Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/m_1mtFaskc3WVvMgxpmjQhrZwr4.roa
File: m_1mtFaskc3WVvMgxpmjQhrZwr4.roa (raw, json)
Hash identifier: MCUdmj8XjPXUbDmXboA6yaB1xaJ0+BJ+ICGWehY/vds=
Subject key identifier: 9B:FD:66:B4:56:AC:91:CD:D6:56:F3:20:C6:99:A3:42:1A:D9:C2:BE
Certificate issuer: /CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Certificate serial: 01857127964664A20D2927030856676F04FC
Authority key identifier: 92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/m_1mtFaskc3WVvMgxpmjQhrZwr4.roa
Signing time: Mon 02 Jan 2023 06:24:57 +0000
ROA not before: Mon 02 Jan 2023 06:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34315
IP address blocks: 85.93.96.0/19 maxlen: 19
151.237.224.0/21 maxlen: 21
46.227.8.0/21 maxlen: 21
2a00:c40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:27:96:46:64:a2:0d:29:27:03:08:56:67:6f:04:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=929352a8d2dd70c91ffcec8e323fe69f1e9a4139
Validity
Not Before: Jan 2 06:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bfd66b456ac91cdd656f320c699a3421ad9c2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:9a:5c:55:85:76:42:02:60:0e:eb:45:46:72:
12:52:04:91:e7:9e:e0:91:77:38:96:e3:d3:b6:d0:
2f:7e:8c:b9:36:8f:3f:1f:37:01:0d:fb:a5:e7:3b:
b8:26:29:fa:e2:78:0d:48:26:2b:bd:e2:d7:1a:7b:
26:5c:38:f9:47:13:98:b1:b4:46:f6:0b:d8:7d:32:
00:5e:74:07:aa:29:89:b5:ee:18:6e:de:a2:d0:3a:
55:6e:d6:5f:79:2a:02:42:f7:13:86:be:88:34:96:
e0:e4:c1:ac:d3:b3:3d:59:ee:4a:4b:d2:d6:f3:72:
5a:19:0f:eb:ed:4d:e1:17:88:1f:e1:13:6c:2d:93:
b9:a0:20:2e:1b:59:1f:f5:91:38:d6:82:9d:6b:25:
33:c2:13:04:b0:9a:62:bb:b2:13:71:4e:9c:4e:a0:
0a:49:cb:3d:e8:85:55:90:8f:68:c4:97:80:c7:07:
82:35:d1:53:8d:cd:a8:23:3a:09:4e:d1:be:fd:50:
cd:4f:7f:07:e9:48:db:41:c3:e2:f8:ca:c2:a5:40:
e7:ee:63:47:e9:2d:60:9c:5c:55:34:ef:ef:49:4c:
af:c5:06:45:d8:33:58:4e:1d:8e:b1:7a:55:a3:b7:
f5:a1:48:6b:dd:1f:28:04:59:4f:5f:75:ae:51:7d:
2f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:FD:66:B4:56:AC:91:CD:D6:56:F3:20:C6:99:A3:42:1A:D9:C2:BE
X509v3 Authority Key Identifier:
keyid:92:93:52:A8:D2:DD:70:C9:1F:FC:EC:8E:32:3F:E6:9F:1E:9A:41:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpNSqNLdcMkf_OyOMj_mnx6aQTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/m_1mtFaskc3WVvMgxpmjQhrZwr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/7b6edc-ad23-4d73-ab56-0a1a35897f10/1/kpNSqNLdcMkf_OyOMj_mnx6aQTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.227.8.0/21
85.93.96.0/19
151.237.224.0/21
