Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/MXqzwogJIJnkCFJa75dyVgdgQgo.roa
File: MXqzwogJIJnkCFJa75dyVgdgQgo.roa (raw, json)
Hash identifier: GuoLIvpoMukjFOCnqGPzBxv4LNmCe5GLha/UoztPCgQ=
Subject key identifier: 31:7A:B3:C2:88:09:20:99:E4:08:52:5A:EF:97:72:56:07:60:42:0A
Certificate issuer: /CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Certificate serial: 01856DAF676D92307EE3B68780FD345BE349
Authority key identifier: AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/MXqzwogJIJnkCFJa75dyVgdgQgo.roa
Signing time: Sun 01 Jan 2023 14:14:49 +0000
ROA not before: Sun 01 Jan 2023 14:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207633
IP address blocks: 213.142.149.0/24 maxlen: 24
213.142.150.0/24 maxlen: 24
213.142.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:af:67:6d:92:30:7e:e3:b6:87:80:fd:34:5b:e3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab71e9b13f5c339a58692eeabe72eaa406bbbd7d
Validity
Not Before: Jan 1 14:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317ab3c288092099e408525aef9772560760420a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4c:77:8f:ed:ae:8f:32:07:d9:73:51:2b:2f:
f7:ac:5a:0d:5f:f5:0e:c6:89:af:93:b3:ff:84:60:
e9:d6:14:2d:5e:9d:78:2d:39:2d:f4:fa:75:86:bf:
b2:0c:87:85:81:94:a3:64:6b:e3:6f:0b:6f:f7:ee:
c7:32:ca:6b:7c:16:3d:ae:ac:76:ed:cb:4b:aa:5b:
86:6e:c7:29:db:87:f5:84:ac:66:9c:f0:e8:f1:59:
a3:cf:0b:d3:71:71:14:9e:aa:4a:c9:05:2b:d0:ed:
44:67:2e:0a:34:74:cc:73:71:0b:48:9b:09:61:c6:
e3:22:95:fe:12:6d:ec:72:d1:0a:e1:25:d0:9f:0e:
70:cf:df:eb:c5:87:ca:e8:f1:65:e0:16:40:86:78:
d7:4d:5b:47:8b:d0:05:3b:0f:a2:1a:8c:a3:7d:86:
89:83:db:bb:63:cc:0e:b3:f9:ed:9f:2d:aa:80:3e:
8f:3e:bb:9f:3c:0f:7e:c1:8f:16:1c:1e:8f:a5:08:
10:82:e1:95:69:dd:94:27:b4:78:d1:03:a7:33:ff:
cc:6b:b3:b4:f7:5e:6a:f6:12:6e:5b:85:b4:4e:f5:
75:c3:8b:de:6e:7a:73:23:a4:5a:b0:99:41:98:88:
07:3d:7a:5a:63:e2:bc:d8:5c:d0:1a:98:89:ab:51:
e3:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:7A:B3:C2:88:09:20:99:E4:08:52:5A:EF:97:72:56:07:60:42:0A
X509v3 Authority Key Identifier:
keyid:AB:71:E9:B1:3F:5C:33:9A:58:69:2E:EA:BE:72:EA:A4:06:BB:BD:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3HpsT9cM5pYaS7qvnLqpAa7vX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/MXqzwogJIJnkCFJa75dyVgdgQgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/6ba39c-ef1d-4d48-982b-cf4b900997a0/1/q3HpsT9cM5pYaS7qvnLqpAa7vX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.142.149.0-213.142.150.255
