Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/Mndz_XyZQ1eQwwFfiImbKvckfHA.roa
File: Mndz_XyZQ1eQwwFfiImbKvckfHA.roa (raw, json)
Hash identifier: eoRND9Eesi+gw8igjYm35mQjCLW5J12GpeyM+nqAyTk=
Subject key identifier: 32:77:73:FD:7C:99:43:57:90:C3:01:5F:88:89:9B:2A:F7:24:7C:70
Certificate issuer: /CN=a663abd479cbff76082304bf60d03adc3187d936
Certificate serial: 01856F6FFD6E432C6A20AE298F880A0E8833
Authority key identifier: A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/Mndz_XyZQ1eQwwFfiImbKvckfHA.roa
Signing time: Sun 01 Jan 2023 22:24:48 +0000
ROA not before: Sun 01 Jan 2023 22:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:fd:6e:43:2c:6a:20:ae:29:8f:88:0a:0e:88:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a663abd479cbff76082304bf60d03adc3187d936
Validity
Not Before: Jan 1 22:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=327773fd7c99435790c3015f88899b2af7247c70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:04:4d:1f:bd:cb:b6:d0:9b:38:15:a1:c5:16:
69:7f:3e:90:63:ec:47:7f:ea:7e:50:2c:b2:79:5c:
b4:61:aa:55:c9:b2:15:89:9b:01:59:a3:34:4c:a3:
60:e5:15:a9:a1:07:04:de:92:12:56:52:51:d5:9f:
1a:47:3f:33:02:11:c7:b4:a0:dd:36:fd:c6:37:16:
e8:2f:ea:b3:93:17:68:27:3b:47:7b:5c:b7:86:de:
da:c5:ca:df:6c:9d:a6:07:1e:46:72:0c:9d:cd:94:
24:6d:7e:d1:5f:d1:44:86:8a:8e:75:cf:ed:ec:c6:
5a:fa:e0:92:a0:a7:35:0f:62:49:b3:64:ba:7b:24:
c8:47:84:82:4c:0f:86:cf:f9:27:52:e8:6c:e2:04:
e2:d2:24:09:b1:e8:9e:58:6f:04:ed:67:e7:1b:9b:
f1:4d:ca:4c:fc:c3:e2:59:97:c0:dc:cb:ab:24:68:
5c:93:d9:6f:49:81:24:da:dc:9b:ab:da:20:d8:37:
63:8e:96:5d:78:fa:5f:07:48:d5:47:4c:26:4b:5b:
bc:6f:2b:b0:52:d2:b8:2d:c2:a3:ee:b2:a7:f6:c1:
1a:31:76:5e:6b:3a:8a:f6:3a:53:aa:0f:fc:74:77:
1f:3e:29:31:2d:2b:40:1c:e1:9e:60:e9:b5:2f:9c:
36:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:77:73:FD:7C:99:43:57:90:C3:01:5F:88:89:9B:2A:F7:24:7C:70
X509v3 Authority Key Identifier:
keyid:A6:63:AB:D4:79:CB:FF:76:08:23:04:BF:60:D0:3A:DC:31:87:D9:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pmOr1HnL_3YIIwS_YNA63DGH2TY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/Mndz_XyZQ1eQwwFfiImbKvckfHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/f42724-d009-487d-a79c-bfa04f6cde50/1/pmOr1HnL_3YIIwS_YNA63DGH2TY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.89.0-185.198.90.255
Signature Algorithm: sha256WithRSAEncryption
