:c3:ff:f9:
0c:3e:00:43:fa:8b:a0:66:9d:ac:67:48:3b:b0:10:
6d:22:4a:98:f0:13:84:d3:b4:57:fa:b6:e8:2f:36:
35:61:eb:ea:64:12:fd:a3:52:56:c5:a1:97:4a:b6:
69:3e:b6:94:25:53:0a:ff:bc:db:0c:a2:df:d5:f2:
3b:1c:97:d6:a9:c4:f1:7b:f9:96:4c:ca:e8:be:df:
b6:38:42:9d:6f:b4:d0:35:0d:2e:3b:13:99:85:79:
50:ac:ce:8a:52:83:ce:9e:2e:58:89:0f:9a:a4:65:
23:95:f5:43:9b:27:bd:cd:46:25:87:7e:9e:6e:5f:
1c:8a:28:bf:b2:96:96:06:5c:4a:ab:0b:01:8a:1d:
e3:0e:17:a0:45:d2:66:fa:90:04:c3:93:0e:73:4e:
c8:25:9b:9d:15:68:3b:e9:1e:1a:35:c1:0c:41:35:
41:6d:f3:aa:68:49:fd:7e:14:b8:13:cf:64:3d:61:
29:ca:54:ab:8d:2b:7a:24:cf:36:a8:63:d6:4a:8d:
fe:1c:4c:c6:b6:14:94:7d:54:18:f8:42:81:4f:b2:
9a:27:25:f3:cc:d5:52:fe:0f:93:ab:60:0a:29:71:
7e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:1C:7E:F6:43:9D:3C:D9:76:EF:C7:0B:4D:C0:70:74:61:B4:5B:7F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Mhx-9kOdPNl278cLTcBwdGG0W38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:5f:55:ca:b0:9e:f0:a0:f4:c6:8e:fe:6e:e8:8f:0f:ae:de:
e6:6d:b3:03:e3:a6:d6:eb:46:78:28:15:8f:92:d1:c3:49:fa:
d7:ed:1c:9f:c4:7a:60:73:14:1c:bc:ea:d4:d7:0c:de:8b:a6:
70:ae:0c:a3:da:54:47:69:a9:6d:43:2b:da:30:7c:73:f5:4b:
35:64:47:00:2c:57:31:d9:04:4c:e2:66:63:85:f1:c1:d7:3a:
8f:e8:e0:a7:f4:14:14:87:23:bd:d2:ba:1a:18:82:a0:ca:20:
cb:26:32:2a:b3:82:7b:31:be:09:24:48:80:89:31:9c:b4:b0:
f6:70:95:f6:32:12:03:93:88:50:cd:fc:e6:cf:08:95:aa:7b:
7e:f9:61:02:c2:33:79:68:f3:6a:c7:e7:a4:de:55:fb:7c:f9:
d4:79:a4:a5:63:f6:eb:f4:ab:5c:9a:1e:a2:51:a4:05:62:ca:
12:55:4b:4b:94:7a:94:c1:c6:67:92:5e:b3:f3:73:cb:02:2a:
97:a1:83:94:c1:2f:25:54:75:ff:c9:16:09:f5:6b:ee:9f:7f:
10:da:6e:8a:5a:7d:84:3d:7e:11:0f:a8:38:14:02:95:fc:c5:
47:f3:42:3e:ec:c8:ae:ac:01:e8:de:fb:1c:92:03:3b:4b:82:
6d:a8:40:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur9PNGGfi1cZ5/W3SQznEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwMTAxMTg1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjFjN2VmNjQzOWQzY2Q5NzZlZmM3MGI0ZGMwNzA3NDYxYjQ1YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqfDov+jD0TcvMEmp39x7xODPCvG
+5hicrnD//kMPgBD+ougZp2sZ0g7sBBtIkqY8BOE07RX+rboLzY1YevqZBL9o1JW
xaGXSrZpPraUJVMK/7zbDKLf1fI7HJfWqcTxe/mWTMrovt+2OEKdb7TQNQ0uOxOZ
hXlQrM6KUoPOni5YiQ+apGUjlfVDmye9zUYlh36ebl8ciii/spaWBlxKqwsBih3j
DhegRdJm+pAEw5MOc07IJZudFWg76R4aNcEMQTVBbfOqaEn9fhS4E89kPWEpylSr
jSt6JM82qGPWSo3+HEzGthSUfVQY+EKBT7KaJyXzzNVS/g+Tq2AKKXF++QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDIcfvZDnTzZdu/HC03AcHRhtFt/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTWh4LTlrT2RQTmwyNzhjTFRjQndkR0cwVzM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNjQMA0G
CSqGSIb3DQEBCwUAA4IBAQB6X1XKsJ7woPTGjv5u6I8Prt7mbbMD46bW60Z4KBWP
ktHDSfrX7RyfxHpgcxQcvOrU1wzei6Zwrgyj2lRHaaltQyvaMHxz9Us1ZEcALFcx
2QRM4mZjhfHB1zqP6OCn9BQUhyO90roaGIKgyiDLJjIqs4J7Mb4JJEiAiTGctLD2
cJX2MhIDk4hQzfzmzwiVqnt++WECwjN5aPNqx+ek3lX7fPnUeaSlY/br9Ktcmh6i
UaQFYsoSVUtLlHqUwcZnkl6z83PLAiqXoYOUwS8lVHX/yRYJ9Wvun38Q2m6KWn2E
PX4RD6g4FAKV/MVH80I+7MiurAHo3vsckgM7S4JtqECq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org