Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/mHzZzgknUAcrvhj_kjntELHvMB0.roa
File: mHzZzgknUAcrvhj_kjntELHvMB0.roa (raw, json)
Hash identifier: gwynICDbz58p3mWrfvUhWqu+cbZbFB/4R9mNZkHZYwo=
Subject key identifier: 98:7C:D9:CE:09:27:50:07:2B:BE:18:FF:92:39:ED:10:B1:EF:30:1D
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0191C1BB4A460E77648A9E73A7B9FDBAF8BC
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/mHzZzgknUAcrvhj_kjntELHvMB0.roa
Signing time: Thu 05 Sep 2024 10:29:22 +0000
ROA not before: Thu 05 Sep 2024 10:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60246
IP address blocks: 85.198.120.0/21 maxlen: 32
2a00:8740:ff00::/48 maxlen: 128
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c1:bb:4a:46:0e:77:64:8a:9e:73:a7:b9:fd:ba:f8:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Sep 5 10:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=987cd9ce092750072bbe18ff9239ed10b1ef301d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f1:c0:e1:bb:d3:0f:84:f8:5c:22:ed:67:af:
ff:63:5f:ef:b4:67:cd:d4:78:c3:c5:c9:7b:4f:99:
1f:5b:3d:7d:68:1d:9c:23:65:d9:64:bf:0d:fc:ea:
a5:dd:15:40:74:54:ef:63:32:9b:33:0a:79:b1:6b:
d5:b6:71:de:0a:87:97:bf:f8:e8:69:d3:e5:00:6c:
66:48:9a:bc:78:bf:24:53:98:02:aa:73:eb:d0:9e:
87:63:35:a2:ad:fe:2b:8f:68:ec:07:f0:b3:f0:81:
86:f3:14:9a:bf:fa:01:f8:0d:f6:47:12:c9:ce:43:
f1:ee:d1:30:2c:99:a4:d4:df:db:d6:ab:f9:02:b0:
20:d9:05:c2:58:70:c0:9b:60:69:0a:83:5d:79:c5:
71:d1:95:fd:88:2c:a8:23:72:43:b6:86:23:e1:01:
c6:3a:25:62:f2:1e:14:8b:f4:ad:ec:31:c3:26:e3:
62:20:01:1d:3e:b3:c7:da:eb:6f:1b:eb:88:2d:84:
f2:7a:ea:9d:19:74:ef:81:f5:89:01:ea:c2:96:58:
bf:4b:8f:8f:00:3e:c3:cd:eb:1c:c4:a3:a4:3f:d6:
69:59:32:eb:54:66:ef:cc:4c:d6:f7:ba:9a:a9:2d:
a5:e4:bd:5f:aa:39:b9:e6:0b:8d:86:77:eb:3a:2b:
c8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:7C:D9:CE:09:27:50:07:2B:BE:18:FF:92:39:ED:10:B1:EF:30:1D
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/mHzZzgknUAcrvhj_kjntELHvMB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.120.0/21
IPv6:
2a00:8740:ff00::/48
Signature Algorithm: sha256WithRSAEncryption
9a:6d:e5:50:03:d1:e9:3e:85:15:74:26:db:f8:dd:13:fc:c3:
5c:88:aa:e9:ed:23:a2:b5:ce:a4:75:66:75:44:0e:2d:36:fa:
6b:20:32:aa:d2:22:a2:23:82:ef:7e:24:ce:2f:ed:e2:87:6b:
41:cf:ae:91:01:d7:a8:48:10:af:ad:d7:c7:a8:14:0f:1d:07:
79:dd:57:d3:f1:28:20:ec:38:28:c8:09:d3:e1:ff:f7:95:2b:
25:cf:d1:43:11:d5:16:a5:ca:d5:eb:6e:3f:ad:80:59:21:cf:
46:93:87:cd:09:9f:a1:ab:47:43:a2:49:80:9f:30:81:72:d9:
03:74:c8:d8:8a:98:a1:b9:07:d1:3c:93:ce:f5:e3:2b:b5:fa:
28:e2:2c:0e:82:d6:e0:2f:2a:41:e1:dd:b2:cd:da:6c:a7:af:
14:26:2d:f6:3b:09:8e:48:da:e6:37:2d:23:8a:29:28:ac:af:
7b:7c:28:81:bd:8f:51:52:be:8f:63:9a:0c:16:3c:e4:01:1f:
47:40:a4:31:1a:59:01:f0:ad:64:cd:2f:17:c8:72:88:3d:45:
47:89:0c:d8:3d:ac:8d:6c:88:d0:43:2f:ff:e9:22:af:e7:51:
79:eb:33:be:ff:fa:56:c4:b1:af:16:d9:28:50:7d:5b:88:e5:
61:dd:6f:53
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZHBu0pGDndkip5zp7n9uvi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjQwOTA1MTAyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODdjZDljZTA5Mjc1MDA3MmJiZTE4ZmY5MjM5ZWQxMGIxZWYzMDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PHA4bvTD4T4XCLtZ6//Y1/vtGfN
1HjDxcl7T5kfWz19aB2cI2XZZL8N/Oql3RVAdFTvYzKbMwp5sWvVtnHeCoeXv/jo
adPlAGxmSJq8eL8kU5gCqnPr0J6HYzWirf4rj2jsB/Cz8IGG8xSav/oB+A32RxLJ
zkPx7tEwLJmk1N/b1qv5ArAg2QXCWHDAm2BpCoNdecVx0ZX9iCyoI3JDtoYj4QHG
OiVi8h4Ui/St7DHDJuNiIAEdPrPH2utvG+uILYTyeuqdGXTvgfWJAerClli/S4+P
AD7DzescxKOkP9ZpWTLrVGbvzEzW97qaqS2l5L1fqjm55guNhnfrOivIOwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJh82c4JJ1AHK74Y/5I57RCx7zAdMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvbUh6Wnpna25VQWNydmhqX2tqbnRFTEh2TUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDVcZ4MA8E
AgACMAkDBwAqAIdA/wAwDQYJKoZIhvcNAQELBQADggEBAJpt5VAD0ek+hRV0Jtv4
3RP8w1yIquntI6K1zqR1ZnVEDi02+msgMqrSIqIjgu9+JM4v7eKHa0HPrpEB16hI
EK+t18eoFA8dB3ndV9PxKCDsOCjICdPh//eVKyXP0UMR1RalytXrbj+tgFkhz0aT
h80Jn6GrR0OiSYCfMIFy2QN0yNiKmKG5B9E8k8714yu1+ijiLA6C1uAvKkHh3bLN
2mynrxQmLfY7CY5I2uY3LSOKKSisr3t8KIG9j1FSvo9jmgwWPOQBH0dApDEaWQHw
rWTNLxfIcog9RUeJDNg9rI1siNBDL//pIq/nUXnrM77/+lbEsa8W2ShQfVuI5WHd
b1M=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:49 2025 by rpki-client