Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/mhbVFMpbQiZbd9nTGqQFzoDO7MM.roa
File: mhbVFMpbQiZbd9nTGqQFzoDO7MM.roa (raw, json)
Hash identifier: myvM/VYtWZeLjfVIkL+PnIvBHic/qF5hsmHS/oiVAOg=
Subject key identifier: 9A:16:D5:14:CA:5B:42:26:5B:77:D9:D3:1A:A4:05:CE:80:CE:EC:C3
Certificate issuer: /CN=ab7ba43576667664ad6f29a666270e3357836f1a
Certificate serial: 0185707984EB4F86D4A02E37D16E91B9CD4F
Authority key identifier: AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/mhbVFMpbQiZbd9nTGqQFzoDO7MM.roa
Signing time: Mon 02 Jan 2023 03:14:49 +0000
ROA not before: Mon 02 Jan 2023 03:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60216
IP address blocks: 176.121.20.0/24 maxlen: 24
176.121.20.0/22 maxlen: 24
176.121.23.0/24 maxlen: 24
176.121.22.0/24 maxlen: 24
176.121.21.0/24 maxlen: 24
2001:67c:18d0::/48 maxlen: 48
2001:67c:1bc0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:84:eb:4f:86:d4:a0:2e:37:d1:6e:91:b9:cd:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7ba43576667664ad6f29a666270e3357836f1a
Validity
Not Before: Jan 2 03:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a16d514ca5b42265b77d9d31aa405ce80ceecc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:46:90:de:fc:10:a1:38:a7:68:fe:0e:49:29:
e1:5d:c3:81:3f:6e:3d:c6:72:06:d0:e5:a2:41:fd:
99:f1:86:ca:5b:62:b1:2b:9f:09:73:01:a4:66:0e:
3d:bb:01:ae:ac:fe:e5:dc:48:77:0b:4d:2f:03:48:
09:c9:72:79:26:59:13:0f:bd:c7:e6:88:7b:77:d5:
15:bc:81:e6:cb:a8:d0:5f:49:d0:d9:02:5a:7f:e9:
03:68:8a:fb:a1:6e:3c:0e:39:aa:92:38:3a:aa:84:
30:39:c7:45:1c:bb:4c:60:21:8a:be:3c:7d:75:c5:
d9:d2:16:16:18:a4:9a:71:e2:6f:bf:65:0f:aa:49:
39:89:a0:c7:87:54:8d:cc:c0:9d:e7:fe:a2:8b:19:
9f:11:24:3a:2d:a3:56:0d:8d:ee:07:2d:60:1d:24:
f0:38:3a:72:6d:7d:ec:e3:b6:45:d1:79:6a:7b:c4:
f0:ea:7b:a3:f6:d3:0c:36:92:8e:b1:fe:24:5d:50:
13:f4:84:ba:b3:c8:20:2b:fb:c3:75:a6:a8:3e:a0:
ab:60:ee:6d:20:7c:66:84:5f:66:c4:30:a6:24:99:
16:f3:74:5c:f2:3d:b9:1f:83:d0:94:11:8f:48:57:
d3:26:79:53:56:aa:97:51:a3:c7:71:e9:6e:76:3d:
3e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:16:D5:14:CA:5B:42:26:5B:77:D9:D3:1A:A4:05:CE:80:CE:EC:C3
X509v3 Authority Key Identifier:
keyid:AB:7B:A4:35:76:66:76:64:AD:6F:29:A6:66:27:0E:33:57:83:6F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3ukNXZmdmStbymmZicOM1eDbxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/mhbVFMpbQiZbd9nTGqQFzoDO7MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/0e1f91-c3ed-435d-a45f-23ac758048ec/1/q3ukNXZmdmStbymmZicOM1eDbxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.121.20.0/22
