Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/mmTHrDU8FUV-Wmt0dmlrHlKJ-Q0.roa
File: mmTHrDU8FUV-Wmt0dmlrHlKJ-Q0.roa (raw, json)
Hash identifier: uB9FgkP6NZ341qoYgsv+y2G4++afRdRDVusU9tgv3ZY=
Subject key identifier: 9A:64:C7:AC:35:3C:15:45:7E:5A:6B:74:76:69:6B:1E:52:89:F9:0D
Certificate issuer: /CN=24295ce712473d0e3e6daa777db8906f8001df70
Certificate serial: 01856F0B7F9F4E24FFFCDE4326E227DE84CA
Authority key identifier: 24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/mmTHrDU8FUV-Wmt0dmlrHlKJ-Q0.roa
Signing time: Sun 01 Jan 2023 20:35:02 +0000
ROA not before: Sun 01 Jan 2023 20:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42422
IP address blocks: 176.102.64.0/24 maxlen: 24
176.102.64.0/22 maxlen: 24
176.102.66.0/24 maxlen: 24
176.102.65.0/24 maxlen: 24
176.102.67.0/24 maxlen: 24
2a07:dbc0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:7f:9f:4e:24:ff:fc:de:43:26:e2:27:de:84:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24295ce712473d0e3e6daa777db8906f8001df70
Validity
Not Before: Jan 1 20:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a64c7ac353c15457e5a6b7476696b1e5289f90d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:24:f9:a3:c2:2d:0a:09:e4:89:7a:5d:33:5d:
d0:3a:1b:c7:f1:7d:1c:b6:57:4f:56:67:df:49:25:
4d:36:d2:2f:9c:e0:9e:09:07:73:14:84:20:45:89:
24:9a:10:c2:ee:73:e8:be:cf:20:87:ab:e3:7d:a5:
9e:7a:4b:4d:c7:b9:cf:9e:68:e8:ba:a5:ab:65:33:
7c:88:d6:43:fe:e3:53:ac:02:eb:48:76:50:e5:62:
bc:4b:6c:b9:7c:56:c7:0d:fb:3a:18:b7:7b:3c:0e:
c7:9e:b0:da:c7:ed:ab:ca:34:e6:a2:22:fc:ad:3d:
8e:28:6e:32:50:39:b6:11:6b:db:78:23:a1:fd:82:
5e:31:d1:92:00:fe:62:fe:07:cd:c4:94:1d:8b:96:
36:17:ec:ca:9f:53:b7:84:c5:4f:f3:cf:04:6c:ed:
39:d9:df:5c:72:d3:3a:a3:e2:32:41:0d:94:57:a1:
23:ba:12:31:be:0b:26:e4:96:7e:98:f0:8a:8a:ac:
77:fa:a6:ba:5c:bd:44:5e:65:15:63:0e:b7:22:dc:
63:b5:ef:2d:2d:26:4c:b4:c9:93:4f:f7:63:ba:b4:
76:34:4b:c2:27:19:2f:4d:27:af:3f:53:45:4e:9e:
01:13:6a:c6:28:a0:53:f7:c5:ac:07:ab:1f:c4:c2:
ed:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:64:C7:AC:35:3C:15:45:7E:5A:6B:74:76:69:6B:1E:52:89:F9:0D
X509v3 Authority Key Identifier:
keyid:24:29:5C:E7:12:47:3D:0E:3E:6D:AA:77:7D:B8:90:6F:80:01:DF:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JClc5xJHPQ4-bap3fbiQb4AB33A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/mmTHrDU8FUV-Wmt0dmlrHlKJ-Q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/1a0c6a-1a5e-424b-9a69-995531862419/1/JClc5xJHPQ4-bap3fbiQb4AB33A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.64.0/22
