Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/mCH3VGNbBaI9stZtIMdBL6FDAv4.roa
File: mCH3VGNbBaI9stZtIMdBL6FDAv4.roa (raw, json)
Hash identifier: VIggwqYz4mZpNuPtiAiEXLx2v9lew+XMIsNTC/O14jI=
Subject key identifier: 98:21:F7:54:63:5B:05:A2:3D:B2:D6:6D:20:C7:41:2F:A1:43:02:FE
Certificate issuer: /CN=86ee201c65d655ee9cfe251f951ea91bba154567
Certificate serial: 018CC80184C3A967192853CD3C7C94948440
Authority key identifier: 86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/mCH3VGNbBaI9stZtIMdBL6FDAv4.roa
Signing time: Tue 02 Jan 2024 02:29:51 +0000
ROA not before: Tue 02 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43054
IP address blocks: 185.225.27.0/24 maxlen: 24
193.41.32.0/24 maxlen: 24
193.200.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 12:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:84:c3:a9:67:19:28:53:cd:3c:7c:94:94:84:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86ee201c65d655ee9cfe251f951ea91bba154567
Validity
Not Before: Jan 2 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9821f754635b05a23db2d66d20c7412fa14302fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b8:2c:f4:36:ce:e1:5b:f1:2b:99:7d:60:27:
ba:7b:4a:9a:fb:27:a7:2a:93:f1:30:15:ec:b7:7f:
25:91:e8:70:f9:03:85:9f:1c:33:62:fa:0d:06:23:
fc:6d:0f:27:61:77:81:26:97:85:e8:e5:06:ed:d1:
d9:23:a2:a0:66:ac:8c:01:d7:c6:43:d3:47:f3:a4:
17:a2:cb:d1:ac:cc:df:65:9d:1d:cd:fe:cc:de:9f:
c9:cb:0d:7f:9d:c9:89:e0:b6:30:00:f2:e6:c9:97:
c0:81:43:2a:1b:3e:85:b6:f0:be:91:09:d9:08:f8:
64:39:17:10:c5:6d:c8:e2:6a:0f:7e:a6:25:e5:aa:
a9:8f:80:55:63:c8:23:96:fa:6a:55:f0:4b:79:15:
12:9e:75:a9:f7:53:bf:59:38:f0:c6:b4:c5:4f:34:
da:4f:a5:47:87:58:bc:db:55:69:7f:9e:95:65:d9:
0b:1e:67:e8:2b:2c:40:c7:55:90:37:eb:b5:77:60:
b2:ad:35:fc:6b:eb:63:99:d8:63:3c:79:b9:ca:10:
6f:3c:01:c2:a4:e5:0a:4d:c7:16:24:7e:15:f2:92:
58:9f:30:b5:1f:37:7d:2f:d9:2e:e4:6c:62:29:a6:
84:7f:bc:8e:1c:a5:7a:09:ee:e1:b2:f2:98:c5:c8:
4b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:21:F7:54:63:5B:05:A2:3D:B2:D6:6D:20:C7:41:2F:A1:43:02:FE
X509v3 Authority Key Identifier:
keyid:86:EE:20:1C:65:D6:55:EE:9C:FE:25:1F:95:1E:A9:1B:BA:15:45:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hu4gHGXWVe6c_iUflR6pG7oVRWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/mCH3VGNbBaI9stZtIMdBL6FDAv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/13a735-3b1c-4d9c-8cfa-a8ca8e4c7e77/1/hu4gHGXWVe6c_iUflR6pG7oVRWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.27.0/24
