Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/MfX1b42Cv_YIvFrSBB17gYN8ISM.roa
File: MfX1b42Cv_YIvFrSBB17gYN8ISM.roa (raw, json)
Hash identifier: kJnLN3Kjd83nAnBhPztLOJv+C4KtKX20137N+2vMz+Q=
Subject key identifier: 31:F5:F5:6F:8D:82:BF:F6:08:BC:5A:D2:04:1D:7B:81:83:7C:21:23
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01856EC239FE622AF816E711781C757A7551
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/MfX1b42Cv_YIvFrSBB17gYN8ISM.roa
Signing time: Sun 01 Jan 2023 19:15:00 +0000
ROA not before: Sun 01 Jan 2023 19:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213274
IP address blocks: 89.252.157.0/24 maxlen: 24
94.102.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Nov 2023 11:08:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:39:fe:62:2a:f8:16:e7:11:78:1c:75:7a:75:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 19:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f5f56f8d82bff608bc5ad2041d7b81837c2123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:56:8d:fe:cc:e8:a9:3a:49:63:b4:75:41:74:
23:81:e4:39:b7:f2:f5:ec:52:db:34:21:57:a0:a3:
fc:9a:62:a1:07:26:4a:c2:89:1a:f7:56:8b:2c:5c:
db:8e:66:e3:62:6f:c5:73:8f:fc:e9:c0:c4:4c:5c:
91:11:1c:c5:13:b7:7e:ff:5e:5c:23:f4:b9:9b:c7:
a7:a6:fe:71:73:62:f2:d1:fa:7b:16:4e:fd:66:da:
8c:ce:5a:8e:54:83:55:d5:a6:39:0a:f2:1d:ae:38:
2a:01:56:23:28:89:c3:87:ea:f3:a5:1e:25:4b:f0:
5a:20:1b:10:88:0c:49:da:bd:01:91:fc:f0:53:e1:
53:98:87:67:51:fe:e7:b2:52:83:97:cb:77:5b:c2:
19:2e:e9:c8:1a:a4:49:89:f0:31:4a:14:2b:8e:2e:
d0:d9:ed:4b:75:81:fe:64:55:67:8c:79:c2:6f:37:
c8:ba:48:43:c1:71:46:56:e2:31:84:d5:d8:56:1a:
1b:07:c2:78:de:e7:50:82:2c:c6:6a:73:69:bc:1c:
8d:fc:cf:9b:be:45:44:31:0f:00:5e:85:3b:19:7e:
d2:ce:66:9a:cd:7a:20:14:62:f4:21:ff:25:32:e0:
f0:c3:43:c4:f0:f3:fb:6a:64:39:8f:2c:f2:f8:60:
6c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F5:F5:6F:8D:82:BF:F6:08:BC:5A:D2:04:1D:7B:81:83:7C:21:23
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/MfX1b42Cv_YIvFrSBB17gYN8ISM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.157.0/24
94.102.12.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d8:86:2e:ef:78:55:e8:e3:71:55:37:a8:5c:c7:dc:fe:81:
59:8f:cd:47:53:b8:cf:41:17:e8:5a:5b:77:2b:ee:d0:13:d7:
d7:42:e4:0a:d1:ff:d4:4e:af:a6:14:1d:19:e1:da:23:60:27:
dd:c7:bf:bf:e5:df:fc:c8:10:b8:cc:dd:da:29:af:48:d6:04:
cb:57:89:9d:c6:bb:48:c6:2a:58:d6:50:cc:dc:c9:48:d1:41:
87:00:4b:4f:0a:d4:72:03:ab:f8:94:65:aa:70:b5:1d:6a:b4:
26:38:00:2d:c4:b4:06:59:06:06:b6:b8:b8:85:02:91:73:be:
66:01:cc:62:d3:fe:b0:f2:1b:1a:8e:08:7c:9a:d7:59:38:c4:
31:ff:ff:08:29:7a:02:84:c4:01:09:09:b9:81:ae:f6:21:8a:
4f:3a:87:a5:3b:68:96:81:e3:1b:18:a7:ea:48:ee:4b:c7:84:
58:d0:4e:bf:70:b3:73:a8:c1:c5:34:b5:7c:05:9f:d5:43:f0:
f7:26:9d:4b:47:23:02:7b:0f:70:d4:35:66:66:a1:c0:08:c8:
f7:b6:b8:15:c4:3f:55:33:7c:22:a4:ba:0f:db:6c:96:f8:60:
3e:7a:3e:f9:5a:42:c5:0f:7f:56:8f:5b:4e:69:f5:fa:a5:62:
47:01:5c:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuwjn+Yir4FucReBx1enVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjMwMTAxMTkxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY1ZjU2ZjhkODJiZmY2MDhiYzVhZDIwNDFkN2I4MTgzN2MyMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklaN/szoqTpJY7R1QXQjgeQ5t/L1
7FLbNCFXoKP8mmKhByZKwoka91aLLFzbjmbjYm/Fc4/86cDETFyRERzFE7d+/15c
I/S5m8enpv5xc2Ly0fp7Fk79ZtqMzlqOVINV1aY5CvIdrjgqAVYjKInDh+rzpR4l
S/BaIBsQiAxJ2r0BkfzwU+FTmIdnUf7nslKDl8t3W8IZLunIGqRJifAxShQrji7Q
2e1LdYH+ZFVnjHnCbzfIukhDwXFGVuIxhNXYVhobB8J43udQgizGanNpvByN/M+b
vkVEMQ8AXoU7GX7SzmaazXogFGL0If8lMuDww0PE8PP7amQ5jyzy+GBsFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDH19W+Ngr/2CLxa0gQde4GDfCEjMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvTWZYMWI0MkN2X1lJdkZyU0JCMTdnWU44SVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfydAwQA
XmYMMA0GCSqGSIb3DQEBCwUAA4IBAQA42IYu73hV6ONxVTeoXMfc/oFZj81HU7jP
QRfoWlt3K+7QE9fXQuQK0f/UTq+mFB0Z4dojYCfdx7+/5d/8yBC4zN3aKa9I1gTL
V4mdxrtIxipY1lDM3MlI0UGHAEtPCtRyA6v4lGWqcLUdarQmOAAtxLQGWQYGtri4
hQKRc75mAcxi0/6w8hsajgh8mtdZOMQx//8IKXoChMQBCQm5ga72IYpPOoelO2iW
geMbGKfqSO5Lx4RY0E6/cLNzqMHFNLV8BZ/VQ/D3Jp1LRyMCew9w1DVmZqHACMj3
trgVxD9VM3wipLoP22yW+GA+ej75WkLFD39Wj1tOafX6pWJHAVyC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org