Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/mhp2zJibpnkl9WuF0Qb3WCAfGWU.roa
File: mhp2zJibpnkl9WuF0Qb3WCAfGWU.roa (raw, json)
Hash identifier: XlOmDlovMM6GKyEx44K+34sGnsv+SgZRAayTuVjUUdg=
Subject key identifier: 9A:1A:76:CC:98:9B:A6:79:25:F5:6B:85:D1:06:F7:58:20:1F:19:65
Certificate issuer: /CN=09f93d62beb75bb4232dcd052d270276d36f8573
Certificate serial: 01856BDC76BEF1B8D6B5F8BF4BC07F7290A0
Authority key identifier: 09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/mhp2zJibpnkl9WuF0Qb3WCAfGWU.roa
Signing time: Sun 01 Jan 2023 05:44:48 +0000
ROA not before: Sun 01 Jan 2023 05:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.141.193.0/24 maxlen: 24
2a04:ac0:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:76:be:f1:b8:d6:b5:f8:bf:4b:c0:7f:72:90:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09f93d62beb75bb4232dcd052d270276d36f8573
Validity
Not Before: Jan 1 05:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a1a76cc989ba67925f56b85d106f758201f1965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:cc:94:06:40:a0:b0:85:6f:6d:1d:90:e8:84:
f4:6a:4b:c5:23:b5:ea:64:e2:61:ce:b6:16:a8:c3:
1c:aa:ee:5a:6f:9a:18:fa:15:52:13:2b:bc:94:87:
e8:81:05:db:f3:fd:dc:6c:88:7f:50:d9:99:bb:89:
a7:f8:a0:07:ce:2f:b5:a5:30:96:d8:d8:14:dc:2a:
de:b1:4f:f6:ec:1e:6b:65:9e:a2:a8:33:25:49:8d:
d5:48:0a:6f:a1:02:e7:53:d5:cd:c8:94:a4:61:c3:
d5:77:48:49:de:3b:43:6c:de:64:90:2a:0e:9d:c3:
3c:eb:4a:b9:1b:ad:96:d8:1a:0f:09:15:3b:9c:da:
87:d6:01:21:99:a1:50:bd:ba:16:df:5d:30:66:f4:
8d:57:95:da:7f:ed:94:bb:f1:29:45:a6:24:ec:72:
0a:79:32:01:42:3e:b0:16:56:54:80:fc:f6:45:26:
9c:59:6e:c5:d7:40:a7:2b:51:dd:3b:3f:1d:a4:8b:
56:09:8c:b3:1c:c6:ff:37:b5:83:39:4b:0c:34:90:
0f:cf:40:22:f5:69:13:f5:55:8b:75:ac:fa:1f:09:
22:ab:0a:d4:96:55:41:e1:db:6e:5e:40:ba:b1:4e:
7c:a6:30:44:d5:8e:3c:c0:6d:b5:33:70:db:1f:a2:
fb:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:76:CC:98:9B:A6:79:25:F5:6B:85:D1:06:F7:58:20:1F:19:65
X509v3 Authority Key Identifier:
keyid:09:F9:3D:62:BE:B7:5B:B4:23:2D:CD:05:2D:27:02:76:D3:6F:85:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cfk9Yr63W7QjLc0FLScCdtNvhXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/mhp2zJibpnkl9WuF0Qb3WCAfGWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/705aad-59b2-474e-a3d8-bf34d01f8b0a/1/Cfk9Yr63W7QjLc0FLScCdtNvhXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.193.0/24
IPv6:
2a04:ac0:2::/48
Signature Algorithm: sha256WithRSAEncryption
