Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/mbLG2J7_OZ2B0t3o1eHNQonWAEw.roa
File: mbLG2J7_OZ2B0t3o1eHNQonWAEw.roa (raw, json)
Hash identifier: 2ybG8pCokbVMPIlcwddzKUM/xH8zwqxt0QhBY3NmbUo=
Subject key identifier: 99:B2:C6:D8:9E:FF:39:9D:81:D2:DD:E8:D5:E1:CD:42:89:D6:00:4C
Certificate issuer: /CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Certificate serial: 01857169C056510D9B86D01CBAFAE9A0B5E8
Authority key identifier: 02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/mbLG2J7_OZ2B0t3o1eHNQonWAEw.roa
Signing time: Mon 02 Jan 2023 07:37:14 +0000
ROA not before: Mon 02 Jan 2023 07:37:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.111.200.0/24 maxlen: 24
109.224.233.0/24 maxlen: 24
195.74.60.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:69:c0:56:51:0d:9b:86:d0:1c:ba:fa:e9:a0:b5:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b980c10d7110f91fff9e0eceb639d9e75b35e2
Validity
Not Before: Jan 2 07:37:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99b2c6d89eff399d81d2dde8d5e1cd4289d6004c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:14:e4:8f:a6:25:06:44:b6:df:b6:20:2a:27:
d9:81:a7:0d:52:0e:b2:dc:97:b8:c5:00:1f:aa:0c:
39:8b:02:9c:18:d7:b1:82:48:62:c7:c8:7d:98:55:
df:6f:bf:9a:b6:fe:f9:0b:0d:48:63:25:8b:2b:ca:
05:f3:a5:4b:b1:4f:d8:ff:b2:1b:78:bd:76:23:27:
ce:bf:93:a7:b9:13:a7:37:db:1c:fd:8d:f6:00:31:
54:c3:df:73:39:3f:5a:f1:d7:82:00:12:c0:4d:dd:
45:62:aa:af:50:ad:ed:11:ef:0a:56:a3:93:9f:4f:
0e:ff:59:da:ed:42:d9:60:d8:d7:62:83:ee:f0:4d:
64:41:98:85:25:00:ba:77:91:2f:d6:80:1b:6a:ef:
c4:a0:da:c0:5c:d5:d3:21:60:43:44:d0:36:5a:15:
29:b7:3d:77:fd:56:23:6e:b1:ae:fb:8f:23:4a:0a:
ec:0d:4b:93:24:49:37:a1:90:8b:d7:0c:d9:33:89:
b7:7b:87:28:3c:68:c7:93:f9:d2:64:a4:f9:48:db:
98:d2:93:49:9e:48:5c:95:81:6e:9a:7b:71:52:19:
83:9b:2d:83:28:df:f0:10:6b:66:cb:19:00:ef:21:
85:7b:7a:68:7f:6a:86:68:a8:e2:20:90:a8:de:9b:
13:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:B2:C6:D8:9E:FF:39:9D:81:D2:DD:E8:D5:E1:CD:42:89:D6:00:4C
X509v3 Authority Key Identifier:
keyid:02:B9:80:C1:0D:71:10:F9:1F:FF:9E:0E:CE:B6:39:D9:E7:5B:35:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArmAwQ1xEPkf_54OzrY52edbNeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/mbLG2J7_OZ2B0t3o1eHNQonWAEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/a8947f-e52c-4de1-bade-70c0a506d797/1/ArmAwQ1xEPkf_54OzrY52edbNeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.224.233.0/24
193.111.200.0/24
195.74.60.0/24
