Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Mt0UHxoXR85D_Gtk8901M6DKfHo.roa
File: Mt0UHxoXR85D_Gtk8901M6DKfHo.roa (raw, json)
Hash identifier: Am2Xx3OhskZiZBrvChR3Vue660rynYrJ6KbiPcNdiec=
Subject key identifier: 32:DD:14:1F:1A:17:47:CE:43:FC:6B:64:F3:DD:35:33:A0:CA:7C:7A
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 018E42ECF6D8E51E7CD25A21371FF69C08CD
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Mt0UHxoXR85D_Gtk8901M6DKfHo.roa
Signing time: Fri 15 Mar 2024 16:23:29 +0000
ROA not before: Fri 15 Mar 2024 16:23:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/24 maxlen: 24
123.253.213.0/24 maxlen: 24
141.98.137.0/24 maxlen: 24
141.98.139.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 05:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:ec:f6:d8:e5:1e:7c:d2:5a:21:37:1f:f6:9c:08:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Mar 15 16:23:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32dd141f1a1747ce43fc6b64f3dd3533a0ca7c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:eb:fc:e0:e3:46:61:73:93:0a:0b:45:bf:f8:
5c:af:b6:09:3d:19:8a:ab:9f:a4:bd:01:51:d9:b0:
de:19:6e:bb:db:1b:05:05:f9:40:bf:54:26:1b:38:
24:a9:2c:8c:eb:17:68:45:2f:6a:ee:62:04:1d:d6:
1a:cd:0c:69:17:50:a0:7f:84:c8:8c:b4:f1:2f:13:
13:26:8e:1d:c0:88:aa:1f:9c:95:b4:a4:55:be:66:
d6:b1:be:c1:11:fe:7d:d8:02:bf:10:98:ed:14:f6:
ae:d7:40:a8:27:5d:f7:50:12:66:08:a3:7c:a5:3b:
56:38:fe:e2:d7:63:67:b9:c7:e7:71:bd:4a:d8:73:
51:2b:51:dc:4f:51:7b:e4:4a:13:a3:47:55:2e:d7:
af:5b:d5:56:07:6f:a4:24:2d:e5:7c:34:fc:47:f3:
d5:44:46:08:3f:d7:4a:74:12:e8:45:4d:41:6c:95:
b1:93:73:71:93:12:7b:63:93:6b:3b:b5:81:85:62:
18:c5:61:bd:3c:37:2c:22:a6:9f:ae:d9:3d:ba:bd:
cc:41:7e:92:fc:f0:bd:3c:8c:d2:de:32:4c:92:27:
1d:a1:27:20:a4:5a:c7:1d:ec:40:72:29:e3:af:17:
cc:c4:4f:93:80:d4:9b:48:d6:14:ca:ab:65:a1:38:
86:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DD:14:1F:1A:17:47:CE:43:FC:6B:64:F3:DD:35:33:A0:CA:7C:7A
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/Mt0UHxoXR85D_Gtk8901M6DKfHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.253.212.0/23
141.98.137.0/24
141.98.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:99:67:13:e0:f1:f2:90:dd:f2:4f:bc:87:74:ce:94:f3:c5:
0e:b7:a0:ef:c6:3d:40:43:de:5b:85:14:63:b8:7b:9d:93:b4:
ac:a4:33:fd:f7:68:03:7d:bf:bd:e5:f2:23:b1:60:c6:84:db:
6c:3e:8e:58:e6:e7:85:3c:2e:5a:df:0a:3b:84:02:82:4b:5b:
f0:c1:9a:61:9c:c0:ff:08:e7:92:eb:94:6e:ca:40:e9:c4:26:
ad:aa:67:3b:d2:12:8f:d7:db:db:5f:52:ce:a4:ed:f9:19:0c:
3f:4f:b9:24:45:a3:2e:39:ab:0b:c1:ce:65:41:3b:0a:ca:81:
38:3c:e5:ec:e6:28:6c:b1:eb:d1:df:d9:9a:09:bb:a3:cc:8e:
9f:23:bb:2b:43:43:c2:98:c9:16:c0:09:6d:25:90:ac:47:88:
a7:3b:3d:be:72:f6:f1:7f:14:75:8d:56:52:9b:24:9c:fc:f1:
26:0e:68:7c:95:22:f2:4c:27:44:81:7a:c8:b9:27:96:ac:89:
7f:8a:e0:10:73:b3:a2:58:c2:56:9a:a4:a3:40:11:d7:8d:7f:
1f:2d:6a:92:e4:2e:d1:82:e1:20:9a:85:e2:f2:b5:5d:70:71:
b5:d5:eb:57:a6:1b:0a:8d:3a:e7:05:7e:04:a4:63:5f:f6:a3:
2a:36:34:8a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5C7PbY5R580lohNx/2nAjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjQwMzE1MTYyMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRkMTQxZjFhMTc0N2NlNDNmYzZiNjRmM2RkMzUzM2EwY2E3YzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruv84ONGYXOTCgtFv/hcr7YJPRmK
q5+kvQFR2bDeGW672xsFBflAv1QmGzgkqSyM6xdoRS9q7mIEHdYazQxpF1Cgf4TI
jLTxLxMTJo4dwIiqH5yVtKRVvmbWsb7BEf592AK/EJjtFPau10CoJ133UBJmCKN8
pTtWOP7i12Nnucfncb1K2HNRK1HcT1F75EoTo0dVLtevW9VWB2+kJC3lfDT8R/PV
REYIP9dKdBLoRU1BbJWxk3NxkxJ7Y5NrO7WBhWIYxWG9PDcsIqafrtk9ur3MQX6S
/PC9PIzS3jJMkicdoScgpFrHHexAcinjrxfMxE+TgNSbSNYUyqtloTiGnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDLdFB8aF0fOQ/xrZPPdNTOgynx6MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvTXQwVUh4b1hSODVEX0d0azg5MDFNNkRLZkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBe/3UAwQA
jWKJAwQAjWKLMA0GCSqGSIb3DQEBCwUAA4IBAQBbmWcT4PHykN3yT7yHdM6U88UO
t6Dvxj1AQ95bhRRjuHudk7SspDP992gDfb+95fIjsWDGhNtsPo5Y5ueFPC5a3wo7
hAKCS1vwwZphnMD/COeS65RuykDpxCatqmc70hKP19vbX1LOpO35GQw/T7kkRaMu
OasLwc5lQTsKyoE4POXs5ihssevR39maCbujzI6fI7srQ0PCmMkWwAltJZCsR4in
Oz2+cvbxfxR1jVZSmySc/PEmDmh8lSLyTCdEgXrIuSeWrIl/iuAQc7OiWMJWmqSj
QBHXjX8fLWqS5C7RguEgmoXi8rVdcHG11etXphsKjTrnBX4EpGNf9qMqNjSK
-----END CERTIFICATE-----
Generated at Fri Mar 22 08:33:55 2024 by rpki-client on console-ams.rpki-client.org