Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/mCjjXmNHP3ERcyACKlhWztWevjs.roa
File: mCjjXmNHP3ERcyACKlhWztWevjs.roa (raw, json)
Hash identifier: prSCXa4i1+SV8yhrAGFkhQKRCebFhXikZZjChURnSUE=
Subject key identifier: 98:28:E3:5E:63:47:3F:71:11:73:20:02:2A:58:56:CE:D5:9E:BE:3B
Certificate issuer: /CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Certificate serial: 018D07C7092236CE804732AAA76A6E565223
Authority key identifier: 88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/mCjjXmNHP3ERcyACKlhWztWevjs.roa
Signing time: Sun 14 Jan 2024 11:41:40 +0000
ROA not before: Sun 14 Jan 2024 11:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215974
IP address blocks: 86.107.6.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:c7:09:22:36:ce:80:47:32:aa:a7:6a:6e:56:52:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8847aa91b06d8c6b87284f3f45a21dc281f7ba55
Validity
Not Before: Jan 14 11:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9828e35e63473f71117320022a5856ced59ebe3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:44:01:c6:4e:24:fc:df:35:10:7c:61:1c:01:
26:84:d7:e2:61:e2:12:6d:15:33:8e:d4:a2:09:ab:
1c:f7:ff:86:49:8b:e6:72:ab:02:dd:d9:d1:89:a7:
ad:f2:8b:7b:47:dd:c1:dc:bc:c9:11:a1:2e:5f:c4:
68:61:d1:f8:65:0f:cb:ea:04:16:43:7b:91:87:83:
6a:cb:7b:2f:9e:d3:fd:2e:bd:d9:bd:6d:18:2a:5c:
38:a4:54:f4:82:e5:a4:1e:13:5f:1f:0c:60:3c:70:
b7:a1:1b:7b:bb:c7:07:eb:a7:2b:37:e1:9d:1f:66:
6b:ad:5e:95:8f:91:2a:58:2f:c7:77:23:8a:77:5e:
de:f8:1d:54:a2:b1:36:8e:e9:87:29:97:06:56:8a:
ae:52:09:2d:c1:50:8a:64:05:f3:45:94:3b:26:6a:
d8:73:4e:40:50:26:37:ab:6e:d2:c9:4b:0a:c5:0b:
30:ab:35:b1:ad:f4:4a:5f:1e:cd:24:10:d7:df:51:
8e:f2:ac:5f:d3:12:12:b4:77:e3:91:66:d6:d3:11:
bc:03:20:81:bc:12:55:32:dc:1e:35:94:b8:45:91:
af:19:b6:6d:bd:6c:ad:5b:07:10:6c:a5:33:3f:03:
cc:b0:e1:c8:6e:05:69:33:e0:0c:fc:ca:b7:6a:0e:
a9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:28:E3:5E:63:47:3F:71:11:73:20:02:2A:58:56:CE:D5:9E:BE:3B
X509v3 Authority Key Identifier:
keyid:88:47:AA:91:B0:6D:8C:6B:87:28:4F:3F:45:A2:1D:C2:81:F7:BA:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEeqkbBtjGuHKE8_RaIdwoH3ulU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/mCjjXmNHP3ERcyACKlhWztWevjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/fdf296-75e5-4635-9546-cea75d0cd671/1/iEeqkbBtjGuHKE8_RaIdwoH3ulU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.6.0/23