193.41.32.0/24
193.200.214.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e7:cd:8e:30:d0:ed:12:2e:89:94:96:ba:93:00:8e:29:2a:
ca:42:e3:d9:70:f1:5c:00:ef:6a:cd:e5:a0:cf:67:4c:a0:c4:
f4:a8:48:67:15:ae:89:e8:ce:cc:d4:7f:65:c5:73:d1:be:bf:
c9:f0:02:3f:61:51:34:02:0d:aa:b7:b5:f5:72:f5:89:cf:b3:
60:af:bb:80:fa:79:74:c6:3e:8f:8d:76:e0:0f:22:f2:9a:13:
b9:70:37:30:b9:35:7c:5c:ad:fc:eb:9b:22:5b:d3:84:8a:b1:
d7:6a:fa:c3:c8:ac:6a:87:7f:e0:a8:60:80:95:7a:c7:1c:1b:
d2:5f:90:f3:ed:0a:14:5d:e2:ab:ff:78:4c:e9:10:6d:44:7a:
49:45:a3:96:7c:6a:33:03:93:64:83:6a:4b:59:08:fc:4b:e4:
0e:3e:c4:b3:c1:3f:11:98:7d:92:a8:ef:4b:94:88:c1:88:f4:
e3:6f:ba:00:61:15:59:86:e8:b1:ee:d5:51:14:7b:d9:35:1d:
89:bf:df:73:50:02:db:c2:76:42:c6:a6:31:ca:70:3c:39:c1:
a8:2a:4e:46:27:4d:18:34:6d:06:eb:86:aa:6f:eb:2b:44:32:
58:ec:be:dc:2b:8a:7d:e1:dc:f6:52:cc:7d:c9:7e:9e:47:36:
8f:39:08:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIAYTDqWcZKFPNPHyUlIRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZWUyMDFjNjVkNjU1ZWU5Y2ZlMjUxZjk1MWVhOTFiYmEx
NTQ1NjcwHhcNMjQwMTAyMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODIxZjc1NDYzNWIwNWEyM2RiMmQ2NmQyMGM3NDEyZmExNDMwMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrgs9DbO4VvxK5l9YCe6e0qa+yen
KpPxMBXst38lkehw+QOFnxwzYvoNBiP8bQ8nYXeBJpeF6OUG7dHZI6KgZqyMAdfG
Q9NH86QXosvRrMzfZZ0dzf7M3p/Jyw1/ncmJ4LYwAPLmyZfAgUMqGz6FtvC+kQnZ
CPhkORcQxW3I4moPfqYl5aqpj4BVY8gjlvpqVfBLeRUSnnWp91O/WTjwxrTFTzTa
T6VHh1i821Vpf56VZdkLHmfoKyxAx1WQN+u1d2CyrTX8a+tjmdhjPHm5yhBvPAHC
pOUKTccWJH4V8pJYnzC1Hzd9L9ku5GxiKaaEf7yOHKV6Ce7hsvKYxchL9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJgh91RjWwWiPbLWbSDHQS+hQwL+MB8GA1UdIwQY
MBaAFIbuIBxl1lXunP4lH5UeqRu6FUVnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEt
YThjYThlNGM3ZTc3LzEvbUNIM1ZHTmJCYUk5c3RadElNZEJMNkZEQXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8xM2E3MzUtM2IxYy00ZDljLThjZmEtYThjYThlNGM3ZTc3
LzEvaHU0Z0hHWFdWZTZjX2lVZmxSNnBHN29WUldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAueEbAwQA
wSkgAwQAwcjWMA0GCSqGSIb3DQEBCwUAA4IBAQAs582OMNDtEi6JlJa6kwCOKSrK
QuPZcPFcAO9qzeWgz2dMoMT0qEhnFa6J6M7M1H9lxXPRvr/J8AI/YVE0Ag2qt7X1
cvWJz7Ngr7uA+nl0xj6PjXbgDyLymhO5cDcwuTV8XK3865siW9OEirHXavrDyKxq
h3/gqGCAlXrHHBvSX5Dz7QoUXeKr/3hM6RBtRHpJRaOWfGozA5Nkg2pLWQj8S+QO
PsSzwT8RmH2SqO9LlIjBiPTjb7oAYRVZhuix7tVRFHvZNR2Jv99zUALbwnZCxqYx
ynA8OcGoKk5GJ00YNG0G64aqb+srRDJY7L7cK4p94dz2Usx9yX6eRzaPOQhl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:32 2024 by rpki-client on console-ams.rpki-client.org