Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0b938f-189b-4a7d-8c36-2a3fa61c3dc5/1/MDZZiMy6ksuTX6Z0Kj--A1BhzIY.roa
File: MDZZiMy6ksuTX6Z0Kj--A1BhzIY.roa (raw, json)
Hash identifier: pcWmxk37DtuOTqTOroQA3Tz7k8sbcLZkDNIIeDBd5XQ=
Subject key identifier: 30:36:59:88:CC:BA:92:CB:93:5F:A6:74:2A:3F:BE:03:50:61:CC:86
Certificate issuer: /CN=9fac2fdddabf20ea449870e1dcc0915e60148346
Certificate serial: 01857227E9EDEF0A1C94091C3B54C51B87EB
Authority key identifier: 9F:AC:2F:DD:DA:BF:20:EA:44:98:70:E1:DC:C0:91:5E:60:14:83:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n6wv3dq_IOpEmHDh3MCRXmAUg0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0b938f-189b-4a7d-8c36-2a3fa61c3dc5/1/MDZZiMy6ksuTX6Z0Kj--A1BhzIY.roa
Signing time: Mon 02 Jan 2023 11:04:56 +0000
ROA not before: Mon 02 Jan 2023 11:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9051
IP address blocks: 77.246.64.0/20 maxlen: 24
92.242.168.0/22 maxlen: 24
2a0d:b340::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:27:e9:ed:ef:0a:1c:94:09:1c:3b:54:c5:1b:87:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fac2fdddabf20ea449870e1dcc0915e60148346
Validity
Not Before: Jan 2 11:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30365988ccba92cb935fa6742a3fbe035061cc86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:56:53:86:ad:70:6d:7f:8e:3b:59:fa:0b:30:
e7:0f:ac:6c:3a:20:4c:ce:97:37:62:2b:24:81:07:
10:0e:40:95:06:90:fc:92:d8:26:c1:6c:93:9c:4d:
e5:9f:b3:25:30:33:32:ac:e1:d8:93:9d:7f:97:84:
80:dc:9c:28:2c:47:ef:92:36:5c:d7:5e:9f:8d:d9:
df:88:2b:b2:ab:4f:44:6b:89:ae:05:dc:f2:33:7c:
80:25:94:38:10:39:7a:f0:d8:e4:f8:fb:c9:4b:eb:
c4:e9:86:0b:41:6a:d7:77:29:4d:58:b9:84:2f:36:
c7:1a:be:63:57:7d:bf:03:43:a8:7f:1d:65:31:b6:
64:1f:4b:d6:f7:1d:8b:c6:5b:9a:ba:4c:65:1f:38:
3b:fb:94:5e:6f:c7:b7:e6:7b:69:3f:ce:4c:30:a5:
72:3f:d8:96:0f:fc:bb:af:dd:5d:19:33:34:b1:66:
d0:c8:07:db:af:14:3d:6b:8f:b7:44:37:04:55:65:
44:6c:ff:12:4a:5e:f4:b4:e8:65:a0:ea:ca:7b:e7:
88:df:5b:9b:0d:61:bb:37:c9:04:87:79:7d:f6:c1:
c0:21:3f:f2:f6:9c:0f:68:06:c1:48:2e:f3:d6:39:
6c:59:24:ea:d2:f2:36:42:6c:ef:00:21:dc:b2:2a:
a8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:36:59:88:CC:BA:92:CB:93:5F:A6:74:2A:3F:BE:03:50:61:CC:86
X509v3 Authority Key Identifier:
keyid:9F:AC:2F:DD:DA:BF:20:EA:44:98:70:E1:DC:C0:91:5E:60:14:83:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n6wv3dq_IOpEmHDh3MCRXmAUg0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b938f-189b-4a7d-8c36-2a3fa61c3dc5/1/MDZZiMy6ksuTX6Z0Kj--A1BhzIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0b938f-189b-4a7d-8c36-2a3fa61c3dc5/1/n6wv3dq_IOpEmHDh3MCRXmAUg0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.64.0/20
