Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mhtiInoojZzYRFNLvDqNmcADKI4.roa
File: mhtiInoojZzYRFNLvDqNmcADKI4.roa (raw, json)
Hash identifier: DKntGHEF7ucruO7b5MWF4liDYRLbyFfFc+Hwht8I0ro=
Subject key identifier: 9A:1B:62:22:7A:28:8D:9C:D8:44:53:4B:BC:3A:8D:99:C0:03:28:8E
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 018CC8DEEA86F91B1F236393DCC5D1B24E61
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mhtiInoojZzYRFNLvDqNmcADKI4.roa
Signing time: Tue 02 Jan 2024 06:31:41 +0000
ROA not before: Tue 02 Jan 2024 06:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48648
IP address blocks: 195.12.56.0/22 maxlen: 22
91.211.122.0/24 maxlen: 24
91.211.120.0/24 maxlen: 24
91.198.233.0/24 maxlen: 24
2a0a:2c0:2::/48 maxlen: 48
2a0a:2c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 25 Mar 2024 14:41:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ea:86:f9:1b:1f:23:63:93:dc:c5:d1:b2:4e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 2 06:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a1b62227a288d9cd844534bbc3a8d99c003288e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:47:f3:57:c6:52:53:74:56:bc:39:65:9d:0b:
64:ce:77:15:bf:5b:6b:fe:6c:0f:97:8a:79:6e:2e:
ba:f1:99:b4:95:5c:e3:c4:42:c3:8e:41:95:8f:46:
8e:a0:7a:9f:4a:4c:2c:01:27:ca:4f:a1:07:ca:1d:
08:9b:d4:f6:26:0e:e0:b8:56:b4:09:f2:e5:33:36:
b1:94:ed:f4:aa:22:66:bd:fe:1a:c5:4b:b6:9c:7e:
8b:49:29:5b:ec:9f:00:94:a4:f4:93:d4:a1:03:10:
04:a8:56:f3:1c:e5:ab:2b:99:06:86:cb:8f:08:84:
41:89:9c:46:0c:0a:46:f6:e0:98:4f:90:14:a6:93:
8b:7f:42:b1:92:45:f7:67:ed:18:a5:ae:26:fe:7b:
a3:73:45:bb:60:9f:e8:3e:30:d7:19:0e:fb:ae:d8:
c6:91:48:6f:19:9e:bd:61:f8:68:7d:44:dc:1e:db:
dc:86:28:c0:2f:80:9a:d3:f8:f3:85:62:00:ef:e8:
e2:7b:34:a9:c1:0e:76:14:88:55:27:5d:a4:64:ed:
ed:78:43:42:82:2b:2b:12:ba:88:83:59:36:63:86:
c9:cd:ef:ee:45:8d:5b:32:8b:55:92:52:0f:ef:7b:
09:48:db:8b:88:50:2f:46:45:77:5c:b6:d5:ae:05:
38:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1B:62:22:7A:28:8D:9C:D8:44:53:4B:BC:3A:8D:99:C0:03:28:8E
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/mhtiInoojZzYRFNLvDqNmcADKI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.233.0/24
91.211.120.0/24
91.211.122.0/24
195.12.56.0/22
IPv6:
2a0a:2c0::/48
2a0a:2c0:2::/48
Signature Algorithm: sha256WithRSAEncryption
a0:20:17:2f:8f:84:aa:eb:f6:88:65:e2:16:c0:fa:de:f7:25:
6d:98:82:51:33:2d:47:ff:a1:13:60:62:33:c1:00:ed:5c:ba:
c7:92:3a:9c:c0:82:24:87:7a:69:c3:dd:49:77:e5:36:f4:b8:
0b:d5:e3:94:ed:fa:8f:92:b1:3a:a7:bc:6f:6f:99:9e:34:83:
15:10:61:c5:09:5b:71:c3:eb:95:bc:92:50:5b:b3:65:c1:e7:
f2:ad:e7:d1:60:b6:f3:6a:e1:1d:0d:1a:b5:90:27:a2:a8:a8:
71:fc:a8:3d:84:e4:aa:b8:eb:8d:3c:0e:14:e6:cd:3d:8e:47:
31:89:50:4e:fb:7f:fa:50:90:2f:ef:03:1c:bc:ae:f6:cd:45:
28:55:67:bb:23:81:cf:4f:a7:8c:e4:59:5d:20:43:11:e3:ad:
80:be:f5:13:f3:0f:95:5e:26:93:a1:75:b0:88:fa:80:ab:90:
05:85:b0:bf:28:f7:49:a7:50:9a:6b:e7:91:c5:ea:76:cc:69:
fb:f5:91:96:40:44:ef:9d:bd:cf:9c:42:b2:b0:92:aa:bc:4a:
7e:38:2d:01:98:8a:98:95:ee:a3:9b:be:dc:f1:a7:c6:38:0f:
10:72:24:35:7b:e3:44:31:e6:5f:b9:98:32:49:ab:2a:cd:d3:
9e:62:a1:bc
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzI3uqG+RsfI2OT3MXRsk5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjQwMTAyMDYzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFiNjIyMjdhMjg4ZDljZDg0NDUzNGJiYzNhOGQ5OWMwMDMyODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkfzV8ZSU3RWvDllnQtkzncVv1tr
/mwPl4p5bi668Zm0lVzjxELDjkGVj0aOoHqfSkwsASfKT6EHyh0Im9T2Jg7guFa0
CfLlMzaxlO30qiJmvf4axUu2nH6LSSlb7J8AlKT0k9ShAxAEqFbzHOWrK5kGhsuP
CIRBiZxGDApG9uCYT5AUppOLf0KxkkX3Z+0Ypa4m/nujc0W7YJ/oPjDXGQ77rtjG
kUhvGZ69YfhofUTcHtvchijAL4Ca0/jzhWIA7+jiezSpwQ52FIhVJ12kZO3teENC
gisrErqIg1k2Y4bJze/uRY1bMotVklIP73sJSNuLiFAvRkV3XLbVrgU4AQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJobYiJ6KI2c2ERTS7w6jZnAAyiOMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvbWh0aUlub29qWnpZUkZOTHZEcU5tY0FES0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAW8bpAwQA
W9N4AwQAW9N6AwQCwww4MBgEAgACMBIDBwAqCgLAAAADBwAqCgLAAAIwDQYJKoZI
hvcNAQELBQADggEBAKAgFy+PhKrr9ohl4hbA+t73JW2YglEzLUf/oRNgYjPBAO1c
useSOpzAgiSHemnD3Ul35Tb0uAvV45Tt+o+SsTqnvG9vmZ40gxUQYcUJW3HD65W8
klBbs2XB5/Kt59FgtvNq4R0NGrWQJ6KoqHH8qD2E5Kq46408DhTmzT2ORzGJUE77
f/pQkC/vAxy8rvbNRShVZ7sjgc9Pp4zkWV0gQxHjrYC+9RPzD5VeJpOhdbCI+oCr
kAWFsL8o90mnUJpr55HF6nbMafv1kZZARO+dvc+cQrKwkqq8Sn44LQGYipiV7qOb
vtzxp8Y4DxByJDV740Qx5l+5mDJJqyrN055iobw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:38 2024 by rpki-client on console-ams.rpki-client.org