Signature Algorithm: sha256WithRSAEncryption
98:cb:ce:06:2a:5e:fa:7c:6a:38:f2:e7:79:b7:e7:84:fc:ef:
99:5a:33:d1:fd:f0:4e:71:25:fd:c5:df:d7:d0:ba:aa:6e:02:
5e:08:0d:d0:f9:a8:7e:8f:33:e3:30:5c:31:be:e3:c7:50:12:
4e:62:86:61:c9:7d:e1:f4:f1:45:97:46:5f:10:f5:59:6c:e9:
5d:cc:17:a5:7b:78:6c:6c:7c:02:d7:64:d7:b5:6b:a8:4d:07:
df:55:b0:0c:64:94:96:90:98:36:7f:a8:38:0a:1f:13:b9:e9:
fa:12:79:74:f4:fc:4f:2f:90:38:bf:73:7a:56:0d:bf:0b:5f:
b1:b8:6a:af:e4:87:df:39:2c:92:f0:72:a9:af:9f:3f:5c:01:
39:87:af:36:1f:63:0d:ad:04:6d:25:1d:b0:9b:dd:d8:05:bb:
ae:d3:09:5b:00:58:f5:81:6c:d6:d3:d9:74:13:9b:bf:40:97:
23:59:98:6f:00:8d:52:e9:07:18:51:86:34:54:86:40:63:4e:
1a:65:7a:13:7c:d6:1e:79:20:1b:c0:f9:1d:b8:e9:19:54:bf:
71:81:1c:af:bc:92:d0:d1:7c:2a:7b:a8:39:a3:02:74:0c:b5:
58:c2:27:4d:a8:d7:32:5f:62:35:3a:cb:97:cb:c4:f4:1d:33:
fe:c6:47:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxacBWUQ2bhtAcuvrpoLXoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjk4MGMxMGQ3MTEwZjkxZmZmOWUwZWNlYjYzOWQ5ZTc1
YjM1ZTIwHhcNMjMwMTAyMDczNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWIyYzZkODllZmYzOTlkODFkMmRkZThkNWUxY2Q0Mjg5ZDYwMDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixTkj6YlBkS237YgKifZgacNUg6y
3Je4xQAfqgw5iwKcGNexgkhix8h9mFXfb7+atv75Cw1IYyWLK8oF86VLsU/Y/7Ib
eL12IyfOv5OnuROnN9sc/Y32ADFUw99zOT9a8deCABLATd1FYqqvUK3tEe8KVqOT
n08O/1na7ULZYNjXYoPu8E1kQZiFJQC6d5Ev1oAbau/EoNrAXNXTIWBDRNA2WhUp
tz13/VYjbrGu+48jSgrsDUuTJEk3oZCL1wzZM4m3e4coPGjHk/nSZKT5SNuY0pNJ
nkhclYFumntxUhmDmy2DKN/wEGtmyxkA7yGFe3pof2qGaKjiIJCo3psTJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJmyxtie/zmdgdLd6NXhzUKJ1gBMMB8GA1UdIwQY
MBaAFAK5gMENcRD5H/+eDs62OdnnWzXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUt
NzBjMGE1MDZkNzk3LzEvbWJMRzJKN19PWjJCMHQzbzFlSE5Rb25XQUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9hODk0N2YtZTUyYy00ZGUxLWJhZGUtNzBjMGE1MDZkNzk3
LzEvQXJtQXdRMXhFUGtmXzU0T3pyWTUyZWRiTmVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbeDpAwQA
wW/IAwQAw0o8MA0GCSqGSIb3DQEBCwUAA4IBAQCYy84GKl76fGo48ud5t+eE/O+Z
WjPR/fBOcSX9xd/X0LqqbgJeCA3Q+ah+jzPjMFwxvuPHUBJOYoZhyX3h9PFFl0Zf
EPVZbOldzBele3hsbHwC12TXtWuoTQffVbAMZJSWkJg2f6g4Ch8Tuen6Enl09PxP
L5A4v3N6Vg2/C1+xuGqv5IffOSyS8HKpr58/XAE5h682H2MNrQRtJR2wm93YBbuu
0wlbAFj1gWzW09l0E5u/QJcjWZhvAI1S6QcYUYY0VIZAY04aZXoTfNYeeSAbwPkd
uOkZVL9xgRyvvJLQ0Xwqe6g5owJ0DLVYwidNqNcyX2I1OsuXy8T0HTP+xkcw
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:30 2024 by rpki-client on console-ams.rpki-client.org