Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/mfMGHxNFAb1jvZhD38BAU51Zt74.roa
File: mfMGHxNFAb1jvZhD38BAU51Zt74.roa (raw, json)
Hash identifier: UG+3nJJmU8AwP1CrNEk7QFScKvGtOoOlnwidlRFb9oA=
Subject key identifier: 99:F3:06:1F:13:45:01:BD:63:BD:98:43:DF:C0:40:53:9D:59:B7:BE
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 0185738FF3F1FB4826FD411A72FEDA61B05C
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/mfMGHxNFAb1jvZhD38BAU51Zt74.roa
Signing time: Mon 02 Jan 2023 17:38:11 +0000
ROA not before: Mon 02 Jan 2023 17:38:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 141760
IP address blocks: 141.113.128.0/21 maxlen: 21
141.113.136.0/21 maxlen: 21
141.113.192.0/21 maxlen: 21
2a03:9e43::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:8f:f3:f1:fb:48:26:fd:41:1a:72:fe:da:61:b0:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 2 17:38:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99f3061f134501bd63bd9843dfc040539d59b7be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:f7:8f:56:21:b6:0b:7b:05:4a:e9:ff:ad:
56:9a:51:31:2f:64:84:53:8e:bd:4b:78:90:26:db:
9e:48:52:aa:07:74:8f:e7:85:3f:cb:eb:66:1c:e2:
dc:03:ce:06:f2:93:ad:3d:c6:bf:aa:54:cb:68:03:
ef:6a:a8:a7:d1:29:43:78:11:9f:02:e6:7d:32:e3:
f5:de:f9:d4:fe:7d:a9:f1:11:d6:37:47:d7:4b:07:
f3:58:3a:66:a8:7b:05:19:e9:ce:58:64:2d:c1:84:
b5:d0:47:07:24:60:3e:36:46:b7:c3:d1:49:76:52:
e8:7e:61:f1:30:e1:78:76:57:4b:76:bc:89:2e:f0:
75:f7:bb:d5:43:8c:32:75:44:48:86:70:2d:4a:8f:
5d:bb:ab:c1:7b:70:3a:69:51:7c:cb:e9:84:d5:9a:
16:5b:d3:72:65:3a:1a:a9:85:3b:a5:76:93:ce:1b:
3b:89:9c:11:62:06:22:43:b6:2c:c0:06:2c:c8:12:
01:cd:30:c1:5f:79:7f:7d:56:f8:7e:87:31:9b:af:
6a:ba:15:bb:a7:10:f6:cc:c2:29:c4:a4:a5:a4:a7:
39:f1:a0:7f:e7:73:35:b6:bf:9c:83:c7:6e:d4:ee:
cf:be:a8:29:38:a8:8e:88:a5:85:98:9a:96:df:4a:
e9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F3:06:1F:13:45:01:BD:63:BD:98:43:DF:C0:40:53:9D:59:B7:BE
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/mfMGHxNFAb1jvZhD38BAU51Zt74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.113.128.0/20
141.113.192.0/21
IPv6:
2a03:9e43::/32
Signature Algorithm: sha256WithRSAEncryption
19:43:2b:ed:b1:38:85:10:b7:87:8f:f9:87:5d:e4:e3:48:b0:
09:29:a1:79:3c:2c:ad:e9:d5:9e:11:94:9a:da:a2:2b:26:f2:
c3:01:f8:21:0e:81:7a:86:73:5a:b1:56:fc:27:fd:f0:11:0e:
df:50:cb:4b:99:9c:3a:95:dd:72:4d:e6:c5:2f:6b:42:78:18:
8f:5c:3d:c7:56:79:c4:ab:27:16:ff:63:76:8d:ca:f3:bf:1c:
ce:b6:96:7e:6b:bd:68:0e:95:4a:62:ad:b0:48:2a:69:e7:53:
62:0e:de:e0:b7:41:5e:8a:13:81:31:d5:3f:7d:c1:f7:55:50:
ea:bb:f8:b9:f6:e4:7b:aa:5d:ba:2e:63:72:a6:4e:b6:76:c3:
77:d8:37:22:4e:b9:91:9f:b3:0b:32:94:5a:17:3c:73:89:b2:
28:9b:c3:a9:ca:7f:80:5b:ca:42:f6:bd:c5:3c:18:47:e2:39:
09:36:d7:91:a8:05:77:3a:dc:49:e3:a6:56:a1:1d:4e:55:7a:
05:34:fe:15:bc:24:ef:d0:63:df:c1:3a:52:ba:fc:2b:c8:3d:
ee:45:61:46:a6:55:bf:58:0a:5f:90:94:d6:35:cd:98:62:5f:
c3:38:ae:45:2d:96:4c:40:0c:1c:24:ce:1b:1f:fb:1b:79:4b:
cd:aa:eb:98
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVzj/Px+0gm/UEacv7aYbBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjMwMTAyMTczODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYzMDYxZjEzNDUwMWJkNjNiZDk4NDNkZmMwNDA1MzlkNTliN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3v3j1Yhtgt7BUrp/61WmlExL2SE
U469S3iQJtueSFKqB3SP54U/y+tmHOLcA84G8pOtPca/qlTLaAPvaqin0SlDeBGf
AuZ9MuP13vnU/n2p8RHWN0fXSwfzWDpmqHsFGenOWGQtwYS10EcHJGA+Nka3w9FJ
dlLofmHxMOF4dldLdryJLvB197vVQ4wydURIhnAtSo9du6vBe3A6aVF8y+mE1ZoW
W9NyZToaqYU7pXaTzhs7iZwRYgYiQ7YswAYsyBIBzTDBX3l/fVb4focxm69quhW7
pxD2zMIpxKSlpKc58aB/53M1tr+cg8du1O7PvqgpOKiOiKWFmJqW30rpjQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJnzBh8TRQG9Y72YQ9/AQFOdWbe+MB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvbWZNR0h4TkZBYjFqdlpoRDM4QkFVNTFadDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEjXGAAwQD
jXHAMA0EAgACMAcDBQAqA55DMA0GCSqGSIb3DQEBCwUAA4IBAQAZQyvtsTiFELeH
j/mHXeTjSLAJKaF5PCyt6dWeEZSa2qIrJvLDAfghDoF6hnNasVb8J/3wEQ7fUMtL
mZw6ld1yTebFL2tCeBiPXD3HVnnEqycW/2N2jcrzvxzOtpZ+a71oDpVKYq2wSCpp
51NiDt7gt0FeihOBMdU/fcH3VVDqu/i59uR7ql26LmNypk62dsN32DciTrmRn7ML
MpRaFzxzibIom8Opyn+AW8pC9r3FPBhH4jkJNteRqAV3OtxJ46ZWoR1OVXoFNP4V
vCTv0GPfwTpSuvwryD3uRWFGplW/WApfkJTWNc2YYl/DOK5FLZZMQAwcJM4bH/sb
eUvNquuY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:06 2024 by rpki-client on console-fra.rpki-client.org