Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mGjm9Fb_z0uDsNN9VsPBkxGWO90.roa
File: mGjm9Fb_z0uDsNN9VsPBkxGWO90.roa (raw, json)
Hash identifier: aWtYi/Oe9/xNWzApGVu/qbuDKrJlWHXwTr7PgOMVWGA=
Subject key identifier: 98:68:E6:F4:56:FF:CF:4B:83:B0:D3:7D:56:C3:C1:93:11:96:3B:DD
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018BC3F6DDA55DAB1CE7502A4C5D2EE5FE7C
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mGjm9Fb_z0uDsNN9VsPBkxGWO90.roa
Signing time: Sun 12 Nov 2023 14:36:57 +0000
ROA not before: Sun 12 Nov 2023 14:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c3:f6:dd:a5:5d:ab:1c:e7:50:2a:4c:5d:2e:e5:fe:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 12 14:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9868e6f456ffcf4b83b0d37d56c3c19311963bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:51:b4:60:dd:a9:9d:a8:6b:30:b5:1a:a1:24:
c0:bf:c4:06:5a:43:c7:47:03:09:82:53:07:ca:d7:
86:84:1a:5e:c8:53:3f:21:96:42:88:b0:6e:db:56:
17:15:7a:2e:71:e4:8f:8c:c1:0c:e2:0c:e0:84:6b:
78:e2:e2:98:27:2b:4b:b9:b3:cb:b9:d0:7f:aa:89:
5c:6f:d4:d6:3f:40:1a:f5:e8:6e:b5:87:dd:84:bf:
5c:5d:1f:45:50:8d:21:83:26:f2:b4:d3:af:c6:4c:
3a:2e:ef:0b:35:c0:e6:ad:29:aa:14:bb:fe:4d:56:
c7:18:70:6e:a3:be:c7:46:ee:a2:90:72:cc:be:cb:
ae:f3:e9:3d:c7:14:a0:06:d4:60:2b:8d:6c:90:cf:
44:51:f4:d8:7f:4d:b8:c8:30:dc:d0:cf:e3:bc:ad:
67:44:60:e8:f3:3b:1b:7f:35:2e:3a:75:80:43:57:
a0:c4:b7:aa:a0:c7:8e:41:fc:f0:7e:c8:63:f8:51:
e3:21:e9:d5:a5:ad:02:03:06:96:77:ff:94:23:34:
ed:73:10:81:5e:9b:cb:6f:6a:e9:9e:56:06:66:44:
e0:76:40:62:77:a4:f0:fc:08:39:6c:ca:27:2d:87:
42:82:73:03:1d:ca:58:13:72:a0:9f:da:3d:75:b5:
79:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:68:E6:F4:56:FF:CF:4B:83:B0:D3:7D:56:C3:C1:93:11:96:3B:DD
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/mGjm9Fb_z0uDsNN9VsPBkxGWO90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.159.0/24
185.26.34.0/23
185.124.172.0/22
185.243.49.0/24
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
c4:a4:03:12:41:e2:2b:a7:92:a5:a2:05:50:78:f0:a5:ac:d9:
ff:e8:f3:dd:3c:fc:e1:e3:46:1a:8f:62:82:f9:c3:89:26:62:
d0:12:52:39:01:23:98:6a:e9:97:9e:42:ee:f9:4f:b4:6a:7f:
54:d4:80:35:9b:47:94:8b:a7:9d:be:9f:c5:d5:12:7f:df:06:
7a:57:39:ea:98:23:f4:b2:4e:77:52:af:7d:73:83:6b:6a:cc:
9c:1e:57:14:3c:c1:6e:08:95:b2:90:2e:7c:4c:d6:82:3b:17:
bb:b9:43:d6:e8:d8:00:1c:60:c2:54:0e:b6:f5:cd:90:e8:16:
0c:94:29:df:11:14:22:fe:3f:81:e3:40:07:39:b0:85:6c:25:
5a:ad:4d:6a:d1:39:b0:e2:6b:a2:3a:f5:3d:dc:93:77:44:7e:
77:d9:2b:69:68:6d:0a:3b:42:8f:83:6b:6d:7b:ec:b0:53:7b:
95:90:63:b8:a7:7d:89:0e:15:6d:7e:91:f4:4b:a8:ed:c8:5a:
ec:41:a0:61:90:5f:0a:c8:14:d6:7a:ff:52:00:d7:16:12:e7:
a5:41:47:c9:d4:ea:f0:6d:26:6a:ce:2a:35:52:e0:cf:ac:7f:
c6:ef:00:ef:64:71:58:6a:f2:fc:4a:a4:ec:46:f6:f7:6d:fb:
06:6f:43:e3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYvD9t2lXasc51AqTF0u5f58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMTEyMTQzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY4ZTZmNDU2ZmZjZjRiODNiMGQzN2Q1NmMzYzE5MzExOTYzYmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1G0YN2pnahrMLUaoSTAv8QGWkPH
RwMJglMHyteGhBpeyFM/IZZCiLBu21YXFXouceSPjMEM4gzghGt44uKYJytLubPL
udB/qolcb9TWP0Aa9ehutYfdhL9cXR9FUI0hgybytNOvxkw6Lu8LNcDmrSmqFLv+
TVbHGHBuo77HRu6ikHLMvsuu8+k9xxSgBtRgK41skM9EUfTYf024yDDc0M/jvK1n
RGDo8zsbfzUuOnWAQ1egxLeqoMeOQfzwfshj+FHjIenVpa0CAwaWd/+UIzTtcxCB
XpvLb2rpnlYGZkTgdkBid6Tw/Ag5bMonLYdCgnMDHcpYE3Kgn9o9dbV5RwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJho5vRW/89Lg7DTfVbDwZMRljvdMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvbUdqbTlGYl96MHVEc05OOVZzUEJreEdXTzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAsu+fAwQB
uRoiAwQCuXysAwQAufMxMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEBCwUAA4IB
AQDEpAMSQeIrp5KlogVQePClrNn/6PPdPPzh40Yaj2KC+cOJJmLQElI5ASOYaumX
nkLu+U+0an9U1IA1m0eUi6edvp/F1RJ/3wZ6VznqmCP0sk53Uq99c4NrasycHlcU
PMFuCJWykC58TNaCOxe7uUPW6NgAHGDCVA629c2Q6BYMlCnfERQi/j+B40AHObCF
bCVarU1q0Tmw4muiOvU93JN3RH532StpaG0KO0KPg2tte+ywU3uVkGO4p32JDhVt
fpH0S6jtyFrsQaBhkF8KyBTWev9SANcWEuelQUfJ1OrwbSZqzio1UuDPrH/G7wDv
ZHFYavL8SqTsRvb3bfsGb0Pj
Generated at Sun Dec 31 08:04:06 2023 by rpki-client on console-fra.rpki-client.org