Signature Algorithm: sha256WithRSAEncryption
54:3a:a5:e4:ea:9e:d0:96:98:2c:fb:03:7e:ef:8f:dc:88:67:
91:21:1a:b6:4c:f4:f9:db:00:cf:07:4e:ce:91:59:8c:21:e0:
63:cc:10:90:b6:cf:24:9d:e1:ac:cb:ff:85:2c:9c:cc:f1:59:
a6:18:a6:3f:59:b1:a8:00:c5:8d:97:8b:68:70:60:47:f1:08:
76:f6:e7:ad:41:05:be:9f:1e:71:1d:03:bd:8b:71:89:ef:2d:
7f:ee:bd:e9:49:59:ea:dd:92:4a:95:d2:70:c0:14:00:53:a9:
e8:f8:2c:a3:53:3d:fe:39:90:0c:11:18:5f:c5:54:43:20:41:
55:e5:e8:20:d5:55:a0:fe:18:f0:f5:29:81:28:07:4d:72:6d:
51:6f:9e:61:6c:46:01:95:6a:f2:96:aa:59:7e:a0:24:83:4c:
75:ad:10:df:67:58:ba:17:b3:1f:56:27:23:27:76:5e:69:db:
92:41:a7:78:8e:e7:a4:8c:97:68:f6:c6:fd:c9:d0:da:39:ec:
db:a4:ac:47:17:5a:5c:30:1e:b6:fa:77:fd:90:15:d3:5e:33:
dd:cb:ee:d3:a4:51:0c:a5:48:5c:92:60:2f:19:cc:12:70:b6:
0a:b8:82:68:cc:56:cb:c7:41:58:3d:de:14:94:4b:f2:b9:bc:
43:7f:01:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0HxwkiNs6ARzKqp2puVlIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NDdhYTkxYjA2ZDhjNmI4NzI4NGYzZjQ1YTIxZGMyODFm
N2JhNTUwHhcNMjQwMTE0MTE0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI4ZTM1ZTYzNDczZjcxMTE3MzIwMDIyYTU4NTZjZWQ1OWViZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkQBxk4k/N81EHxhHAEmhNfiYeIS
bRUzjtSiCasc9/+GSYvmcqsC3dnRiaet8ot7R93B3LzJEaEuX8RoYdH4ZQ/L6gQW
Q3uRh4Nqy3svntP9Lr3ZvW0YKlw4pFT0guWkHhNfHwxgPHC3oRt7u8cH66crN+Gd
H2ZrrV6Vj5EqWC/HdyOKd17e+B1UorE2jumHKZcGVoquUgktwVCKZAXzRZQ7JmrY
c05AUCY3q27SyUsKxQswqzWxrfRKXx7NJBDX31GO8qxf0xIStHfjkWbW0xG8AyCB
vBJVMtweNZS4RZGvGbZtvWytWwcQbKUzPwPMsOHIbgVpM+AM/Mq3ag6pjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgo415jRz9xEXMgAipYVs7Vnr47MB8GA1UdIwQY
MBaAFIhHqpGwbYxrhyhPP0WiHcKB97pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYt
Y2VhNzVkMGNkNjcxLzEvbUNqalhtTkhQM0VSY3lBQ0tsaFd6dFdldmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9mZGYyOTYtNzVlNS00NjM1LTk1NDYtY2VhNzVkMGNkNjcx
LzEvaUVlcWtiQnRqR3VIS0U4X1JhSWR3b0gzdWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVmsGMA0G
CSqGSIb3DQEBCwUAA4IBAQBUOqXk6p7Qlpgs+wN+74/ciGeRIRq2TPT52wDPB07O
kVmMIeBjzBCQts8kneGsy/+FLJzM8VmmGKY/WbGoAMWNl4tocGBH8Qh29uetQQW+
nx5xHQO9i3GJ7y1/7r3pSVnq3ZJKldJwwBQAU6no+CyjUz3+OZAMERhfxVRDIEFV
5egg1VWg/hjw9SmBKAdNcm1Rb55hbEYBlWrylqpZfqAkg0x1rRDfZ1i6F7MfVicj
J3ZeaduSQad4juekjJdo9sb9ydDaOezbpKxHF1pcMB62+nf9kBXTXjPdy+7TpFEM
pUhckmAvGcwScLYKuIJozFbLx0FYPd4UlEvyubxDfwFL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:34 2025 by rpki-client