Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mlVqw4i7hQPrCv-cvZfRV6eExyo.roa
File: mlVqw4i7hQPrCv-cvZfRV6eExyo.roa (raw, json)
Hash identifier: Y/qQmq1/1/+6VI1WH0pr5YAPw/lHYFzI8naS9S2Kyus=
Subject key identifier: 9A:55:6A:C3:88:BB:85:03:EB:0A:FF:9C:BD:97:D1:57:A7:84:C7:2A
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 01886687A1D6498ED9EEE00CD056ABA156F0
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mlVqw4i7hQPrCv-cvZfRV6eExyo.roa
Signing time: Mon 29 May 2023 08:02:24 +0000
ROA not before: Mon 29 May 2023 08:02:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211359
IP address blocks: 194.224.205.0/24 maxlen: 24
194.224.204.0/23 maxlen: 23
194.224.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:66:87:a1:d6:49:8e:d9:ee:e0:0c:d0:56:ab:a1:56:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: May 29 08:02:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a556ac388bb8503eb0aff9cbd97d157a784c72a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:df:ba:6c:14:c2:61:9d:12:c8:4d:d7:41:96:
da:c3:66:40:b1:67:40:a9:24:bc:0a:10:f9:c4:ea:
34:eb:20:bc:d6:c7:1f:34:c2:1a:fc:af:21:b8:2a:
af:f4:33:5f:4c:c2:3d:17:bb:30:8e:17:4d:f7:19:
52:5e:d7:4a:c1:3f:59:cc:ba:8d:0a:4b:4e:5d:11:
ae:3a:b6:aa:18:38:72:d6:78:c0:cd:7d:73:4c:26:
d7:27:65:d5:dd:04:25:a7:4c:af:47:8f:1b:78:86:
01:14:76:64:48:76:a8:50:0b:3a:96:5b:48:68:34:
e4:81:02:30:86:4c:07:78:5d:26:e8:84:a0:3f:51:
a9:2d:d9:d3:86:d7:9d:0b:33:28:c4:b5:9a:a1:87:
24:82:f1:08:14:9a:e1:ea:33:56:e9:d8:c8:96:c9:
bb:6f:60:02:db:f1:83:ae:c4:71:d8:67:93:bd:de:
c3:ca:4b:12:32:d1:6f:44:08:85:62:48:c8:f2:c8:
7a:84:45:b0:ff:82:ed:7d:8d:93:34:d5:80:40:8f:
08:9d:68:1e:8d:4b:99:f1:2b:35:94:d0:56:45:db:
13:3d:08:96:44:07:0d:46:60:0f:9b:c2:f2:8a:ac:
22:62:f8:05:17:cd:f4:f2:86:5e:48:c6:54:12:bc:
72:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:55:6A:C3:88:BB:85:03:EB:0A:FF:9C:BD:97:D1:57:A7:84:C7:2A
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mlVqw4i7hQPrCv-cvZfRV6eExyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.224.204.0/23
Signature Algorithm: sha256WithRSAEncryption
c4:c9:2c:fc:8c:2d:36:4e:67:9f:78:b2:07:ea:f9:aa:58:10:
c0:e7:54:60:c8:a6:c7:84:c5:71:f4:2a:a3:c4:ed:8b:56:e3:
4e:c4:93:36:20:61:f5:62:40:d8:2c:eb:8e:f6:49:3a:35:6a:
20:d8:2d:54:4a:80:2b:8b:f1:53:43:f6:0e:a9:8b:47:bc:d5:
cb:c5:2a:d7:87:7c:bf:ed:3b:24:74:ff:59:50:65:d4:dd:c7:
23:9a:da:ff:01:bd:1f:b2:88:98:40:e6:16:9b:4c:b0:b3:51:
fd:4d:86:1f:8b:e4:99:63:33:5f:06:56:a5:32:ca:5f:73:1f:
13:d2:37:6b:a7:91:38:44:0a:7d:7b:05:d8:c3:27:50:dc:39:
b7:5a:29:fb:22:df:97:40:d6:df:76:9c:d2:d8:01:52:fe:8a:
81:1d:9c:bf:40:9d:08:75:a5:d7:2d:f7:be:fd:0f:e1:25:e2:
ef:cb:d7:79:90:a1:db:d5:a0:e0:4f:7b:9b:c9:2c:2d:ad:da:
7e:f0:b9:4c:c7:c0:c6:07:ab:c2:0c:4d:c8:48:43:5d:9d:e9:
c6:0a:5b:46:20:2d:47:21:01:57:53:49:ff:d3:df:94:fb:d7:
90:df:9c:ad:64:6f:7e:c3:bd:42:86:9f:75:40:42:11:4a:0c:
b5:94:df:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhmh6HWSY7Z7uAM0FaroVbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwNTI5MDgwMjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU1NmFjMzg4YmI4NTAzZWIwYWZmOWNiZDk3ZDE1N2E3ODRjNzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAht+6bBTCYZ0SyE3XQZbaw2ZAsWdA
qSS8ChD5xOo06yC81scfNMIa/K8huCqv9DNfTMI9F7swjhdN9xlSXtdKwT9ZzLqN
CktOXRGuOraqGDhy1njAzX1zTCbXJ2XV3QQlp0yvR48beIYBFHZkSHaoUAs6lltI
aDTkgQIwhkwHeF0m6ISgP1GpLdnThtedCzMoxLWaoYckgvEIFJrh6jNW6djIlsm7
b2AC2/GDrsRx2GeTvd7DyksSMtFvRAiFYkjI8sh6hEWw/4LtfY2TNNWAQI8InWge
jUuZ8Ss1lNBWRdsTPQiWRAcNRmAPm8LyiqwiYvgFF8308oZeSMZUErxyeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpVasOIu4UD6wr/nL2X0VenhMcqMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvbWxWcXc0aTdoUVByQ3YtY3ZaZlJWNmVFeHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwuDMMA0G
CSqGSIb3DQEBCwUAA4IBAQDEySz8jC02TmefeLIH6vmqWBDA51RgyKbHhMVx9Cqj
xO2LVuNOxJM2IGH1YkDYLOuO9kk6NWog2C1USoAri/FTQ/YOqYtHvNXLxSrXh3y/
7TskdP9ZUGXU3ccjmtr/Ab0fsoiYQOYWm0yws1H9TYYfi+SZYzNfBlalMspfcx8T
0jdrp5E4RAp9ewXYwydQ3Dm3Win7It+XQNbfdpzS2AFS/oqBHZy/QJ0IdaXXLfe+
/Q/hJeLvy9d5kKHb1aDgT3ubySwtrdp+8LlMx8DGB6vCDE3ISENdnenGCltGIC1H
IQFXU0n/09+U+9eQ35ytZG9+w71Chp91QEIRSgy1lN95
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:13 2024 by rpki-client on console-ams.rpki-client.org