Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/MfFt1RvePNE7zTg_nBVPyAJSk_Y.roa
File: MfFt1RvePNE7zTg_nBVPyAJSk_Y.roa (raw, json)
Hash identifier: 4hFEFnKh5T8He4fkL9B8DjTpdZbi3JlkPfAhCfnvOZ0=
Subject key identifier: 31:F1:6D:D5:1B:DE:3C:D1:3B:CD:38:3F:9C:15:4F:C8:02:52:93:F6
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 01866EE1CE3DBF3B30FB3E87BB028E2959D1
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/MfFt1RvePNE7zTg_nBVPyAJSk_Y.roa
Signing time: Mon 20 Feb 2023 12:52:17 +0000
ROA not before: Mon 20 Feb 2023 12:52:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49549
IP address blocks: 178.250.189.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 21 Feb 2023 18:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6e:e1:ce:3d:bf:3b:30:fb:3e:87:bb:02:8e:29:59:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Feb 20 12:52:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f16dd51bde3cd13bcd383f9c154fc8025293f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d3:f8:0c:c0:b3:70:47:80:2c:77:1b:04:e4:
69:40:4a:b5:c6:d4:f2:d0:7d:8d:45:d2:79:21:3d:
4b:85:0a:fc:3d:10:a6:0f:3e:57:d2:4c:7b:2a:d2:
3d:76:42:24:96:17:10:c0:d0:e5:64:e5:0a:8e:b2:
99:a3:29:7b:c6:47:f1:18:c7:a8:9b:71:d9:be:1c:
89:98:9c:03:1e:69:33:b4:cd:37:01:62:9f:97:e4:
91:0b:e2:a9:25:fc:99:74:1a:dd:bf:6e:57:6f:04:
59:fe:0e:ab:45:51:07:97:7f:7c:30:f0:77:d9:26:
a1:3e:d4:0b:86:02:6f:c9:d9:e1:33:00:99:48:00:
d3:29:d1:91:77:63:26:9c:07:62:51:cc:84:a6:b5:
cb:27:8f:0c:11:79:fd:e3:d8:4c:31:05:67:80:82:
c8:81:a5:52:6b:f6:0a:66:c7:5b:af:d1:05:ca:73:
6b:a3:7f:cf:60:97:1d:d1:b8:57:0e:3c:0c:be:2d:
36:94:c4:6c:7e:3d:8d:93:f6:39:fc:db:03:ee:75:
44:f4:74:40:08:f8:33:70:6f:de:f6:e9:c5:ba:2f:
bb:ad:02:f9:46:a7:3b:7e:17:a0:0b:e6:2f:1b:08:
14:72:7b:11:0a:4f:5c:71:9c:55:42:e8:eb:96:99:
9b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F1:6D:D5:1B:DE:3C:D1:3B:CD:38:3F:9C:15:4F:C8:02:52:93:F6
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/MfFt1RvePNE7zTg_nBVPyAJSk_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.189.0/24
193.0.230.0/24
IPv6:
2a0f:cdc2::/32
Signature Algorithm: sha256WithRSAEncryption
85:f9:e2:ea:dd:86:e5:94:e9:b4:4c:e1:a5:0c:12:03:80:09:
08:3a:7d:b9:d7:f1:ef:38:9a:22:8a:ac:a7:1e:0a:01:a3:39:
66:2d:ef:92:3a:9d:d8:0a:e5:e4:ad:b9:d6:a8:15:ce:0d:01:
08:d1:b0:07:3a:b2:00:b7:2b:a8:9c:2f:fe:b9:64:07:88:77:
57:87:09:dc:51:64:a5:17:c9:4b:c6:97:88:e7:3e:64:f1:a1:
fa:6e:e0:0b:a4:11:3a:40:42:91:56:a0:14:35:fc:2b:cb:15:
0f:8c:1d:a5:01:cd:d7:e2:89:32:df:aa:5d:ff:95:dc:ed:23:
b3:bf:aa:71:b4:3c:fb:80:d5:30:18:d4:f3:78:14:e3:36:88:
77:be:0c:8f:00:ec:a8:7a:ca:f0:13:33:a8:89:42:e9:27:87:
cf:72:09:4c:10:f8:75:dd:69:c6:25:6d:1b:73:93:dc:36:88:
48:3c:d7:0a:c0:cb:b4:70:4a:a8:9a:27:71:19:30:9f:ed:c2:
ac:06:d4:06:67:2f:c2:46:fc:8e:53:91:bb:9e:e0:72:ab:10:
f1:40:e4:49:3e:f3:8c:26:51:9e:93:45:60:bb:66:f1:49:2b:
5c:16:c9:fd:5d:4a:7b:b4:03:87:c3:37:8c:e8:59:b9:05:4a:
cc:f6:57:f0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYZu4c49vzsw+z6HuwKOKVnRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjMwMjIwMTI1MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYxNmRkNTFiZGUzY2QxM2JjZDM4M2Y5YzE1NGZjODAyNTI5M2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitP4DMCzcEeALHcbBORpQEq1xtTy
0H2NRdJ5IT1LhQr8PRCmDz5X0kx7KtI9dkIklhcQwNDlZOUKjrKZoyl7xkfxGMeo
m3HZvhyJmJwDHmkztM03AWKfl+SRC+KpJfyZdBrdv25XbwRZ/g6rRVEHl398MPB3
2SahPtQLhgJvydnhMwCZSADTKdGRd2MmnAdiUcyEprXLJ48MEXn949hMMQVngILI
gaVSa/YKZsdbr9EFynNro3/PYJcd0bhXDjwMvi02lMRsfj2Nk/Y5/NsD7nVE9HRA
CPgzcG/e9unFui+7rQL5Rqc7fhegC+YvGwgUcnsRCk9ccZxVQujrlpmbCQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDHxbdUb3jzRO804P5wVT8gCUpP2MB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvTWZGdDFSdmVQTkU3elRnX25CVlB5QUpTa19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsvq9AwQA
wQDmMA0EAgACMAcDBQAqD83CMA0GCSqGSIb3DQEBCwUAA4IBAQCF+eLq3YbllOm0
TOGlDBIDgAkIOn251/HvOJoiiqynHgoBozlmLe+SOp3YCuXkrbnWqBXODQEI0bAH
OrIAtyuonC/+uWQHiHdXhwncUWSlF8lLxpeI5z5k8aH6buALpBE6QEKRVqAUNfwr
yxUPjB2lAc3X4oky36pd/5Xc7SOzv6pxtDz7gNUwGNTzeBTjNoh3vgyPAOyoesrw
EzOoiULpJ4fPcglMEPh13WnGJW0bc5PcNohIPNcKwMu0cEqomidxGTCf7cKsBtQG
Zy/CRvyOU5G7nuByqxDxQORJPvOMJlGek0Vgu2bxSStcFsn9XUp7tAOHwzeM6Fm5
BUrM9lfw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:53 2024 by rpki-client on console-ams.rpki-client.org