2c:0e:ad:c1:c9:54:9c:cc:9f:89:74:f1:66:4a:6c:13:0f:f4:
e5:bb:4c:0b:cd:36:64:40:22:e1:b9:24:ec:61:9f:73:2e:bd:
3a:98:ef:28:bb:77:0b:9f:63:99:47:60:31:6f:49:2c:2f:de:
fb:72:b9:00:b2:61:82:59:60:5d:5d:e2:94:d7:84:87:3d:d7:
43:e3:df:49:53:7d:12:72:a1:6e:65:a0:a3:7f:9f:8e:db:27:
01:92:12:3f:3f:4b:4e:aa:db:65:6c:9f:c5:c2:b9:83:0e:7c:
46:05:07:0b:84:c5:29:67:26:71:65:72:4c:b1:66:f1:36:3c:
01:0e:d3:b7:9b:0e:c8:7e:9b:45:0e:71:0d:c8:b7:bf:55:a0:
c3:ed:a5:9a:ac:54:5b:60:b6:c5:58:61:d8:e2:c1:97:de:7f:
fb:bc:dc:4a:1c:81:9e:36:46:82:8a:ff:ae:ab:df:63:f5:f3:
8f:90:1d:20:c5:68:34:1f:96:cb:6a:14:f1:0c:d5:a5:4a:6a:
0c:f7:b2:0d:8e:e0:96:c8:7e:16:e6:27:48:dd:24:85:f9:0d:
86:f6:14:08:4f:f6:7c:b3:9a:cf:53:28:7b:ff:7e:ee:68:15:
64:3f:06:76:d8:b9:5e:d1:3c:fa:2e:f5:0c:5a:dd:9b:07:61:
65:82:82:c0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVr3Ha+8bjWtfi/S8B/cpCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZjkzZDYyYmViNzViYjQyMzJkY2QwNTJkMjcwMjc2ZDM2
Zjg1NzMwHhcNMjMwMTAxMDU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFhNzZjYzk4OWJhNjc5MjVmNTZiODVkMTA2Zjc1ODIwMWYxOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsyUBkCgsIVvbR2Q6IT0akvFI7Xq
ZOJhzrYWqMMcqu5ab5oY+hVSEyu8lIfogQXb8/3cbIh/UNmZu4mn+KAHzi+1pTCW
2NgU3CresU/27B5rZZ6iqDMlSY3VSApvoQLnU9XNyJSkYcPVd0hJ3jtDbN5kkCoO
ncM860q5G62W2BoPCRU7nNqH1gEhmaFQvboW310wZvSNV5Xaf+2Uu/EpRaYk7HIK
eTIBQj6wFlZUgPz2RSacWW7F10CnK1HdOz8dpItWCYyzHMb/N7WDOUsMNJAPz0Ai
9WkT9VWLdaz6HwkiqwrUllVB4dtuXkC6sU58pjBE1Y48wG21M3DbH6L7WQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJoadsyYm6Z5JfVrhdEG91ggHxllMB8GA1UdIwQY
MBaAFAn5PWK+t1u0Iy3NBS0nAnbTb4VzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgt
YmYzNGQwMWY4YjBhLzEvbWhwMnpKaWJwbmtsOVd1RjBRYjNXQ0FmR1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83MDVhYWQtNTliMi00NzRlLWEzZDgtYmYzNGQwMWY4YjBh
LzEvQ2ZrOVlyNjNXN1FqTGMwRkxTY0NkdE52aFhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuY3BMA8E
AgACMAkDBwAqBArAAAIwDQYJKoZIhvcNAQELBQADggEBACwOrcHJVJzMn4l08WZK
bBMP9OW7TAvNNmRAIuG5JOxhn3MuvTqY7yi7dwufY5lHYDFvSSwv3vtyuQCyYYJZ
YF1d4pTXhIc910Pj30lTfRJyoW5loKN/n47bJwGSEj8/S06q22Vsn8XCuYMOfEYF
BwuExSlnJnFlckyxZvE2PAEO07ebDsh+m0UOcQ3It79VoMPtpZqsVFtgtsVYYdji
wZfef/u83EocgZ42RoKK/66r32P184+QHSDFaDQflstqFPEM1aVKagz3sg2O4JbI
fhbmJ0jdJIX5DYb2FAhP9nyzms9TKHv/fu5oFWQ/BnbYuV7RPPou9Qxa3ZsHYWWC
gsA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:54 2024 by rpki-client on console-ams.rpki-client.org