92.242.168.0/22
IPv6:
2a0d:b340::/29
Signature Algorithm: sha256WithRSAEncryption
a9:4d:1f:80:af:36:41:f9:e4:07:79:a5:e8:99:23:b1:28:97:
76:74:f6:52:21:a6:84:48:b4:c2:cd:3b:f9:f4:27:b1:0c:cd:
9e:28:25:8c:1e:8f:48:38:da:ec:8f:f8:20:32:b5:72:32:a9:
08:37:9b:21:61:64:d8:c4:8e:31:e0:22:ad:68:48:aa:d2:42:
13:3a:80:b9:71:d1:7e:54:54:8f:41:d3:4a:10:bd:ff:dc:77:
13:f6:57:dc:06:a7:56:d5:3e:b9:23:1b:26:b6:9a:e9:0d:92:
bf:0f:44:bc:31:f9:1b:60:66:90:d7:b3:8d:7e:1b:2f:68:bd:
36:47:ad:6c:75:03:48:f2:83:07:7d:5f:e2:a5:25:8a:6c:9e:
7a:49:4b:62:9e:78:60:91:48:76:49:c1:3e:10:3e:03:b0:32:
c1:23:cb:9f:79:2e:0f:20:7f:4f:b3:bf:81:ce:6f:e6:e2:5d:
67:6d:1f:42:c6:9c:1e:4e:4c:18:3a:b8:31:d4:17:ba:f3:66:
29:be:68:63:bb:05:a2:d7:a4:06:40:80:b8:0e:15:67:4a:2d:
02:be:ae:71:1e:e2:ed:47:57:69:4e:9e:c9:b3:bf:f5:34:a8:
03:bc:08:b7:41:71:4f:71:b4:84:8c:dd:35:32:4f:d8:1b:6f:
86:3d:c3:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyJ+nt7woclAkcO1TFG4frMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYWMyZmRkZGFiZjIwZWE0NDk4NzBlMWRjYzA5MTVlNjAx
NDgzNDYwHhcNMjMwMTAyMTEwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDM2NTk4OGNjYmE5MmNiOTM1ZmE2NzQyYTNmYmUwMzUwNjFjYzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjlZThq1wbX+OO1n6CzDnD6xsOiBM
zpc3YiskgQcQDkCVBpD8ktgmwWyTnE3ln7MlMDMyrOHYk51/l4SA3JwoLEfvkjZc
116fjdnfiCuyq09Ea4muBdzyM3yAJZQ4EDl68Njk+PvJS+vE6YYLQWrXdylNWLmE
LzbHGr5jV32/A0Oofx1lMbZkH0vW9x2LxluaukxlHzg7+5Reb8e35ntpP85MMKVy
P9iWD/y7r91dGTM0sWbQyAfbrxQ9a4+3RDcEVWVEbP8SSl70tOhloOrKe+eI31ub
DWG7N8kEh3l99sHAIT/y9pwPaAbBSC7z1jlsWSTq0vI2QmzvACHcsiqoYQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDA2WYjMupLLk1+mdCo/vgNQYcyGMB8GA1UdIwQY
MBaAFJ+sL93avyDqRJhw4dzAkV5gFINGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjZ3djNkcV9JT3BFbUhEaDNNQ1JYbUFVZzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wYjkzOGYtMTg5Yi00YTdkLThjMzYt
MmEzZmE2MWMzZGM1LzEvTURaWmlNeTZrc3VUWDZaMEtqLS1BMUJoeklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wYjkzOGYtMTg5Yi00YTdkLThjMzYtMmEzZmE2MWMzZGM1
LzEvbjZ3djNkcV9JT3BFbUhEaDNNQ1JYbUFVZzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfZAAwQC
XPKoMA0EAgACMAcDBQMqDbNAMA0GCSqGSIb3DQEBCwUAA4IBAQCpTR+ArzZB+eQH
eaXomSOxKJd2dPZSIaaESLTCzTv59CexDM2eKCWMHo9IONrsj/ggMrVyMqkIN5sh
YWTYxI4x4CKtaEiq0kITOoC5cdF+VFSPQdNKEL3/3HcT9lfcBqdW1T65Ixsmtprp
DZK/D0S8MfkbYGaQ17ONfhsvaL02R61sdQNI8oMHfV/ipSWKbJ56SUtinnhgkUh2
ScE+ED4DsDLBI8ufeS4PIH9Ps7+Bzm/m4l1nbR9CxpweTkwYOrgx1Be682Ypvmhj
uwWi16QGQIC4DhVnSi0Cvq5xHuLtR1dpTp7Js7/1NKgDvAi3QXFPcbSEjN01Mk/Y
G2+GPcNF
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:09 2024 by rpki-client on console-ams.rpki-client.org