Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/mVCLFR_ldbZaf0uA08p7vIPCaBg.roa
File: mVCLFR_ldbZaf0uA08p7vIPCaBg.roa (raw, json)
Hash identifier: MNckO8tzFi3BjQvHDlvuzE5eDK6aee8Oq/+O9vt4Cd4=
Subject key identifier: 99:50:8B:15:1F:E5:75:B6:5A:7F:4B:80:D3:CA:7B:BC:83:C2:68:18
Certificate issuer: /CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Certificate serial: 0185727A221DE08C218E5BFE67DBD0E0EA7D
Authority key identifier: 84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/mVCLFR_ldbZaf0uA08p7vIPCaBg.roa
Signing time: Mon 02 Jan 2023 12:34:44 +0000
ROA not before: Mon 02 Jan 2023 12:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207058
IP address blocks: 185.167.88.0/24 maxlen: 24
185.167.89.0/24 maxlen: 24
185.167.90.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:7a:22:1d:e0:8c:21:8e:5b:fe:67:db:d0:e0:ea:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Validity
Not Before: Jan 2 12:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99508b151fe575b65a7f4b80d3ca7bbc83c26818
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:75:66:74:43:de:c1:4f:30:a4:78:73:3a:1a:
8d:8e:5e:8b:83:a4:05:c0:45:5d:97:c5:27:41:c5:
6c:e0:cf:4c:27:2c:1c:1a:79:65:d5:28:24:65:eb:
db:82:62:5c:db:3f:89:5a:6e:64:b9:3c:64:39:10:
da:26:50:95:8d:39:c4:d4:cf:84:40:ed:db:46:2d:
27:bb:b9:39:a2:65:49:55:8b:72:ac:cb:c6:f0:8c:
0c:cb:d9:f7:c8:04:d6:f7:b0:c5:d5:56:75:47:40:
ee:ab:83:69:16:d0:a8:3d:4d:04:96:c3:de:78:9e:
8e:27:4c:fa:9f:99:45:ef:fe:74:54:5c:c9:9c:1c:
7e:a5:22:6b:b1:db:63:3f:dc:48:8d:2e:ca:87:79:
41:37:11:81:44:62:c6:97:b6:35:30:d4:21:7f:c8:
6d:4e:cf:8b:f4:1e:72:93:5c:a6:30:fd:e7:cc:17:
b3:fa:3a:bb:43:df:98:b2:9f:0e:69:77:23:93:1c:
30:aa:1d:cf:00:62:4b:73:ed:e8:c9:b6:82:0a:c6:
7a:bc:ef:3c:ad:1b:09:59:39:5d:c8:02:ba:71:51:
11:65:1c:d3:42:e2:e2:e4:fd:e7:84:77:d6:c7:e8:
d6:16:97:37:2a:3e:6a:56:6a:96:f8:26:7e:e9:c5:
dc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:50:8B:15:1F:E5:75:B6:5A:7F:4B:80:D3:CA:7B:BC:83:C2:68:18
X509v3 Authority Key Identifier:
keyid:84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/mVCLFR_ldbZaf0uA08p7vIPCaBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/hP-lQvPYybB7926uioaYWj17Tcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.88.0-185.167.90.255
Signature Algorithm: sha256WithRSAEncryption
94:5c:7f:a1:42:18:e3:ee:53:28:5b:9f:96:7c:f4:83:ea:25:
93:39:17:c2:34:20:a4:02:05:83:09:13:86:0a:9c:80:1e:09:
