Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mrwK38QzRomfrvy7e_iwvFLLP1k.roa
File: mrwK38QzRomfrvy7e_iwvFLLP1k.roa (raw, json)
Hash identifier: jz55b+zH9p2LJ6mcvWXb4AZ8MXU7adGz5h7RfPfzdSo=
Subject key identifier: 9A:BC:0A:DF:C4:33:46:89:9F:AE:FC:BB:7B:F8:B0:BC:52:CB:3F:59
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018852639B6CEB12420790D20C7BA2BF04B3
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mrwK38QzRomfrvy7e_iwvFLLP1k.roa
Signing time: Thu 25 May 2023 10:10:39 +0000
ROA not before: Thu 25 May 2023 10:10:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20905
IP address blocks: 217.124.152.0/24 maxlen: 24
2a02:9010:45::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:63:9b:6c:eb:12:42:07:90:d2:0c:7b:a2:bf:04:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: May 25 10:10:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9abc0adfc43346899faefcbb7bf8b0bc52cb3f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6c:e4:7f:49:32:57:fe:81:c4:ab:1d:a1:fa:
4c:23:0d:89:2c:23:1e:e8:5b:08:7e:ee:a8:69:22:
0d:98:0d:74:29:c9:5e:23:ce:d9:ac:dd:2b:83:fe:
f6:f8:df:9e:1b:d0:62:ab:01:62:f4:dc:0e:98:e6:
90:12:36:95:84:fc:92:a5:9d:b6:26:30:4d:da:1e:
7a:cc:3b:1c:cf:e7:d1:7c:3a:e1:56:91:5b:cc:4d:
76:d6:60:ac:80:e7:5e:fb:8b:98:b9:1c:1e:18:a3:
f8:09:53:8c:dd:4b:d6:95:d0:1e:36:50:30:f0:46:
4c:de:6f:da:e3:cc:8e:24:a0:7a:39:c7:e3:bf:1b:
4b:c7:b8:e2:c2:cb:0e:d5:fb:5b:b0:39:62:35:f6:
ea:13:f3:01:02:89:c3:3f:c9:b9:4c:c2:68:b3:dc:
a8:e5:f7:5f:55:3d:45:96:d5:8b:4d:cc:ae:41:f0:
06:46:13:a6:8a:a4:07:4f:b3:4d:b8:6e:94:43:39:
9f:4e:91:06:62:03:ae:eb:81:73:50:d6:9b:ff:e6:
d7:4f:ed:be:d1:a7:31:20:ac:72:f6:d9:b1:4c:d3:
de:b2:88:72:d7:43:d7:56:af:a3:01:5c:cf:f5:58:
0a:cc:55:5a:c0:1f:5f:bb:9c:fc:c6:55:d9:48:b5:
4a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:BC:0A:DF:C4:33:46:89:9F:AE:FC:BB:7B:F8:B0:BC:52:CB:3F:59
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/mrwK38QzRomfrvy7e_iwvFLLP1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.124.152.0/24
IPv6:
2a02:9010:45::/48
Signature Algorithm: sha256WithRSAEncryption
a7:99:15:e7:8f:9c:22:a3:26:5e:86:58:d3:fe:08:61:c3:4b:
21:ff:a1:e4:02:fc:f4:ff:3a:c8:d9:c1:42:d8:51:42:9e:aa:
15:0a:33:e4:f4:7f:f2:18:0f:0c:6b:24:1a:57:60:a3:54:17:
8b:90:dc:0a:e6:1d:cc:f6:f2:4a:5a:4b:89:a9:75:12:de:78:
b5:72:92:dc:15:f9:e4:16:0d:00:a5:28:dc:7c:51:aa:ee:57:
a2:ce:69:4a:cf:73:0d:da:6f:75:7b:f6:26:9a:33:3e:a5:0b:
f1:ad:3c:e2:84:42:f9:23:1f:dd:ff:dd:56:0e:ea:96:66:bc:
1f:0c:61:c5:ef:8d:c1:80:d4:97:54:20:e6:5d:34:c9:5f:bf:
28:91:fc:87:e4:ea:32:95:ca:88:6b:4c:45:3c:36:b4:ee:4c:
c7:83:29:81:bb:59:66:7d:1d:73:e0:b6:e9:d5:d6:28:04:00:
48:1b:db:a2:82:ac:96:52:a2:5f:3f:b8:1e:91:e4:23:06:18:
19:a7:19:a9:66:f5:51:d8:a9:e3:a8:a8:7d:1a:0f:5d:45:5f:
b3:61:99:36:13:f0:b4:a8:23:b9:00:f6:a1:cb:b8:04:6d:e2:
c5:57:5b:53:87:d0:53:10:ec:5a:87:0b:30:3f:3d:f3:a3:ce:
21:71:52:42
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYhSY5ts6xJCB5DSDHuivwSzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwNTI1MTAxMDM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWJjMGFkZmM0MzM0Njg5OWZhZWZjYmI3YmY4YjBiYzUyY2IzZjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGzkf0kyV/6BxKsdofpMIw2JLCMe
6FsIfu6oaSINmA10KcleI87ZrN0rg/72+N+eG9BiqwFi9NwOmOaQEjaVhPySpZ22
JjBN2h56zDscz+fRfDrhVpFbzE121mCsgOde+4uYuRweGKP4CVOM3UvWldAeNlAw
8EZM3m/a48yOJKB6OcfjvxtLx7jiwssO1ftbsDliNfbqE/MBAonDP8m5TMJos9yo
5fdfVT1FltWLTcyuQfAGRhOmiqQHT7NNuG6UQzmfTpEGYgOu64FzUNab/+bXT+2+
0acxIKxy9tmxTNPesohy10PXVq+jAVzP9VgKzFVawB9fu5z8xlXZSLVKsQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJq8Ct/EM0aJn678u3v4sLxSyz9ZMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvbXJ3SzM4UXpSb21mcnZ5N2VfaXd2RkxMUDFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA2XyYMA8E
AgACMAkDBwAqApAQAEUwDQYJKoZIhvcNAQELBQADggEBAKeZFeePnCKjJl6GWNP+
CGHDSyH/oeQC/PT/OsjZwULYUUKeqhUKM+T0f/IYDwxrJBpXYKNUF4uQ3ArmHcz2
8kpaS4mpdRLeeLVyktwV+eQWDQClKNx8UaruV6LOaUrPcw3ab3V79iaaMz6lC/Gt
POKEQvkjH93/3VYO6pZmvB8MYcXvjcGA1JdUIOZdNMlfvyiR/Ifk6jKVyohrTEU8
NrTuTMeDKYG7WWZ9HXPgtunV1igEAEgb26KCrJZSol8/uB6R5CMGGBmnGalm9VHY
qeOoqH0aD11FX7NhmTYT8LSoI7kA9qHLuARt4sVXW1OH0FMQ7FqHCzA/PfOjziFx
UkI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:22:35 2024 by rpki-client on console-ams.rpki-client.org