Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/MPn-qZAwLsNTrtTaHiHw5kU30KA.roa
File: MPn-qZAwLsNTrtTaHiHw5kU30KA.roa (raw, json)
Hash identifier: nTzG3rKVZpZCNeUVpsSIBAHFnUyjwVxVkk/i2C7yEEQ=
Subject key identifier: 30:F9:FE:A9:90:30:2E:C3:53:AE:D4:DA:1E:21:F0:E6:45:37:D0:A0
Certificate issuer: /CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Certificate serial: 018572B425E60C3A3DB9675B9BA85AAEA4EF
Authority key identifier: 0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/MPn-qZAwLsNTrtTaHiHw5kU30KA.roa
Signing time: Mon 02 Jan 2023 13:38:06 +0000
ROA not before: Mon 02 Jan 2023 13:38:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202777
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
2a06:ee80::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:25:e6:0c:3a:3d:b9:67:5b:9b:a8:5a:ae:a4:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f2f8b2b94721e928f6188b5cf15053144dedf8c
Validity
Not Before: Jan 2 13:38:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f9fea990302ec353aed4da1e21f0e64537d0a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5e:ce:35:99:12:f2:cb:c0:ec:10:77:83:7f:
da:d8:df:98:62:19:97:0b:8a:a7:4e:58:73:54:6d:
ed:ea:cb:49:4d:14:73:88:2e:24:b7:06:47:38:a6:
64:4f:de:9c:4d:16:7f:86:de:63:e1:e0:1e:5a:05:
23:21:66:43:bd:ed:1b:97:b9:e0:fa:2d:a8:00:fa:
f8:40:5b:fd:9c:85:0b:3f:6f:94:bc:e0:ab:96:2c:
73:c5:da:8d:14:42:19:1f:ce:35:24:86:51:5f:21:
23:03:84:ab:12:db:e8:14:38:a6:89:35:32:6c:38:
e3:7e:8b:e8:29:e4:cc:74:25:c2:e9:ee:7c:d9:d5:
17:ea:1e:fd:75:de:31:06:12:42:fc:3f:a9:b1:5b:
21:29:c3:9f:0d:01:38:2d:bb:cd:e1:6c:fe:7c:90:
d7:eb:11:52:fe:a4:ed:99:91:5e:b7:8e:d1:ac:06:
ff:33:ca:10:fd:ea:9b:3d:02:82:09:b6:38:c5:c4:
7d:57:4f:4f:13:3d:59:e9:13:87:69:1d:97:54:12:
8a:b2:69:8f:4c:2a:28:86:99:4a:4f:3f:6c:dd:2d:
45:56:19:3e:5d:2d:64:2b:86:d7:91:9f:69:ac:b5:
bb:03:5d:d6:2a:c5:9e:8e:8d:11:79:bf:ef:19:4f:
71:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F9:FE:A9:90:30:2E:C3:53:AE:D4:DA:1E:21:F0:E6:45:37:D0:A0
X509v3 Authority Key Identifier:
keyid:0F:2F:8B:2B:94:72:1E:92:8F:61:88:B5:CF:15:05:31:44:DE:DF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dy-LK5RyHpKPYYi1zxUFMUTe34w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/MPn-qZAwLsNTrtTaHiHw5kU30KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/4e5902-e283-4916-a33c-7226a8845e01/1/Dy-LK5RyHpKPYYi1zxUFMUTe34w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/24
185.124.150.0/24
