Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/mBRxv77Dj7vUM9OLH0D55vBqBGA.roa
File: mBRxv77Dj7vUM9OLH0D55vBqBGA.roa (raw, json)
Hash identifier: 7ScZTd+JGlHSv521jcE3PI5gec/s/ZI7TqzE6HaYk8Q=
Subject key identifier: 98:14:71:BF:BE:C3:8F:BB:D4:33:D3:8B:1F:40:F9:E6:F0:6A:04:60
Certificate issuer: /CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Certificate serial: 01856F8B7EEE1DD9C951D4C7CE189F51D46D
Authority key identifier: 23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/mBRxv77Dj7vUM9OLH0D55vBqBGA.roa
Signing time: Sun 01 Jan 2023 22:54:51 +0000
ROA not before: Sun 01 Jan 2023 22:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24845
IP address blocks: 194.246.144.0/21 maxlen: 21
194.246.152.0/22 maxlen: 22
194.246.160.0/19 maxlen: 19
194.113.40.0/23 maxlen: 23
194.246.192.0/18 maxlen: 18
194.246.128.0/20 maxlen: 20
2a00:1830::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:7e:ee:1d:d9:c9:51:d4:c7:ce:18:9f:51:d4:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Validity
Not Before: Jan 1 22:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=981471bfbec38fbbd433d38b1f40f9e6f06a0460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:84:36:48:fb:d2:33:3f:ea:85:d6:ff:a3:67:
85:0e:f1:03:ec:0e:65:30:37:4b:78:29:9f:f2:dc:
45:b9:c5:e9:92:04:1f:62:5c:7c:96:dd:6a:0e:af:
07:ec:dd:8f:9b:30:f1:bd:d0:aa:60:48:10:a3:1e:
bf:00:4e:bd:87:c5:73:e1:53:f1:e7:96:cb:b1:d4:
41:59:f5:c9:c7:d7:c7:00:d1:ea:63:a4:be:63:67:
cb:6c:fe:cc:ad:ca:3d:3d:02:cc:84:ca:08:ac:7d:
9d:60:59:73:cb:01:41:7f:19:58:a8:c1:85:03:85:
82:de:16:83:3f:c2:b5:a2:b9:ae:ee:aa:d2:07:11:
e1:2e:d4:c1:0b:e7:07:e2:85:17:3e:77:91:8a:26:
a5:3a:68:f0:d6:f7:b1:a7:84:94:d6:01:3d:6e:c0:
f7:82:48:72:15:5d:c0:28:d6:c3:c9:13:ea:40:ab:
3a:15:a4:84:7b:bc:ba:87:40:0f:dc:34:52:0a:d0:
00:02:ff:df:da:d6:57:5c:85:04:b6:bc:c2:5a:db:
6a:ce:31:d7:f6:ed:38:6d:5c:69:1e:32:46:f0:0b:
c0:5c:d4:c1:5c:f7:0a:db:68:fc:12:97:84:db:15:
08:5d:d8:59:6e:c3:8f:15:82:59:20:c8:ba:ab:85:
ac:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:14:71:BF:BE:C3:8F:BB:D4:33:D3:8B:1F:40:F9:E6:F0:6A:04:60
X509v3 Authority Key Identifier:
keyid:23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/mBRxv77Dj7vUM9OLH0D55vBqBGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.40.0/23
194.246.128.0-194.246.155.255
194.246.160.0-194.246.255.255
IPv6:
2a00:1830::/32
Signature Algorithm: sha256WithRSAEncryption