62:68:db:9c:64:26:86:fe:07:1a:f8:0c:b0:04:bf:b4:67:e4:
8b:3a:32:85:28:b2:e0:d3:f8:fe:89:f4:7b:9f:6e:6f:31:1a:
60:d0:27:96:df:53:3d:f5:c5:09:44:0a:fb:6b:73:51:7f:7e:
29:23:d6:47:2b:fb:05:1d:b1:84:fb:21:77:6b:f2:f5:b2:d0:
54:4c:9a:0c:8f:f4:19:87:1b:7a:40:b5:7e:30:c6:24:d2:e2:
aa:a9:bd:8b:f3:5a:8b:07:57:6a:e9:6f:d5:8a:94:c4:71:29:
c8:17:c9:af:f9:59:b6:68:09:7a:72:07:63:ea:30:f9:7b:c0:
3d:d6:7d:26:d9:c8:45:71:44:08:44:6e:40:e7:6a:74:7c:7f:
a3:5a:8d:dc:f6:07:40:fa:b1:65:9d:ce:00:79:d4:cc:5a:ff:
30:49:3f:4a:05:16:db:47:15:6e:07:e5:3c:61:18:61:4c:35:
03:fa:cb:14:78:89:6c:e8:ad:d0:cb:a7:34:81:74:78:4d:d6:
ee:94:76:24:40:09:d3:ec:76:ea:ff:b0:a7:b2:8a:2c:5d:29:
9b:33:22:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVyeiId4Iwhjlv+Z9vQ4Op9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZmZhNTQyZjNkOGM5YjA3YmY3NmVhZThhODY5ODVhM2Q3
YjRkYzcwHhcNMjMwMTAyMTIzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTUwOGIxNTFmZTU3NWI2NWE3ZjRiODBkM2NhN2JiYzgzYzI2ODE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXVmdEPewU8wpHhzOhqNjl6Lg6QF
wEVdl8UnQcVs4M9MJywcGnll1SgkZevbgmJc2z+JWm5kuTxkORDaJlCVjTnE1M+E
QO3bRi0nu7k5omVJVYtyrMvG8IwMy9n3yATW97DF1VZ1R0Duq4NpFtCoPU0ElsPe
eJ6OJ0z6n5lF7/50VFzJnBx+pSJrsdtjP9xIjS7Kh3lBNxGBRGLGl7Y1MNQhf8ht
Ts+L9B5yk1ymMP3nzBez+jq7Q9+Ysp8OaXcjkxwwqh3PAGJLc+3oybaCCsZ6vO88
rRsJWTldyAK6cVERZRzTQuLi5P3nhHfWx+jWFpc3Kj5qVmqW+CZ+6cXcUwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJlQixUf5XW2Wn9LgNPKe7yDwmgYMB8GA1UdIwQY
MBaAFIT/pULz2Mmwe/duroqGmFo9e03HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFAtbFF2UFl5YkI3OTI2dWlvYVlXajE3VGNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC83MWZmZjktMzQzZC00ZjA3LWE0OTEt
N2MwZmQyOWNmM2U5LzEvbVZDTEZSX2xkYlphZjB1QTA4cDd2SVBDYUJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC83MWZmZjktMzQzZC00ZjA3LWE0OTEtN2MwZmQyOWNmM2U5
LzEvaFAtbFF2UFl5YkI3OTI2dWlvYVlXajE3VGNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5p1gD
BAC5p1owDQYJKoZIhvcNAQELBQADggEBAJRcf6FCGOPuUyhbn5Z89IPqJZM5F8I0
IKQCBYMJE4YKnIAeCWJo25xkJob+Bxr4DLAEv7Rn5Is6MoUosuDT+P6J9Hufbm8x
GmDQJ5bfUz31xQlECvtrc1F/fikj1kcr+wUdsYT7IXdr8vWy0FRMmgyP9BmHG3pA
tX4wxiTS4qqpvYvzWosHV2rpb9WKlMRxKcgXya/5WbZoCXpyB2PqMPl7wD3WfSbZ
yEVxRAhEbkDnanR8f6Najdz2B0D6sWWdzgB51Mxa/zBJP0oFFttHFW4H5TxhGGFM
NQP6yxR4iWzordDLpzSBdHhN1u6UdiRACdPsdur/sKeyiixdKZszIm8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:48 2024 by rpki-client on console-ams.rpki-client.org