IPv6:
2001:67c:18d0::/48
2001:67c:1bc0::/48
Signature Algorithm: sha256WithRSAEncryption
7b:d5:78:76:f6:d6:14:e0:2d:72:3f:e2:97:17:d8:c3:76:1d:
22:f3:47:8b:9c:12:aa:f2:78:9c:20:16:4f:aa:ed:da:01:f2:
87:0a:ca:fd:5f:c5:e1:13:3e:00:71:d8:f6:1b:a7:a8:87:9a:
ff:64:fb:ea:91:46:b9:2e:62:87:4f:0a:89:2f:66:c0:d8:55:
b7:62:03:bd:91:ec:2a:da:80:9f:46:e0:62:66:af:54:c3:eb:
21:3d:26:80:ed:db:15:4b:6b:ce:65:12:b1:33:30:bf:26:58:
55:9d:c2:41:2c:e2:e3:2e:4e:3d:26:d4:58:39:55:ea:c1:65:
ef:3b:fa:01:18:5e:c9:ab:62:b1:fa:d5:51:92:9e:c2:db:e8:
26:a3:ea:7e:a1:dd:71:25:5f:2d:33:59:ae:9d:d6:db:4d:5c:
fa:fe:c9:26:72:78:ab:f2:10:d7:b7:95:bf:3b:6f:f5:35:bd:
ac:f6:f4:fc:86:0f:46:77:4b:9a:b9:6c:ea:52:c2:70:69:36:
4a:fa:f0:a1:57:42:cc:47:02:95:18:c0:b9:e2:f2:c7:62:c8:
81:64:cd:47:d2:8f:1e:45:a1:c3:cc:15:6d:b7:4b:2c:70:9a:
97:6c:40:d3:7f:b9:fc:e7:a5:f0:9f:62:37:54:01:4a:94:ea:
4d:56:4d:c7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVweYTrT4bUoC430W6Ruc1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2JhNDM1NzY2Njc2NjRhZDZmMjlhNjY2MjcwZTMzNTc4
MzZmMWEwHhcNMjMwMTAyMDMxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE2ZDUxNGNhNWI0MjI2NWI3N2Q5ZDMxYWE0MDVjZTgwY2VlY2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0aQ3vwQoTinaP4OSSnhXcOBP249
xnIG0OWiQf2Z8YbKW2KxK58JcwGkZg49uwGurP7l3Eh3C00vA0gJyXJ5JlkTD73H
5oh7d9UVvIHmy6jQX0nQ2QJaf+kDaIr7oW48Djmqkjg6qoQwOcdFHLtMYCGKvjx9
dcXZ0hYWGKSaceJvv2UPqkk5iaDHh1SNzMCd5/6iixmfESQ6LaNWDY3uBy1gHSTw
ODpybX3s47ZF0Xlqe8Tw6nuj9tMMNpKOsf4kXVAT9IS6s8ggK/vDdaaoPqCrYO5t
IHxmhF9mxDCmJJkW83Rc8j25H4PQlBGPSFfTJnlTVqqXUaPHceludj0+0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJoW1RTKW0ImW3fZ0xqkBc6AzuzDMB8GA1UdIwQY
MBaAFKt7pDV2ZnZkrW8ppmYnDjNXg28aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYt
MjNhYzc1ODA0OGVjLzEvbWhiVkZNcGJRaVpiZDluVEdxUUZ6b0RPN01NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wZTFmOTEtYzNlZC00MzVkLWE0NWYtMjNhYzc1ODA0OGVj
LzEvcTN1a05YWm1kbVN0YnltbVppY09NMWVEYnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCsHkUMBgE
AgACMBIDBwAgAQZ8GNADBwAgAQZ8G8AwDQYJKoZIhvcNAQELBQADggEBAHvVeHb2
1hTgLXI/4pcX2MN2HSLzR4ucEqryeJwgFk+q7doB8ocKyv1fxeETPgBx2PYbp6iH
mv9k++qRRrkuYodPCokvZsDYVbdiA72R7CragJ9G4GJmr1TD6yE9JoDt2xVLa85l
ErEzML8mWFWdwkEs4uMuTj0m1Fg5VerBZe87+gEYXsmrYrH61VGSnsLb6Caj6n6h
3XElXy0zWa6d1ttNXPr+ySZyeKvyENe3lb87b/U1vaz29PyGD0Z3S5q5bOpSwnBp
Nkr68KFXQsxHApUYwLni8sdiyIFkzUfSjx5FocPMFW23SyxwmpdsQNN/ufznpfCf
YjdUAUqU6k1WTcc=
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:14 2024 by rpki-client on console-ams.rpki-client.org