Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/mnNlEf8AAXMgKBXmKbwre1AdNF0.roa
File: mnNlEf8AAXMgKBXmKbwre1AdNF0.roa (raw, json)
Hash identifier: 6Bb/mNzYqqegZan9810gxnRAyIGcPJF/zGP6sIu/cq4=
Subject key identifier: 9A:73:65:11:FF:00:01:73:20:28:15:E6:29:BC:2B:7B:50:1D:34:5D
Certificate issuer: /CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Certificate serial: 018CC51FB31A9ACF9A7D6C2C0C1411593DE0
Authority key identifier: 97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/mnNlEf8AAXMgKBXmKbwre1AdNF0.roa
Signing time: Mon 01 Jan 2024 13:03:58 +0000
ROA not before: Mon 01 Jan 2024 13:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35197
IP address blocks: 185.100.203.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:1f:b3:1a:9a:cf:9a:7d:6c:2c:0c:14:11:59:3d:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=971a6cbb2df6e7faccc5853ba5400f1f470eab16
Validity
Not Before: Jan 1 13:03:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a736511ff000173202815e629bc2b7b501d345d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c4:ff:fa:23:f7:e6:ab:f9:5a:55:fb:62:12:
03:7c:3d:36:9b:fe:6e:24:f2:a7:33:21:66:29:a1:
cc:cc:6a:73:e4:da:51:9e:ac:7e:c6:16:58:06:ba:
5c:9a:76:08:f0:c0:22:9a:c5:8b:d5:4e:1a:e1:ed:
6f:89:6b:96:68:a4:9f:19:ef:0c:f0:98:48:65:ed:
4b:a0:88:4f:aa:06:2c:b3:16:d2:32:97:85:83:ea:
78:4b:c4:b8:eb:b4:7e:ff:69:20:b5:f2:99:7b:f3:
f6:6d:b2:47:31:d0:56:94:37:d0:84:e9:ae:70:9c:
4e:ef:47:54:6f:7d:00:ab:eb:84:b6:4f:88:d0:6a:
cc:b6:e8:fc:2f:69:6e:5f:16:28:e5:3a:bf:1d:bc:
66:9f:9a:d0:97:44:34:6f:a6:ab:5f:51:bb:e9:7a:
97:81:19:96:c9:e6:22:55:92:28:29:5f:ab:49:f3:
36:f9:7c:0f:8d:4f:eb:b3:04:7f:2a:8b:58:94:ba:
06:00:67:4c:71:bd:54:9d:46:29:31:b2:ab:f8:5b:
6a:f5:3d:a9:3d:ae:fe:13:ad:0e:19:27:00:b9:ca:
0f:3e:6b:dc:5c:fc:46:e7:d6:bc:b9:f1:d4:10:70:
e0:ca:d3:5a:e5:e2:ee:23:aa:6f:57:2a:c1:af:59:
a0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:73:65:11:FF:00:01:73:20:28:15:E6:29:BC:2B:7B:50:1D:34:5D
X509v3 Authority Key Identifier:
keyid:97:1A:6C:BB:2D:F6:E7:FA:CC:C5:85:3B:A5:40:0F:1F:47:0E:AB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lxpsuy325_rMxYU7pUAPH0cOqxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/mnNlEf8AAXMgKBXmKbwre1AdNF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/7d3f00-d48c-416f-919e-dc0389f9167d/1/lxpsuy325_rMxYU7pUAPH0cOqxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.203.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:2a:ed:b5:83:77:c6:31:0d:52:96:5d:60:08:6d:aa:66:a5:
