Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFZJbGH_jHYVz8pkAqpg-oldtoQ.roa
File: MFZJbGH_jHYVz8pkAqpg-oldtoQ.roa (raw, json)
Hash identifier: ussxljYDDKYuteiK0/eFnmvdG9zrnEsXWD2zo2R/RUQ=
Subject key identifier: 30:56:49:6C:61:FF:8C:76:15:CF:CA:64:02:AA:60:FA:89:5D:B6:84
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018585E1BDBF9F9F449660CB5621BC3060D5
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFZJbGH_jHYVz8pkAqpg-oldtoQ.roa
Signing time: Fri 06 Jan 2023 07:00:41 +0000
ROA not before: Fri 06 Jan 2023 07:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 36224
IP address blocks: 89.39.6.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:85:e1:bd:bf:9f:9f:44:96:60:cb:56:21:bc:30:60:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 6 07:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3056496c61ff8c7615cfca6402aa60fa895db684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:08:ce:4a:f6:96:0d:8b:35:5a:65:ae:79:
0c:ed:16:5f:ca:e9:ec:4b:b0:5d:bf:d3:15:3c:55:
44:7e:b8:bc:c0:ed:15:e6:31:8d:af:e8:fb:46:44:
96:3a:70:19:5b:f4:90:b6:39:79:a6:f5:b8:09:d3:
d7:c0:6b:0a:a5:f7:bd:84:db:12:95:a0:4f:82:38:
a6:39:03:91:1a:db:99:b0:2c:e0:78:be:f5:10:06:
7a:a3:13:0e:52:2a:89:14:52:e9:cc:4a:f8:e5:6f:
3e:59:3d:b6:79:41:e7:ae:72:87:98:e9:6f:43:82:
79:1a:cd:6b:9b:38:ff:f6:e6:01:78:de:57:23:69:
58:f5:ef:68:7d:1f:30:ee:99:20:90:4b:22:75:1c:
e4:3b:23:3a:3f:e8:0b:ca:f4:9c:11:3a:0b:6f:46:
dd:24:6e:39:e5:b8:d9:22:62:b2:4d:4e:0e:95:8d:
09:ed:cc:59:88:76:f7:aa:d6:1d:42:95:c6:a3:a6:
f7:45:44:dc:fb:fc:70:61:69:e5:55:21:0b:9d:73:
d9:8f:0a:af:92:f9:fe:3a:7b:c0:10:f4:3b:a6:4c:
56:cc:06:5f:fc:70:03:bd:3a:68:88:7d:de:f5:a3:
76:82:c5:9e:a2:81:31:e4:e7:69:5e:52:4e:70:55:
52:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:56:49:6C:61:FF:8C:76:15:CF:CA:64:02:AA:60:FA:89:5D:B6:84
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/MFZJbGH_jHYVz8pkAqpg-oldtoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.6.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:24:44:4d:07:1c:a7:e1:bf:f3:3f:e3:70:90:9f:ab:63:80:
8e:83:a3:a3:66:ce:2e:5e:47:07:f4:1b:f2:33:20:82:12:69:
a9:32:bd:e8:62:27:68:d5:37:a9:04:d3:f6:db:09:f7:57:59:
d1:ad:5c:dd:64:97:d0:47:fc:7d:01:b6:9b:a8:28:2a:02:40:
89:e7:7d:4d:fe:09:39:f3:38:65:78:a0:60:79:09:33:b5:18:
13:ab:e9:a2:d8:d7:26:c2:62:93:b5:01:09:0e:67:de:88:00:
28:91:42:79:ea:a0:2e:9c:cd:55:26:db:76:d9:5b:11:f0:c7:
9f:2e:76:1d:7c:7b:37:64:38:9d:ce:4d:cb:19:3e:09:d6:8f:
90:2c:57:87:b5:7c:a9:ce:a0:75:02:d2:9d:bc:fb:e7:fd:ef:
aa:d9:de:f9:45:d8:e6:d2:2a:03:2c:ce:59:15:ed:75:9a:f2:
ac:ba:10:29:34:fe:b8:c3:9b:2c:17:27:b7:3a:69:bc:a0:58:
7d:0e:c0:26:28:69:0a:4e:fc:56:05:10:49:25:b1:b5:eb:8a:
87:e7:e7:ed:a5:d7:c8:d0:65:8a:4b:3f:1d:14:e5:2d:ba:a3:
8c:15:59:22:1d:f2:13:d8:8f:db:2e:c0:58:d0:e4:e5:e5:6c:
07:ef:2e:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYWF4b2/n59ElmDLViG8MGDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTA2MDcwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU2NDk2YzYxZmY4Yzc2MTVjZmNhNjQwMmFhNjBmYTg5NWRiNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4EIzkr2lg2LNVplrnkM7RZfyuns
S7Bdv9MVPFVEfri8wO0V5jGNr+j7RkSWOnAZW/SQtjl5pvW4CdPXwGsKpfe9hNsS
laBPgjimOQORGtuZsCzgeL71EAZ6oxMOUiqJFFLpzEr45W8+WT22eUHnrnKHmOlv
Q4J5Gs1rmzj/9uYBeN5XI2lY9e9ofR8w7pkgkEsidRzkOyM6P+gLyvScEToLb0bd
JG455bjZImKyTU4OlY0J7cxZiHb3qtYdQpXGo6b3RUTc+/xwYWnlVSELnXPZjwqv
kvn+OnvAEPQ7pkxWzAZf/HADvTpoiH3e9aN2gsWeooEx5OdpXlJOcFVSLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBWSWxh/4x2Fc/KZAKqYPqJXbaEMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvTUZaSmJHSF9qSFlWejhwa0FxcGctb2xkdG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWScGMA0G
CSqGSIb3DQEBCwUAA4IBAQCgJERNBxyn4b/zP+NwkJ+rY4COg6OjZs4uXkcH9Bvy
MyCCEmmpMr3oYido1TepBNP22wn3V1nRrVzdZJfQR/x9AbabqCgqAkCJ531N/gk5
8zhleKBgeQkztRgTq+mi2NcmwmKTtQEJDmfeiAAokUJ56qAunM1VJtt22VsR8Mef
LnYdfHs3ZDidzk3LGT4J1o+QLFeHtXypzqB1AtKdvPvn/e+q2d75Rdjm0ioDLM5Z
Fe11mvKsuhApNP64w5ssFye3Omm8oFh9DsAmKGkKTvxWBRBJJbG164qH5+ftpdfI
0GWKSz8dFOUtuqOMFVkiHfIT2I/bLsBY0OTl5WwH7y62
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:35:35 2024 by rpki-client on console-ams.rpki-client.org