213.142.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:e2:1d:2e:45:ce:a9:9b:0e:07:37:ef:a6:86:9b:85:dd:e2:
1a:6c:97:c0:6e:aa:4d:84:d8:98:ae:e4:27:30:13:e7:dc:ab:
e6:92:1c:67:d5:b8:9b:ce:93:d0:05:47:67:84:1e:43:48:30:
6f:57:0e:1c:0f:1a:25:a6:4a:e1:6a:6f:f7:72:78:7e:49:5a:
44:fd:19:06:88:ae:94:07:82:28:09:9d:f8:6b:17:6e:cd:20:
d3:59:61:52:35:be:8e:ae:16:3c:6b:f8:bb:64:4c:3d:09:14:
2a:aa:dd:15:65:84:ee:f1:29:04:15:3f:b9:30:13:17:da:30:
18:4e:31:eb:ea:ba:a8:ac:e2:41:f8:d3:0e:70:03:5b:97:26:
d2:c0:b2:ca:78:21:ea:e8:0b:a6:6d:c2:70:e1:59:46:ac:15:
b8:51:93:39:4c:f4:28:e2:a3:fd:92:6b:7c:78:b2:4e:29:28:
28:78:83:93:22:16:7c:08:22:81:b6:64:63:62:28:f4:14:e9:
1a:90:56:a1:8b:72:0e:14:2f:64:6b:63:98:9d:53:3b:15:50:
82:fd:4a:12:30:16:cc:ba:45:08:56:c7:b5:57:5e:0b:93:4f:
c5:21:79:a4:f0:d6:0b:fe:b1:19:91:12:81:ee:29:e6:8e:75:
ff:46:6c:08
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVtr2dtkjB+47aHgP00W+NJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiNzFlOWIxM2Y1YzMzOWE1ODY5MmVlYWJlNzJlYWE0MDZi
YmJkN2QwHhcNMjMwMTAxMTQxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTdhYjNjMjg4MDkyMDk5ZTQwODUyNWFlZjk3NzI1NjA3NjA0MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0x3j+2ujzIH2XNRKy/3rFoNX/UO
xomvk7P/hGDp1hQtXp14LTkt9Pp1hr+yDIeFgZSjZGvjbwtv9+7HMsprfBY9rqx2
7ctLqluGbscp24f1hKxmnPDo8VmjzwvTcXEUnqpKyQUr0O1EZy4KNHTMc3ELSJsJ
YcbjIpX+Em3sctEK4SXQnw5wz9/rxYfK6PFl4BZAhnjXTVtHi9AFOw+iGoyjfYaJ
g9u7Y8wOs/ntny2qgD6PPrufPA9+wY8WHB6PpQgQguGVad2UJ7R40QOnM//Ma7O0
915q9hJuW4W0TvV1w4vebnpzI6RasJlBmIgHPXpaY+K82FzQGpiJq1HjqQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDF6s8KICSCZ5AhSWu+XclYHYEIKMB8GA1UdIwQY
MBaAFKtx6bE/XDOaWGku6r5y6qQGu719MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmIt
Y2Y0YjkwMDk5N2EwLzEvTVhxendvZ0pJSm5rQ0ZKYTc1ZHlWZ2RnUWdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82YmEzOWMtZWYxZC00ZDQ4LTk4MmItY2Y0YjkwMDk5N2Ew
LzEvcTNIcHNUOWNNNXBZYVM3cXZuTHFwQWE3dlgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADVjpUD
BADVjpYDBADVjpwwDQYJKoZIhvcNAQELBQADggEBAKPiHS5FzqmbDgc376aGm4Xd
4hpsl8Buqk2E2Jiu5CcwE+fcq+aSHGfVuJvOk9AFR2eEHkNIMG9XDhwPGiWmSuFq
b/dyeH5JWkT9GQaIrpQHgigJnfhrF27NINNZYVI1vo6uFjxr+LtkTD0JFCqq3RVl
hO7xKQQVP7kwExfaMBhOMevquqis4kH40w5wA1uXJtLAssp4IeroC6ZtwnDhWUas
FbhRkzlM9Cjio/2Sa3x4sk4pKCh4g5MiFnwIIoG2ZGNiKPQU6RqQVqGLcg4UL2Rr
Y5idUzsVUIL9ShIwFsy6RQhWx7VXXguTT8UheaTw1gv+sRmREoHuKeaOdf9GbAg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-ams.rpki-client.org