Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/MhGfBIPVBWAS1xRAAJUbGs_gG3Y.roa
File: MhGfBIPVBWAS1xRAAJUbGs_gG3Y.roa (raw, json)
Hash identifier: 7wsgPmawOCJJ6ApqIJwzyD2o9ytA5EGB0aKWswV949g=
Subject key identifier: 32:11:9F:04:83:D5:05:60:12:D7:14:40:00:95:1B:1A:CF:E0:1B:76
Certificate issuer: /CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Certificate serial: 01857169A07BA2F40A401FEFB255A3005808
Authority key identifier: CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/MhGfBIPVBWAS1xRAAJUbGs_gG3Y.roa
Signing time: Mon 02 Jan 2023 07:37:05 +0000
ROA not before: Mon 02 Jan 2023 07:37:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203152
IP address blocks: 185.127.136.0/22 maxlen: 24
2a13:4547::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:a0:7b:a2:f4:0a:40:1f:ef:b2:55:a3:00:58:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb6bf2b89584ec96080048dc3fdc2e3983c277f3
Validity
Not Before: Jan 2 07:37:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32119f0483d5056012d7144000951b1acfe01b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:85:63:55:02:dd:57:6c:e6:67:78:78:1b:37:
62:32:2f:ca:df:d3:98:a3:b6:2e:58:cf:2e:7b:17:
94:eb:01:3e:df:08:a6:4e:ae:e4:c4:10:14:92:e0:
d0:b1:99:97:bd:34:ad:3c:52:ed:11:6f:71:d9:32:
e0:b7:a4:6c:5c:38:0d:b4:a0:a4:04:c5:05:89:61:
16:1f:b3:33:68:ac:ba:c1:d6:20:e2:1c:80:54:3f:
08:cc:e9:c7:7b:9c:cc:05:33:68:89:d3:2a:3e:26:
78:5b:0c:53:35:8c:ec:f3:7a:0e:50:84:b4:6d:73:
bc:c1:91:77:d6:3e:15:35:c1:74:f3:d0:a1:36:c2:
07:5e:02:6b:c2:ca:75:77:0c:30:eb:c4:88:a3:d1:
8c:05:df:db:67:7c:fe:eb:0c:5d:29:37:2a:15:84:
7b:95:1a:39:65:82:a4:db:af:b8:54:0d:06:a4:75:
c0:4b:b0:a3:70:41:47:49:74:fc:31:ed:3f:c0:07:
02:cc:45:bf:5e:97:cd:99:8b:c9:ec:2e:93:72:e1:
d4:2f:da:23:a9:78:8e:10:aa:57:85:71:61:10:e4:
75:30:2e:c2:50:dd:9a:5d:9b:1f:37:a9:fe:d7:c2:
be:18:62:07:d6:0f:4f:9e:09:14:34:d0:44:90:ba:
2a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:11:9F:04:83:D5:05:60:12:D7:14:40:00:95:1B:1A:CF:E0:1B:76
X509v3 Authority Key Identifier:
keyid:CB:6B:F2:B8:95:84:EC:96:08:00:48:DC:3F:DC:2E:39:83:C2:77:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2vyuJWE7JYIAEjcP9wuOYPCd_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/MhGfBIPVBWAS1xRAAJUbGs_gG3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6a87f1-e197-4a23-953d-10fdfce94513/1/y2vyuJWE7JYIAEjcP9wuOYPCd_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.136.0/22
IPv6:
2a13:4547::/32