IPv6:
2a00:c40::/32
Signature Algorithm: sha256WithRSAEncryption
a4:c3:b5:47:9a:95:ec:19:c6:91:2a:30:6b:41:31:3e:45:64:
3b:85:cf:12:53:ec:2b:1e:9e:30:59:9f:cc:25:3b:13:f1:c3:
24:dd:3b:72:64:11:c8:87:af:52:44:3f:3a:a6:1c:e9:14:28:
94:2b:2e:10:1c:aa:70:f7:03:8d:a5:dc:f5:3b:af:a4:38:f0:
63:ef:d9:96:bf:0a:33:87:91:1d:28:1b:2b:fd:09:dc:0c:29:
8d:45:95:93:fb:b5:a4:f5:23:c7:c7:83:a7:6e:30:06:6a:94:
b6:48:ad:42:d8:36:82:47:5b:a3:4d:a3:aa:d1:33:a8:6a:13:
03:1d:88:09:66:9a:38:28:35:88:2c:42:40:5d:4e:16:95:48:
4b:cb:22:a2:c8:6d:93:5d:dd:41:1e:46:e2:2a:75:3c:d4:21:
ed:1a:d3:91:03:26:eb:c6:2c:1b:f8:05:f8:b9:4b:c8:fb:df:
f4:b6:9a:2d:2e:b5:16:44:f2:ac:35:25:57:a3:b4:10:a9:b0:
fb:79:e8:71:9e:3e:06:90:ee:75:2a:d5:92:5b:b0:c7:34:df:
3c:6f:79:eb:af:cf:3f:57:05:e2:bf:c2:ab:8b:58:b7:f6:28:
09:f1:54:b8:2c:76:f2:66:f5:c3:40:60:4f:53:33:b8:41:eb:
1f:66:e4:11
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVxJ5ZGZKINKScDCFZnbwT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTM1MmE4ZDJkZDcwYzkxZmZjZWM4ZTMyM2ZlNjlmMWU5
YTQxMzkwHhcNMjMwMTAyMDYyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmZkNjZiNDU2YWM5MWNkZDY1NmYzMjBjNjk5YTM0MjFhZDljMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ppcVYV2QgJgDutFRnISUgSR557g
kXc4luPTttAvfoy5No8/HzcBDful5zu4Jin64ngNSCYrveLXGnsmXDj5RxOYsbRG
9gvYfTIAXnQHqimJte4Ybt6i0DpVbtZfeSoCQvcThr6INJbg5MGs07M9We5KS9LW
83JaGQ/r7U3hF4gf4RNsLZO5oCAuG1kf9ZE41oKdayUzwhMEsJpiu7ITcU6cTqAK
Scs96IVVkI9oxJeAxweCNdFTjc2oIzoJTtG+/VDNT38H6UjbQcPi+MrCpUDn7mNH
6S1gnFxVNO/vSUyvxQZF2DNYTh2OsXpVo7f1oUhr3R8oBFlPX3WuUX0vWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJv9ZrRWrJHN1lbzIMaZo0Ia2cK+MB8GA1UdIwQY
MBaAFJKTUqjS3XDJH/zsjjI/5p8emkE5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYt
MGExYTM1ODk3ZjEwLzEvbV8xbXRGYXNrYzNXVnZNZ3hwbWpRaHJad3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi83YjZlZGMtYWQyMy00ZDczLWFiNTYtMGExYTM1ODk3ZjEw
LzEva3BOU3FOTGRjTWtmX095T01qX21ueDZhUVRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLuMIAwQF
VV1gAwQDl+3gMA0EAgACMAcDBQAqAAxAMA0GCSqGSIb3DQEBCwUAA4IBAQCkw7VH
mpXsGcaRKjBrQTE+RWQ7hc8SU+wrHp4wWZ/MJTsT8cMk3TtyZBHIh69SRD86phzp
FCiUKy4QHKpw9wONpdz1O6+kOPBj79mWvwozh5EdKBsr/QncDCmNRZWT+7Wk9SPH
x4OnbjAGapS2SK1C2DaCR1ujTaOq0TOoahMDHYgJZpo4KDWILEJAXU4WlUhLyyKi
yG2TXd1BHkbiKnU81CHtGtORAybrxiwb+AX4uUvI+9/0tpotLrUWRPKsNSVXo7QQ
qbD7eehxnj4GkO51KtWSW7DHNN88b3nrr88/VwXiv8Kri1i39igJ8VS4LHbyZvXD
QGBPUzO4QesfZuQR
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:37:52 2024 by rpki-client on console-fra.rpki-client.org