Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/mIZ-XQcYlpu9zym0HYiJifV2lgA.roa
File: mIZ-XQcYlpu9zym0HYiJifV2lgA.roa (raw, json)
Hash identifier: VgldNIEbQZmGaO3FzrjQ8VQLsV/TTtrD5vmQTpb8VZ0=
Subject key identifier: 98:86:7E:5D:07:18:96:9B:BD:CF:29:B4:1D:88:89:89:F5:76:96:00
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 018CE9360523C321DC660709F77ED9B8AD07
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/mIZ-XQcYlpu9zym0HYiJifV2lgA.roa
Signing time: Mon 08 Jan 2024 13:14:40 +0000
ROA not before: Mon 08 Jan 2024 13:14:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 151.236.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 12:23:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:36:05:23:c3:21:dc:66:07:09:f7:7e:d9:b8:ad:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Jan 8 13:14:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98867e5d0718969bbdcf29b41d888989f5769600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:8a:f2:b3:64:05:9b:17:0d:14:be:62:c3:e5:
5c:ee:16:6d:8f:2e:e6:e6:07:08:f1:ff:06:da:18:
4b:66:12:0a:5d:82:8a:0a:8e:6b:15:32:67:6f:87:
fa:1a:92:77:5a:9c:65:83:ce:3a:f4:82:9b:80:da:
34:cb:45:55:bd:e8:5b:97:d3:bd:65:ef:bb:3b:51:
15:cc:f0:c8:87:81:a6:ac:ba:94:85:e5:3b:58:0a:
39:33:45:43:35:12:f7:cf:b8:f5:2f:16:4d:93:ed:
00:38:36:8c:6f:e9:09:5c:92:c5:a8:1a:aa:f6:f5:
df:e3:7c:51:7d:a5:e2:9c:e9:17:5e:1d:38:13:8d:
91:09:7b:22:37:3e:2a:90:bd:23:85:31:47:37:01:
d3:31:9c:2d:05:a9:15:d3:4b:25:9d:7a:8a:36:04:
77:f9:e1:96:8d:4a:ef:dd:e4:06:52:61:3c:fd:51:
18:61:f2:d9:bc:ac:84:d2:d0:43:4c:49:6e:bd:03:
38:82:7e:c9:5b:1b:0a:8f:ad:8d:c4:d0:5c:36:b7:
c9:de:0f:70:4d:9e:e7:54:78:95:35:e0:8a:82:8c:
fb:d1:08:a9:e6:e0:dc:c5:50:29:b9:06:8f:32:5b:
61:c9:44:38:68:45:d5:b5:1b:07:7c:6d:ea:82:f6:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:86:7E:5D:07:18:96:9B:BD:CF:29:B4:1D:88:89:89:F5:76:96:00
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/mIZ-XQcYlpu9zym0HYiJifV2lgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.181.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:56:98:85:d9:92:c4:9d:11:51:91:4e:09:cc:78:34:75:b3:
9e:a8:05:41:72:49:f9:40:4d:a0:14:68:fd:08:db:cd:cb:f6:
94:83:63:4d:3c:fe:7e:6d:f7:20:51:f4:fe:d4:52:ba:ab:68:
4f:72:eb:e4:c4:89:09:7f:66:31:02:d8:69:50:7b:fc:07:1d:
66:a4:86:23:7e:7c:06:66:74:b5:35:24:bf:47:a3:2d:1b:36:
87:76:59:9e:37:99:34:ae:c1:d9:1c:8f:cd:77:f7:7c:ec:c3:
73:ad:47:8d:af:b1:ac:e9:36:b3:da:35:c7:74:10:e7:e0:19:
fd:10:91:dc:52:3f:ac:9a:f7:bd:37:7b:11:3c:17:12:e3:49:
75:0c:09:4a:ea:b4:ba:b3:4b:44:40:69:e9:7c:15:a6:d9:99:
86:f9:b1:ac:cb:2b:82:14:0f:24:c8:2a:a9:05:34:3b:59:d9:
b4:2d:81:fd:4a:db:03:d4:ec:4c:37:79:60:a4:e9:5e:b1:e5:
89:a5:b6:27:d8:19:4e:46:4e:07:00:1f:6f:2d:9a:5e:81:c3:
cc:90:f4:c3:e1:62:36:da:c1:a8:ee:ad:5b:57:7d:aa:3c:21:
dc:7d:4c:2c:86:38:be:90:64:1d:f0:e6:68:30:5d:f5:b4:82:
df:7f:4b:de
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzpNgUjwyHcZgcJ937ZuK0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjQwMTA4MTMxNDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODg2N2U1ZDA3MTg5NjliYmRjZjI5YjQxZDg4ODk4OWY1NzY5NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIrys2QFmxcNFL5iw+Vc7hZtjy7m
5gcI8f8G2hhLZhIKXYKKCo5rFTJnb4f6GpJ3Wpxlg8469IKbgNo0y0VVvehbl9O9
Ze+7O1EVzPDIh4GmrLqUheU7WAo5M0VDNRL3z7j1LxZNk+0AODaMb+kJXJLFqBqq
9vXf43xRfaXinOkXXh04E42RCXsiNz4qkL0jhTFHNwHTMZwtBakV00slnXqKNgR3
+eGWjUrv3eQGUmE8/VEYYfLZvKyE0tBDTEluvQM4gn7JWxsKj62NxNBcNrfJ3g9w
TZ7nVHiVNeCKgoz70Qip5uDcxVApuQaPMlthyUQ4aEXVtRsHfG3qgvY2ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJiGfl0HGJabvc8ptB2IiYn1dpYAMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvbUlaLVhRY1lscHU5enltMEhZaUppZlYybGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl+y1MA0G
CSqGSIb3DQEBCwUAA4IBAQBqVpiF2ZLEnRFRkU4JzHg0dbOeqAVBckn5QE2gFGj9
CNvNy/aUg2NNPP5+bfcgUfT+1FK6q2hPcuvkxIkJf2YxAthpUHv8Bx1mpIYjfnwG
ZnS1NSS/R6MtGzaHdlmeN5k0rsHZHI/Nd/d87MNzrUeNr7Gs6Taz2jXHdBDn4Bn9
EJHcUj+smve9N3sRPBcS40l1DAlK6rS6s0tEQGnpfBWm2ZmG+bGsyyuCFA8kyCqp
BTQ7Wdm0LYH9StsD1OxMN3lgpOleseWJpbYn2BlORk4HAB9vLZpegcPMkPTD4WI2
2sGo7q1bV32qPCHcfUwshji+kGQd8OZoMF31tILff0ve
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:14 2025 by rpki-client