Signature Algorithm: sha256WithRSAEncryption
84:ae:08:10:45:c3:37:23:76:84:b9:d1:ce:a9:f7:1d:a0:e9:
ea:d9:b8:df:d8:a0:b1:64:1d:b6:99:df:4a:bb:ec:b8:29:7a:
e4:76:2a:32:63:9f:6d:77:d5:be:17:9c:8d:f8:c7:36:a2:75:
0b:bb:e9:a0:b7:e3:6f:22:7d:86:78:74:1e:1b:ae:b7:32:ed:
c5:3e:2e:3b:fe:90:a2:bb:6b:63:3d:af:7f:89:a4:2e:80:75:
3d:0a:bb:42:7c:51:ed:d5:58:a8:29:a3:ce:7a:5f:dc:a5:e7:
cd:3f:4c:45:53:82:e4:f4:1d:7a:19:f9:cc:85:dd:05:16:63:
d0:21:66:19:8d:66:c4:25:a5:14:48:ef:65:b6:f7:ce:40:33:
13:18:d8:58:6b:9b:10:5f:9c:83:ba:a1:5a:b7:0b:dd:03:a6:
62:ed:25:ec:5e:36:d5:03:fa:65:04:d1:16:ec:1a:81:d0:dc:
c7:eb:25:1f:39:e9:fc:88:b6:48:4b:b3:04:59:8a:91:13:46:
bb:20:6b:3e:e7:1b:78:d2:7d:6d:cf:09:83:ce:a3:b8:28:ac:
c5:7e:d4:00:d6:ac:28:c8:e0:96:ed:f1:e7:5c:2e:7f:bf:22:
66:ba:65:e5:f2:e7:bb:a1:cd:29:5e:bf:fb:14:aa:58:42:f6:
9b:bb:a8:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVxaaB7ovQKQB/vslWjAFgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNmJmMmI4OTU4NGVjOTYwODAwNDhkYzNmZGMyZTM5ODNj
Mjc3ZjMwHhcNMjMwMTAyMDczNzA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjExOWYwNDgzZDUwNTYwMTJkNzE0NDAwMDk1MWIxYWNmZTAxYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYVjVQLdV2zmZ3h4GzdiMi/K39OY
o7YuWM8uexeU6wE+3wimTq7kxBAUkuDQsZmXvTStPFLtEW9x2TLgt6RsXDgNtKCk
BMUFiWEWH7MzaKy6wdYg4hyAVD8IzOnHe5zMBTNoidMqPiZ4WwxTNYzs83oOUIS0
bXO8wZF31j4VNcF089ChNsIHXgJrwsp1dwww68SIo9GMBd/bZ3z+6wxdKTcqFYR7
lRo5ZYKk26+4VA0GpHXAS7CjcEFHSXT8Me0/wAcCzEW/XpfNmYvJ7C6TcuHUL9oj
qXiOEKpXhXFhEOR1MC7CUN2aXZsfN6n+18K+GGIH1g9PngkUNNBEkLoqjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDIRnwSD1QVgEtcUQACVGxrP4Bt2MB8GA1UdIwQY
MBaAFMtr8riVhOyWCABI3D/cLjmDwnfzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2Qt
MTBmZGZjZTk0NTEzLzEvTWhHZkJJUFZCV0FTMXhSQUFKVWJHc19nRzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82YTg3ZjEtZTE5Ny00YTIzLTk1M2QtMTBmZGZjZTk0NTEz
LzEveTJ2eXVKV0U3SllJQUVqY1A5d3VPWVBDZF9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX+IMA0E
AgACMAcDBQAqE0VHMA0GCSqGSIb3DQEBCwUAA4IBAQCErggQRcM3I3aEudHOqfcd
oOnq2bjf2KCxZB22md9Ku+y4KXrkdioyY59td9W+F5yN+Mc2onULu+mgt+NvIn2G
eHQeG663Mu3FPi47/pCiu2tjPa9/iaQugHU9CrtCfFHt1VioKaPOel/cpefNP0xF
U4Lk9B16GfnMhd0FFmPQIWYZjWbEJaUUSO9ltvfOQDMTGNhYa5sQX5yDuqFatwvd
A6Zi7SXsXjbVA/plBNEW7BqB0NzH6yUfOen8iLZIS7MEWYqRE0a7IGs+5xt40n1t
zwmDzqO4KKzFftQA1qwoyOCW7fHnXC5/vyJmumXl8ue7oc0pXr/7FKpYQvabu6gM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:05 2024 by rpki-client on console-ams.rpki-client.org