IPv6:
2a07:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:a9:8e:ed:74:57:19:61:c1:cb:b7:f1:27:ac:57:da:d7:39:
2f:4f:a3:83:23:42:47:f4:7b:b2:a4:97:5a:33:5d:8e:e9:18:
27:f2:ff:e1:f4:1e:c9:3a:64:0b:2b:3d:42:0f:67:b9:63:4b:
33:09:85:89:9e:1c:c4:62:f1:e0:56:ea:3a:ab:ab:79:13:59:
2c:39:56:95:5e:25:99:3f:d3:47:c9:cd:4c:9b:df:e5:90:ee:
45:7b:07:4f:71:ab:70:1f:f7:c8:82:01:46:03:01:4a:ed:48:
f8:f1:74:8c:9e:d6:6e:f6:9a:8a:80:72:33:67:8f:12:8a:27:
43:02:53:c2:e2:c4:b6:b0:80:34:02:8f:74:39:80:6d:8c:fc:
9a:85:0f:e5:dc:47:c2:e1:29:4c:63:09:dd:8a:e6:c8:9a:da:
50:51:98:aa:41:4b:da:0b:91:b7:bc:13:f4:af:b5:b5:c4:7d:
0e:45:2c:c0:b0:5c:a7:f3:96:0a:c1:01:b1:9c:0d:60:45:3b:
9e:fa:0c:47:56:dd:9f:04:36:da:83:45:86:75:5a:82:76:4b:
65:3f:f7:2d:28:7d:d9:a2:63:44:4f:37:a3:91:45:fb:ac:6b:
f0:69:4c:3f:41:6c:ec:77:15:00:dc:60:3e:2d:2c:81:63:7b:
5f:40:bb:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvC3+fTiT//N5DJuIn3oTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Mjk1Y2U3MTI0NzNkMGUzZTZkYWE3NzdkYjg5MDZmODAw
MWRmNzAwHhcNMjMwMTAxMjAzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTY0YzdhYzM1M2MxNTQ1N2U1YTZiNzQ3NjY5NmIxZTUyODlmOTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiT5o8ItCgnkiXpdM13QOhvH8X0c
tldPVmffSSVNNtIvnOCeCQdzFIQgRYkkmhDC7nPovs8gh6vjfaWeektNx7nPnmjo
uqWrZTN8iNZD/uNTrALrSHZQ5WK8S2y5fFbHDfs6GLd7PA7HnrDax+2ryjTmoiL8
rT2OKG4yUDm2EWvbeCOh/YJeMdGSAP5i/gfNxJQdi5Y2F+zKn1O3hMVP888EbO05
2d9cctM6o+IyQQ2UV6EjuhIxvgsm5JZ+mPCKiqx3+qa6XL1EXmUVYw63Itxjte8t
LSZMtMmTT/djurR2NEvCJxkvTSevP1NFTp4BE2rGKKBT98WsB6sfxMLtXwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJpkx6w1PBVFflprdHZpax5SifkNMB8GA1UdIwQY
MBaAFCQpXOcSRz0OPm2qd324kG+AAd9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjkt
OTk1NTMxODYyNDE5LzEvbW1USHJEVThGVVYtV210MGRtbHJIbEtKLVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi8xYTBjNmEtMWE1ZS00MjRiLTlhNjktOTk1NTMxODYyNDE5
LzEvSkNsYzV4SkhQUTQtYmFwM2ZiaVFiNEFCMzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsGZAMA0E
AgACMAcDBQAqB9vAMA0GCSqGSIb3DQEBCwUAA4IBAQCnqY7tdFcZYcHLt/EnrFfa
1zkvT6ODI0JH9HuypJdaM12O6Rgn8v/h9B7JOmQLKz1CD2e5Y0szCYWJnhzEYvHg
Vuo6q6t5E1ksOVaVXiWZP9NHyc1Mm9/lkO5FewdPcatwH/fIggFGAwFK7Uj48XSM
ntZu9pqKgHIzZ48SiidDAlPC4sS2sIA0Ao90OYBtjPyahQ/l3EfC4SlMYwndiubI
mtpQUZiqQUvaC5G3vBP0r7W1xH0ORSzAsFyn85YKwQGxnA1gRTue+gxHVt2fBDba
g0WGdVqCdktlP/ctKH3ZomNETzejkUX7rGvwaUw/QWzsdxUA3GA+LSyBY3tfQLsG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:39 2024 by rpki-client on console-fra.rpki-client.org