IPv6:
2a06:ee80::/29
Signature Algorithm: sha256WithRSAEncryption
33:95:4e:85:94:e9:1a:da:bb:0a:75:d4:d5:42:5b:c9:37:f2:
00:1b:26:7f:24:c8:af:c2:b3:9b:60:56:28:0c:34:2e:1e:a6:
16:f7:3c:0a:12:c4:fc:d6:fe:ed:1b:f8:60:7a:5a:3e:90:76:
e0:ac:d6:ea:85:d5:a2:03:d8:0f:da:f1:42:35:be:7f:92:33:
f1:00:1a:96:86:ca:15:e4:af:84:0e:30:52:59:c5:f1:3d:f9:
77:dd:05:16:96:aa:ae:f6:61:61:52:9b:04:a6:8e:c7:ff:93:
55:1e:1f:64:90:be:9b:09:47:06:e3:f7:b6:f6:00:de:d6:4b:
1b:56:f1:53:7c:2a:b0:5b:66:af:bf:1e:bc:6c:2e:ea:71:43:
b6:70:b8:85:26:53:4e:b1:f8:e2:78:4a:36:43:99:cd:72:59:
11:6d:a8:37:d5:3e:25:39:e0:b7:c6:5c:bb:43:69:be:d1:6c:
cf:d1:ab:01:5b:b2:20:53:df:a0:cf:be:12:b1:77:b3:d2:60:
5c:5e:c3:3c:57:3b:a3:a1:20:3e:e5:2b:b8:43:58:36:2e:de:
a3:94:c6:f6:04:ea:f9:61:66:42:c2:a0:ab:d7:36:18:82:e4:
96:08:3a:6a:b0:dd:ed:ab:3b:69:25:03:2b:ba:9e:de:fa:09:
3a:8a:94:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytCXmDDo9uWdbm6harqTvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMmY4YjJiOTQ3MjFlOTI4ZjYxODhiNWNmMTUwNTMxNDRk
ZWRmOGMwHhcNMjMwMTAyMTMzODA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY5ZmVhOTkwMzAyZWMzNTNhZWQ0ZGExZTIxZjBlNjQ1MzdkMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV7ONZkS8svA7BB3g3/a2N+YYhmX
C4qnTlhzVG3t6stJTRRziC4ktwZHOKZkT96cTRZ/ht5j4eAeWgUjIWZDve0bl7ng
+i2oAPr4QFv9nIULP2+UvOCrlixzxdqNFEIZH841JIZRXyEjA4SrEtvoFDimiTUy
bDjjfovoKeTMdCXC6e582dUX6h79dd4xBhJC/D+psVshKcOfDQE4LbvN4Wz+fJDX
6xFS/qTtmZFet47RrAb/M8oQ/eqbPQKCCbY4xcR9V09PEz1Z6ROHaR2XVBKKsmmP
TCoohplKTz9s3S1FVhk+XS1kK4bXkZ9prLW7A13WKsWejo0Reb/vGU9xAQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDD5/qmQMC7DU67U2h4h8OZFN9CgMB8GA1UdIwQY
MBaAFA8viyuUch6Sj2GItc8VBTFE3t+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2Mt
NzIyNmE4ODQ1ZTAxLzEvTVBuLXFaQXdMc05UcnRUYUhpSHc1a1UzMEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi80ZTU5MDItZTI4My00OTE2LWEzM2MtNzIyNmE4ODQ1ZTAx
LzEvRHktTEs1UnlIcEtQWVlpMXp4VUZNVVRlMzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuXyUAwQA
uXyWMA0EAgACMAcDBQMqBu6AMA0GCSqGSIb3DQEBCwUAA4IBAQAzlU6FlOka2rsK
ddTVQlvJN/IAGyZ/JMivwrObYFYoDDQuHqYW9zwKEsT81v7tG/hgelo+kHbgrNbq
hdWiA9gP2vFCNb5/kjPxABqWhsoV5K+EDjBSWcXxPfl33QUWlqqu9mFhUpsEpo7H
/5NVHh9kkL6bCUcG4/e29gDe1ksbVvFTfCqwW2avvx68bC7qcUO2cLiFJlNOsfji
eEo2Q5nNclkRbag31T4lOeC3xly7Q2m+0WzP0asBW7IgU9+gz74SsXez0mBcXsM8
VzujoSA+5Su4Q1g2Lt6jlMb2BOr5YWZCwqCr1zYYguSWCDpqsN3tqztpJQMrup7e
+gk6ipQW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org