5b:22:5f:b9:ca:82:b2:a4:2e:8c:59:c2:03:b3:86:44:a5:e3:
c4:32:12:84:e3:e9:42:28:1a:41:30:13:f4:9c:d9:19:59:5c:
96:bf:82:54:51:90:a5:fd:06:21:63:ba:b5:7d:ca:8d:f2:35:
13:bc:d6:00:73:90:82:b9:4f:d7:54:18:0f:19:86:42:6e:2e:
8f:7f:7b:da:d1:f1:ea:32:64:58:2b:03:9e:ae:24:d6:90:5b:
e9:d4:12:ea:61:f6:5c:26:9f:14:2e:4a:28:6f:73:a2:51:54:
b1:e3:a2:bc:f5:7d:4b:12:1b:fd:f4:e2:5d:f2:52:1f:73:42:
4b:52:99:ae:0f:db:b3:fc:2c:90:10:cf:19:41:66:4e:30:2e:
04:c7:7c:4d:9e:34:95:62:85:3f:13:8f:8d:15:b8:b1:7d:2c:
b0:ff:29:34:9b:69:28:77:b5:db:7b:05:f0:4f:ba:ea:fb:4e:
69:91:5e:88:b4:27:d2:e1:2c:96:64:0b:56:6c:60:6e:03:9d:
67:ff:af:1a:d1:10:df:0b:69:e9:2c:cf:8e:fd:82:19:d3:44:
f6:20:ba:de:2e:7e:a3:14:e4:03:7e:57:c9:38:22:af:f8:15:
26:d6:1b:85:97:4a:0a:56:e5:15:39:fa:d5:e2:22:24:72:f4:
1a:41:41:41
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVvi37uHdnJUdTHzhifUdRtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMTIwYzZhNmM4Y2YxNzI2ZTdkNDhlMzE0YTE2Y2NkMDVl
Zjg2MDcwHhcNMjMwMTAxMjI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODE0NzFiZmJlYzM4ZmJiZDQzM2QzOGIxZjQwZjllNmYwNmEwNDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYQ2SPvSMz/qhdb/o2eFDvED7A5l
MDdLeCmf8txFucXpkgQfYlx8lt1qDq8H7N2PmzDxvdCqYEgQox6/AE69h8Vz4VPx
55bLsdRBWfXJx9fHANHqY6S+Y2fLbP7Mrco9PQLMhMoIrH2dYFlzywFBfxlYqMGF
A4WC3haDP8K1ormu7qrSBxHhLtTBC+cH4oUXPneRiialOmjw1vexp4SU1gE9bsD3
gkhyFV3AKNbDyRPqQKs6FaSEe7y6h0AP3DRSCtAAAv/f2tZXXIUEtrzCWttqzjHX
9u04bVxpHjJG8AvAXNTBXPcK22j8EpeE2xUIXdhZbsOPFYJZIMi6q4WsXQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJgUcb++w4+71DPTix9A+ebwagRgMB8GA1UdIwQY
MBaAFCMSDGpsjPFybn1I4xShbM0F74YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQt
ZTRiNzAyZjE2MTE2LzEvbUJSeHY3N0RqN3ZVTTlPTEgwRDU1dkJxQkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQtZTRiNzAyZjE2MTE2
LzEvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhAwQBwnEoMAwD
BAfC9oADBALC9pgwCwMEBcL2oAMDAML2MA0EAgACMAcDBQAqABgwMA0GCSqGSIb3
DQEBCwUAA4IBAQBbIl+5yoKypC6MWcIDs4ZEpePEMhKE4+lCKBpBMBP0nNkZWVyW
v4JUUZCl/QYhY7q1fcqN8jUTvNYAc5CCuU/XVBgPGYZCbi6Pf3va0fHqMmRYKwOe
riTWkFvp1BLqYfZcJp8ULkoob3OiUVSx46K89X1LEhv99OJd8lIfc0JLUpmuD9uz
/CyQEM8ZQWZOMC4Ex3xNnjSVYoU/E4+NFbixfSyw/yk0m2kod7XbewXwT7rq+05p
kV6ItCfS4SyWZAtWbGBuA51n/68a0RDfC2npLM+O/YIZ00T2ILreLn6jFOQDflfJ
OCKv+BUm1huFl0oKVuUVOfrV4iIkcvQaQUFB
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:18 2024 by rpki-client on console-ams.rpki-client.org