92:95:09:2c:9d:50:ef:46:aa:b2:83:89:1d:51:6a:ec:b5:b0:
7b:a2:f2:25:ce:14:0b:23:d7:56:9f:14:91:a5:25:75:32:e7:
14:58:76:de:70:39:38:45:b8:26:f3:a5:ef:06:d0:4a:46:6c:
ff:4c:ea:ba:67:3e:71:66:94:ee:48:6d:c0:4a:ce:40:43:37:
73:d9:ff:36:6e:e8:db:11:8f:bb:80:b1:ee:45:26:91:b1:c4:
e5:c1:89:c4:ad:eb:a2:2c:4b:1a:c7:7a:97:9d:ad:17:88:c0:
12:ae:47:b5:3d:f7:22:ba:ae:c2:99:58:1e:ea:4f:3e:b6:76:
a7:ed:ff:67:89:e9:9e:62:be:0c:40:f1:35:5f:96:e9:57:98:
32:ac:26:6f:3c:7a:6e:e2:ee:f5:c5:2b:b5:56:f1:47:57:14:
0f:f8:94:79:ad:4d:db:bf:aa:a6:6b:db:a4:c0:89:5e:8d:b4:
66:5f:15:df:3c:61:1d:d8:95:1c:88:bb:a3:fb:23:5a:f3:a2:
1d:77:9d:91:84:38:9b:e8:bb:03:1e:04:11:bf:08:2b:8b:65:
ea:c4:f9:1e:e1:93:bc:53:f3:ca:e9:52:bb:86:bb:21:26:eb:
74:5b:53:4d:be:7f:1c:c3:e8:d3:9b:cc:f3:e7:91:0a:c2:96:
de:e7:d4:ba
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVvb/1uQyxqIK4pj4gKDogzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NjNhYmQ0NzljYmZmNzYwODIzMDRiZjYwZDAzYWRjMzE4
N2Q5MzYwHhcNMjMwMTAxMjIyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc3NzNmZDdjOTk0MzU3OTBjMzAxNWY4ODg5OWIyYWY3MjQ3YzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngRNH73LttCbOBWhxRZpfz6QY+xH
f+p+UCyyeVy0YapVybIViZsBWaM0TKNg5RWpoQcE3pISVlJR1Z8aRz8zAhHHtKDd
Nv3GNxboL+qzkxdoJztHe1y3ht7axcrfbJ2mBx5GcgydzZQkbX7RX9FEhoqOdc/t
7MZa+uCSoKc1D2JJs2S6eyTIR4SCTA+Gz/knUuhs4gTi0iQJseieWG8E7WfnG5vx
TcpM/MPiWZfA3MurJGhck9lvSYEk2tybq9og2DdjjpZdePpfB0jVR0wmS1u8byuw
UtK4LcKj7rKn9sEaMXZeazqK9jpTqg/8dHcfPikxLStAHOGeYOm1L5w2QwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDJ3c/18mUNXkMMBX4iJmyr3JHxwMB8GA1UdIwQY
MBaAFKZjq9R5y/92CCMEv2DQOtwxh9k2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMt
YmZhMDRmNmNkZTUwLzEvTW5kel9YeVpRMWVRd3dGZmlJbWJLdmNrZkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9mNDI3MjQtZDAwOS00ODdkLWE3OWMtYmZhMDRmNmNkZTUw
LzEvcG1PcjFIbkxfM1lJSXdTX1lOQTYzREdIMlRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5xlkD
BAC5xlowDQYJKoZIhvcNAQELBQADggEBAJKVCSydUO9GqrKDiR1Rauy1sHui8iXO
FAsj11afFJGlJXUy5xRYdt5wOThFuCbzpe8G0EpGbP9M6rpnPnFmlO5IbcBKzkBD
N3PZ/zZu6NsRj7uAse5FJpGxxOXBicSt66IsSxrHepedrReIwBKuR7U99yK6rsKZ
WB7qTz62dqft/2eJ6Z5ivgxA8TVflulXmDKsJm88em7i7vXFK7VW8UdXFA/4lHmt
Tdu/qqZr26TAiV6NtGZfFd88YR3YlRyIu6P7I1rzoh13nZGEOJvouwMeBBG/CCuL
ZerE+R7hk7xT88rpUruGuyEm63RbU02+fxzD6NObzPPnkQrClt7n1Lo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:30 2023 by rpki-client on console-ams.rpki-client.org