6c:9e:a7:b2:06:da:a4:29:8b:47:9a:8d:89:71:7c:fa:11:7b:
c1:0b:0f:ad:bd:d8:38:8b:b1:3e:87:9b:44:b9:ff:4a:65:46:
b5:1a:e6:e2:9f:f5:8a:1a:ad:b5:db:3e:d5:1e:85:f8:04:a8:
3b:11:3c:96:57:68:24:3a:99:8d:c5:f6:ec:97:a5:a4:07:68:
5c:49:b3:6d:ca:7d:0e:6b:4a:2e:58:49:e1:97:22:53:ee:1f:
22:2e:b4:60:e2:b5:ea:0d:79:44:86:9b:47:18:c7:23:7e:9f:
2a:76:c5:9f:d7:3c:69:83:b6:78:b7:eb:65:17:bb:d2:7f:3a:
e6:10:19:80:a0:85:7b:6c:c0:75:d3:56:12:d6:e9:56:e0:fc:
0f:6a:92:44:b2:14:e3:53:d4:b3:b5:c6:32:c9:05:21:95:07:
7c:04:d8:aa:1a:c4:3b:b2:68:e9:35:e1:26:3f:0c:87:bc:17:
eb:33:bb:59:cb:66:70:9b:08:7f:75:43:cb:7b:f8:d0:7b:85:
16:05:1b:80:ac:0b:18:1a:17:ab:3c:a9:70:e0:32:20:76:43:
68:a4:e4:e2:ed:d8:e0:36:16:17:92:a9:e2:2f:75:77:d1:53:
3d:5f:b0:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFH7Mams+afWwsDBQRWT3gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MWE2Y2JiMmRmNmU3ZmFjY2M1ODUzYmE1NDAwZjFmNDcw
ZWFiMTYwHhcNMjQwMTAxMTMwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTczNjUxMWZmMDAwMTczMjAyODE1ZTYyOWJjMmI3YjUwMWQzNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMT/+iP35qv5WlX7YhIDfD02m/5u
JPKnMyFmKaHMzGpz5NpRnqx+xhZYBrpcmnYI8MAimsWL1U4a4e1viWuWaKSfGe8M
8JhIZe1LoIhPqgYssxbSMpeFg+p4S8S467R+/2kgtfKZe/P2bbJHMdBWlDfQhOmu
cJxO70dUb30Aq+uEtk+I0GrMtuj8L2luXxYo5Tq/Hbxmn5rQl0Q0b6arX1G76XqX
gRmWyeYiVZIoKV+rSfM2+XwPjU/rswR/KotYlLoGAGdMcb1UnUYpMbKr+Ftq9T2p
Pa7+E60OGScAucoPPmvcXPxG59a8ufHUEHDgytNa5eLuI6pvVyrBr1mgSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpzZRH/AAFzICgV5im8K3tQHTRdMB8GA1UdIwQY
MBaAFJcabLst9uf6zMWFO6VADx9HDqsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUt
ZGMwMzg5ZjkxNjdkLzEvbW5ObEVmOEFBWE1nS0JYbUtid3JlMUFkTkYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS83ZDNmMDAtZDQ4Yy00MTZmLTkxOWUtZGMwMzg5ZjkxNjdk
LzEvbHhwc3V5MzI1X3JNeFlVN3BVQVBIMGNPcXhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWTLMA0G
CSqGSIb3DQEBCwUAA4IBAQAPKu21g3fGMQ1Sll1gCG2qZqVsnqeyBtqkKYtHmo2J
cXz6EXvBCw+tvdg4i7E+h5tEuf9KZUa1Gubin/WKGq212z7VHoX4BKg7ETyWV2gk
OpmNxfbsl6WkB2hcSbNtyn0Oa0ouWEnhlyJT7h8iLrRg4rXqDXlEhptHGMcjfp8q
dsWf1zxpg7Z4t+tlF7vSfzrmEBmAoIV7bMB101YS1ulW4PwPapJEshTjU9SztcYy
yQUhlQd8BNiqGsQ7smjpNeEmPwyHvBfrM7tZy2Zwmwh/dUPLe/jQe4UWBRuArAsY
GherPKlw4DIgdkNopOTi7djgNhYXkqniL3V30VM9X7Cs
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:20:23 2024 by rpki-client on console-fra.rpki-client.org