Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/mXiFDyt4mMdllWSo1G075hS4FDU.roa
File: mXiFDyt4mMdllWSo1G075hS4FDU.roa (raw, json)
Hash identifier: pCTVpoyTgxibo+Th6sH5dKYfAushIN4lF/tSJTtaso8=
Subject key identifier: 99:78:85:0F:2B:78:98:C7:65:95:64:A8:D4:6D:3B:E6:14:B8:14:35
Certificate issuer: /CN=762656c5e66b82c04654be1a25629b1fd6a59456
Certificate serial: 0185719579370863CF5BB33E8A010E6E1084
Authority key identifier: 76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/mXiFDyt4mMdllWSo1G075hS4FDU.roa
Signing time: Mon 02 Jan 2023 08:24:59 +0000
ROA not before: Mon 02 Jan 2023 08:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 54238
IP address blocks: 89.255.208.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:79:37:08:63:cf:5b:b3:3e:8a:01:0e:6e:10:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762656c5e66b82c04654be1a25629b1fd6a59456
Validity
Not Before: Jan 2 08:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9978850f2b7898c7659564a8d46d3be614b81435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:0e:75:5b:dc:f1:1c:c0:95:a2:8d:64:4c:4d:
5b:b6:a7:58:d3:0a:cf:55:65:cd:3d:20:4d:5d:0b:
db:7b:24:ff:e8:3b:04:11:37:c6:da:c4:5a:77:ff:
e1:48:99:e5:bc:95:a1:0a:d7:1c:91:dd:d2:1c:b3:
5d:d1:2d:21:f4:4c:c1:1a:17:54:e1:a5:21:9d:85:
70:7e:9b:ec:45:e1:8f:e1:f5:2d:e5:ad:bb:1b:5c:
a1:3d:91:a2:c6:5f:4c:a2:50:77:6a:0f:1f:35:98:
3d:7a:b0:4b:fc:f6:6b:d9:37:2d:7a:2f:7e:58:d0:
9c:7a:90:21:a6:33:20:8c:1d:a7:86:eb:88:de:e0:
b6:a2:b6:0c:80:0a:59:8e:e4:41:bd:82:40:ca:f2:
78:76:f0:69:cc:f9:b5:b9:60:bb:24:29:dd:c7:8e:
a8:3f:0b:c0:49:77:e4:f2:64:da:76:85:be:90:42:
14:24:13:18:38:c0:28:c0:d0:63:66:83:86:cd:c9:
83:54:49:37:28:51:c2:60:dc:ba:6f:1c:86:7f:72:
ab:55:5f:9b:f2:f1:f1:50:86:75:a4:c7:16:99:fe:
1d:69:31:d1:e9:fd:5b:0a:86:1a:32:f0:70:e6:04:
66:d7:7b:c5:2e:f5:86:be:33:f2:47:43:f4:16:bd:
5f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:78:85:0F:2B:78:98:C7:65:95:64:A8:D4:6D:3B:E6:14:B8:14:35
X509v3 Authority Key Identifier:
keyid:76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/mXiFDyt4mMdllWSo1G075hS4FDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.208.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:0e:73:5b:73:b6:96:ed:9d:4a:bf:71:16:56:35:19:12:63:
f2:bb:6c:c7:04:53:bb:1b:46:4c:6a:93:61:8d:00:3b:30:df:
4a:ac:28:a8:c5:8f:a2:32:8a:e3:46:06:94:33:71:05:48:f7:
48:7f:d3:d6:ad:74:98:14:76:6c:fb:eb:5d:0e:46:76:5d:71:
28:5a:9b:ed:bb:ad:6b:b1:db:df:dc:9f:1f:9d:54:8e:b3:19:
45:e6:82:76:e3:4f:a3:9c:a4:71:9b:af:b9:49:5d:21:1f:40:
59:e2:89:bc:c3:32:1b:56:d1:e7:26:e3:76:39:fa:96:eb:22:
bc:cc:63:44:88:62:4a:8b:0b:15:6d:9c:0f:92:9b:39:78:34:
f0:9c:49:5f:c0:99:5b:c6:05:f5:b0:db:41:0f:51:fb:da:ee:
3d:e5:08:50:ce:30:de:37:80:c1:86:8b:d7:fb:d9:e7:05:9c:
37:d2:80:e1:88:34:e9:ff:b3:15:62:98:d2:d5:2c:28:f2:b6:
cf:86:34:98:57:60:ab:45:8c:08:7f:1b:fb:f0:20:99:7d:9a:
4d:65:15:33:f3:43:86:ce:e7:68:a4:3f:81:5c:59:a3:68:02:
12:b1:a6:bb:42:4e:03:4a:19:6d:29:43:64:6d:b7:ff:ff:4e:
b5:92:69:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlXk3CGPPW7M+igEObhCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjY1NmM1ZTY2YjgyYzA0NjU0YmUxYTI1NjI5YjFmZDZh
NTk0NTYwHhcNMjMwMTAyMDgyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTc4ODUwZjJiNzg5OGM3NjU5NTY0YThkNDZkM2JlNjE0YjgxNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQ51W9zxHMCVoo1kTE1btqdY0wrP
VWXNPSBNXQvbeyT/6DsEETfG2sRad//hSJnlvJWhCtcckd3SHLNd0S0h9EzBGhdU
4aUhnYVwfpvsReGP4fUt5a27G1yhPZGixl9MolB3ag8fNZg9erBL/PZr2Tctei9+
WNCcepAhpjMgjB2nhuuI3uC2orYMgApZjuRBvYJAyvJ4dvBpzPm1uWC7JCndx46o
PwvASXfk8mTadoW+kEIUJBMYOMAowNBjZoOGzcmDVEk3KFHCYNy6bxyGf3KrVV+b
8vHxUIZ1pMcWmf4daTHR6f1bCoYaMvBw5gRm13vFLvWGvjPyR0P0Fr1fUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJl4hQ8reJjHZZVkqNRtO+YUuBQ1MB8GA1UdIwQY
MBaAFHYmVsXma4LARlS+GiVimx/WpZRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAt
NGQyMmM2YjViMWZlLzEvbVhpRkR5dDRtTWRsbFdTbzFHMDc1aFM0RkRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAtNGQyMmM2YjViMWZl
LzEvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWf/QMA0G
CSqGSIb3DQEBCwUAA4IBAQCdDnNbc7aW7Z1Kv3EWVjUZEmPyu2zHBFO7G0ZMapNh
jQA7MN9KrCioxY+iMorjRgaUM3EFSPdIf9PWrXSYFHZs++tdDkZ2XXEoWpvtu61r
sdvf3J8fnVSOsxlF5oJ240+jnKRxm6+5SV0hH0BZ4om8wzIbVtHnJuN2OfqW6yK8
zGNEiGJKiwsVbZwPkps5eDTwnElfwJlbxgX1sNtBD1H72u495QhQzjDeN4DBhovX
+9nnBZw30oDhiDTp/7MVYpjS1Swo8rbPhjSYV2CrRYwIfxv78CCZfZpNZRUz80OG
zudopD+BXFmjaAISsaa7Qk4DShltKUNkbbf//061kmnn
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:27 2024 by rpki-client on console-fra.rpki-client.org