Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mHihYUmxS4oAtGUgPwlwfRaDXik.roa
File: mHihYUmxS4oAtGUgPwlwfRaDXik.roa (raw, json)
Hash identifier: Lplrr+0QlBqw4dTvEm5lM/5Fhne3uCTuAIKaU3NK0jg=
Subject key identifier: 98:78:A1:61:49:B1:4B:8A:00:B4:65:20:3F:09:70:7D:16:83:5E:29
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01900BAE5C6E914F56E81C914AD7F02BA933
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mHihYUmxS4oAtGUgPwlwfRaDXik.roa
Signing time: Wed 12 Jun 2024 09:01:34 +0000
ROA not before: Wed 12 Jun 2024 09:01:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12660
IP address blocks: 94.184.128.0/21 maxlen: 21
94.184.128.0/22 maxlen: 22
94.184.132.0/22 maxlen: 22
194.225.32.0/20 maxlen: 24
194.225.40.0/21 maxlen: 21
194.225.40.0/24 maxlen: 24
194.225.44.0/22 maxlen: 22
194.225.80.0/21 maxlen: 21
Validation: Failed, certificate revoked on Sat 15 Jun 2024 10:12:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:ae:5c:6e:91:4f:56:e8:1c:91:4a:d7:f0:2b:a9:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jun 12 09:01:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9878a16149b14b8a00b465203f09707d16835e29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2c:0b:d2:4a:a7:4b:98:81:3a:86:1b:0a:78:
3c:bf:f9:cc:e0:fd:a5:8d:14:ee:5b:16:9e:22:7f:
b9:51:f4:02:11:7b:be:50:c3:43:f7:35:c6:60:c0:
5f:48:b7:c8:18:d7:59:f2:eb:75:8b:68:eb:d2:2c:
5b:14:0b:c7:15:7b:29:49:7e:b8:da:d2:8f:49:fd:
7b:af:f5:34:e7:a7:52:7f:db:b1:61:5b:4b:33:1f:
5d:27:95:b9:a1:5b:b0:b0:ec:4d:62:1d:ea:ae:bb:
6e:bb:d1:52:8f:19:d9:ae:6e:a2:10:e5:ed:a3:40:
bc:53:be:e1:94:36:c3:9b:45:ef:f2:3e:94:c5:fb:
26:b6:23:d1:4a:7a:4b:d6:4c:df:f0:2a:1b:d5:a8:
4c:27:31:9c:b1:f9:f9:bb:f9:3f:8a:fd:c5:46:8b:
29:c8:e8:8d:d8:36:2f:70:2b:25:83:76:72:0b:8c:
6f:da:74:7e:dc:4a:3e:c2:1b:7f:69:76:e1:0d:53:
0c:09:79:65:da:44:fd:f0:6b:aa:87:7f:39:30:25:
c0:d9:6e:95:4a:81:b7:9e:36:22:05:9c:41:f9:f0:
6f:93:52:e4:5c:67:5b:7e:af:f6:4b:2f:10:07:56:
fd:62:b7:f2:e9:04:ff:04:32:61:70:33:5f:13:70:
dd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:78:A1:61:49:B1:4B:8A:00:B4:65:20:3F:09:70:7D:16:83:5E:29
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mHihYUmxS4oAtGUgPwlwfRaDXik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.128.0/21
194.225.32.0/20
194.225.80.0/21
Signature Algorithm: sha256WithRSAEncryption
24:66:ed:7f:35:2a:8c:dd:53:35:bf:dd:1e:2c:8e:82:df:95:
33:3a:d8:1f:06:f1:22:c3:9b:82:0e:9e:fb:f4:80:c7:d7:94:
9e:3a:54:39:3f:2e:3d:cc:5b:dc:db:59:77:e6:9b:1e:4e:9a:
8e:4c:a3:f9:b4:51:ea:22:08:22:c5:cd:bb:ad:03:0d:e6:cb:
25:a4:7c:e3:c5:99:32:b3:74:d6:83:d9:79:df:12:ee:a9:8e:
ed:0e:7c:4e:ab:9a:1a:93:f2:6c:8d:ad:59:72:98:ca:c2:ed:
aa:14:6b:3c:b2:31:b1:7d:05:cc:23:0d:a8:ff:83:c2:1e:47:
ff:50:47:3c:ed:df:90:47:ec:c1:a0:0a:66:17:33:cc:ea:8d:
c0:f5:73:67:62:59:25:cf:ae:97:a9:6a:15:04:10:2c:73:a0:
cc:90:c8:e3:fa:9c:a5:f5:a2:dc:17:71:ec:2b:6c:0d:dc:f0:
85:53:05:86:e1:fb:58:2f:ca:58:cd:eb:62:03:e4:46:80:bb:
d5:9c:cb:05:77:83:24:02:0f:94:97:21:28:d2:2d:f9:ab:c5:
f1:a5:bc:7f:f7:e0:42:61:74:9e:8d:a7:b5:21:83:c3:31:fb:
c1:94:66:16:ed:59:ea:83:da:81:b6:ea:fc:d3:ca:24:57:88:
9a:76:ef:f4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZALrlxukU9W6ByRStfwK6kzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjQwNjEyMDkwMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODc4YTE2MTQ5YjE0YjhhMDBiNDY1MjAzZjA5NzA3ZDE2ODM1ZTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSwL0kqnS5iBOoYbCng8v/nM4P2l
jRTuWxaeIn+5UfQCEXu+UMND9zXGYMBfSLfIGNdZ8ut1i2jr0ixbFAvHFXspSX64
2tKPSf17r/U056dSf9uxYVtLMx9dJ5W5oVuwsOxNYh3qrrtuu9FSjxnZrm6iEOXt
o0C8U77hlDbDm0Xv8j6UxfsmtiPRSnpL1kzf8Cob1ahMJzGcsfn5u/k/iv3FRosp
yOiN2DYvcCslg3ZyC4xv2nR+3Eo+wht/aXbhDVMMCXll2kT98Guqh385MCXA2W6V
SoG3njYiBZxB+fBvk1LkXGdbfq/2Sy8QB1b9Yrfy6QT/BDJhcDNfE3DdDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJh4oWFJsUuKALRlID8JcH0Wg14pMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvbUhpaFlVbXhTNG9BdEdVZ1B3bHdmUmFEWGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDXriAAwQE
wuEgAwQDwuFQMA0GCSqGSIb3DQEBCwUAA4IBAQAkZu1/NSqM3VM1v90eLI6C35Uz
OtgfBvEiw5uCDp779IDH15SeOlQ5Py49zFvc21l35pseTpqOTKP5tFHqIggixc27
rQMN5sslpHzjxZkys3TWg9l53xLuqY7tDnxOq5oak/Jsja1ZcpjKwu2qFGs8sjGx
fQXMIw2o/4PCHkf/UEc87d+QR+zBoApmFzPM6o3A9XNnYlklz66XqWoVBBAsc6DM
kMjj+pyl9aLcF3HsK2wN3PCFUwWG4ftYL8pYzetiA+RGgLvVnMsFd4MkAg+UlyEo
0i35q8Xxpbx/9+BCYXSejae1IYPDMfvBlGYW7Vnqg9qBtur808okV4iadu/0
-----END CERTIFICATE-----
Generated at Sat Jun 15 15:41:18 2024 by rpki-client on console-ams.rpki-client.org