Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Mx9jNs4ECyB4UTNjEkoCh6P5eUw.roa
File: Mx9jNs4ECyB4UTNjEkoCh6P5eUw.roa (raw, json)
Hash identifier: YC6+AiUo3wddZfP5LEHAkg/AzmkJa6aLv1Bgn7uJ+/g=
Subject key identifier: 33:1F:63:36:CE:04:0B:20:78:51:33:63:12:4A:02:87:A3:F9:79:4C
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018CB0D242C7A93324E902A08CFC25AF585F
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Mx9jNs4ECyB4UTNjEkoCh6P5eUw.roa
Signing time: Thu 28 Dec 2023 14:26:58 +0000
ROA not before: Thu 28 Dec 2023 14:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24620
IP address blocks: 78.154.128.0/20 maxlen: 24
213.175.84.0/23 maxlen: 24
213.175.88.0/21 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b0:d2:42:c7:a9:33:24:e9:02:a0:8c:fc:25:af:58:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Dec 28 14:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=331f6336ce040b2078513363124a0287a3f9794c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fa:d8:00:da:8c:eb:5b:7f:e7:e4:1c:da:8f:
95:ca:ad:ef:9d:bd:13:52:4d:8d:cd:08:81:0e:13:
c3:5a:b8:07:27:ab:e3:38:0b:5e:94:b0:3f:22:e3:
22:a4:b6:dc:12:84:c3:72:71:3d:1a:e9:cb:a9:fa:
8a:b6:7f:8b:64:a5:2b:d1:21:64:3c:76:3d:b7:de:
10:ca:29:06:d6:49:43:2f:56:a3:30:df:d3:d9:4a:
1e:48:d3:1a:67:ff:e5:96:ac:77:9f:6a:6c:50:ac:
33:be:66:c4:8e:90:ae:45:af:64:47:3b:50:86:60:
18:97:0f:68:99:63:6c:99:0e:3b:0b:0a:b9:1a:28:
c5:8f:b5:28:42:0b:b1:9a:b5:41:8d:30:76:75:e7:
4f:62:d3:a6:31:cd:9f:80:df:1b:76:2f:ae:60:a3:
6a:1b:c5:a2:84:7d:80:37:4d:4f:b4:0e:42:8b:e4:
a9:fe:02:d7:40:a2:e6:58:7e:35:61:12:fd:de:49:
40:ba:cd:c7:d7:15:81:36:a1:4c:3a:ef:4f:e1:ec:
4a:4f:cd:9a:29:c1:99:7d:47:6c:7e:94:e7:40:19:
56:9f:58:0d:b4:41:93:42:fc:d2:60:3b:d2:bd:ea:
51:df:d4:91:d6:ff:1f:09:79:0a:e8:66:d2:03:3d:
ee:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1F:63:36:CE:04:0B:20:78:51:33:63:12:4A:02:87:A3:F9:79:4C
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/Mx9jNs4ECyB4UTNjEkoCh6P5eUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.154.128.0/20
213.175.84.0/23
213.175.88.0/21
Signature Algorithm: sha256WithRSAEncryption
ab:5b:ed:fd:44:34:2b:4a:74:9b:ea:3b:5c:74:44:5a:58:74:
fd:48:77:b6:09:31:e0:78:ee:6c:f7:14:bf:07:44:17:70:f6:
41:2e:b6:8c:14:60:93:ac:95:77:3e:15:0f:45:1e:6c:cc:d9:
09:a8:d9:70:7c:49:e3:be:89:93:75:c6:df:e4:f6:78:14:a9:
9d:93:82:a5:fc:63:79:5c:4b:57:0d:3e:24:90:f3:74:3d:43:
4f:2b:97:81:f1:d5:f6:e2:56:8a:78:e6:85:1b:af:e9:e2:4d:
75:c6:83:29:21:c5:24:19:05:c9:c4:68:7a:17:36:5a:0b:25:
98:05:d5:b3:f3:8b:8d:92:41:03:b6:ed:64:99:81:a6:c5:45:
ca:e7:32:b3:d5:98:da:b0:5c:e7:97:56:76:0c:b0:62:80:a4:
d4:7d:a2:c2:41:20:6f:2c:a1:02:b8:dc:2f:1a:32:ef:c2:72:
1e:01:6a:6c:9b:27:e7:e4:63:6e:13:98:ea:c0:d9:3c:be:d7:
b8:87:5f:55:95:c0:31:71:c8:71:3b:78:b6:ae:df:5a:26:1b:
a0:c8:38:c9:3c:d3:6d:c1:85:02:34:d7:aa:e8:1d:a3:36:51:
8a:cf:a0:3a:c0:10:33:60:02:af:3c:b5:ff:91:3e:32:4a:f1:
b9:a8:21:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyw0kLHqTMk6QKgjPwlr1hfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjMxMjI4MTQyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFmNjMzNmNlMDQwYjIwNzg1MTMzNjMxMjRhMDI4N2EzZjk3OTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/rYANqM61t/5+Qc2o+Vyq3vnb0T
Uk2NzQiBDhPDWrgHJ6vjOAtelLA/IuMipLbcEoTDcnE9GunLqfqKtn+LZKUr0SFk
PHY9t94QyikG1klDL1ajMN/T2UoeSNMaZ//llqx3n2psUKwzvmbEjpCuRa9kRztQ
hmAYlw9omWNsmQ47Cwq5GijFj7UoQguxmrVBjTB2dedPYtOmMc2fgN8bdi+uYKNq
G8WihH2AN01PtA5Ci+Sp/gLXQKLmWH41YRL93klAus3H1xWBNqFMOu9P4exKT82a
KcGZfUdsfpTnQBlWn1gNtEGTQvzSYDvSvepR39SR1v8fCXkK6GbSAz3u3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDMfYzbOBAsgeFEzYxJKAoej+XlMMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvTXg5ak5zNEVDeUI0VVROakVrb0NoNlA1ZVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQETpqAAwQB
1a9UAwQD1a9YMA0GCSqGSIb3DQEBCwUAA4IBAQCrW+39RDQrSnSb6jtcdERaWHT9
SHe2CTHgeO5s9xS/B0QXcPZBLraMFGCTrJV3PhUPRR5szNkJqNlwfEnjvomTdcbf
5PZ4FKmdk4Kl/GN5XEtXDT4kkPN0PUNPK5eB8dX24laKeOaFG6/p4k11xoMpIcUk
GQXJxGh6FzZaCyWYBdWz84uNkkEDtu1kmYGmxUXK5zKz1ZjasFznl1Z2DLBigKTU
faLCQSBvLKECuNwvGjLvwnIeAWpsmyfn5GNuE5jqwNk8vte4h19VlcAxcchxO3i2
rt9aJhugyDjJPNNtwYUCNNeq6B2jNlGKz6A6wBAzYAKvPLX/kT4ySvG5qCFV
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:12 2024 by rpki-client on console-ams.rpki-client.org