Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/mPTSbSMQcgf2kQcnwOm6ptilTkw.roa
File: mPTSbSMQcgf2kQcnwOm6ptilTkw.roa (raw, json)
Hash identifier: J5JRyJPV5JCeNppUbr5xNJqLHILrtbSVfaeSdvhUBLU=
Subject key identifier: 98:F4:D2:6D:23:10:72:07:F6:91:07:27:C0:E9:BA:A6:D8:A5:4E:4C
Certificate issuer: /CN=9a2ae8d4b01687021b77b874f110c1b6dbfec651
Certificate serial: 018572FA54917510A8805BD2E5A3746FF0F4
Authority key identifier: 9A:2A:E8:D4:B0:16:87:02:1B:77:B8:74:F1:10:C1:B6:DB:FE:C6:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miro1LAWhwIbd7h08RDBttv-xlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/mPTSbSMQcgf2kQcnwOm6ptilTkw.roa
Signing time: Mon 02 Jan 2023 14:54:46 +0000
ROA not before: Mon 02 Jan 2023 14:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20879
IP address blocks: 217.28.143.0/24 maxlen: 24
2a12:26c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:54:91:75:10:a8:80:5b:d2:e5:a3:74:6f:f0:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a2ae8d4b01687021b77b874f110c1b6dbfec651
Validity
Not Before: Jan 2 14:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98f4d26d23107207f6910727c0e9baa6d8a54e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:33:fc:9c:1c:8c:2a:97:44:18:5e:29:59:94:
a5:65:55:57:18:f1:f5:fa:c6:1f:b9:90:a1:f4:a4:
67:19:12:cc:f9:b5:35:13:72:1b:5e:c2:f2:a0:c5:
82:50:33:8b:8a:e7:85:da:c4:61:da:47:ad:dc:9f:
f0:8f:86:93:84:b5:8b:04:f3:6d:02:df:db:09:e1:
3e:f5:23:e7:ac:76:e5:1e:85:c2:63:24:20:7e:ae:
76:3a:bf:71:2c:81:cb:1c:13:60:91:57:13:5c:b9:
c3:a6:49:07:de:df:3b:4d:71:6c:dc:2c:f9:4c:ef:
35:b6:d3:6e:47:52:8c:18:05:7d:6f:b5:0d:d2:da:
0e:fa:e1:ae:21:4c:be:70:4a:32:2b:41:ca:32:d6:
3d:27:2c:dc:1b:0d:56:a0:c2:b2:ef:57:1c:41:de:
c5:a2:d5:6b:46:89:1a:61:07:ba:36:61:48:fb:34:
57:ce:49:ad:f5:b2:2a:5f:9e:bf:dd:94:ff:5e:a0:
98:d3:6b:63:86:8a:f1:2c:2f:bd:6a:17:6f:67:64:
1a:74:b1:4e:66:42:b3:44:5b:11:05:11:80:d2:f6:
ba:7a:71:df:8d:bf:40:de:68:71:5f:40:ba:1a:97:
a0:fd:95:9c:b6:32:58:ea:9a:84:51:96:a7:cb:89:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F4:D2:6D:23:10:72:07:F6:91:07:27:C0:E9:BA:A6:D8:A5:4E:4C
X509v3 Authority Key Identifier:
keyid:9A:2A:E8:D4:B0:16:87:02:1B:77:B8:74:F1:10:C1:B6:DB:FE:C6:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miro1LAWhwIbd7h08RDBttv-xlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/mPTSbSMQcgf2kQcnwOm6ptilTkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/c48a2d-097d-498b-bc62-b513a0c2f353/1/miro1LAWhwIbd7h08RDBttv-xlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.143.0/24
IPv6:
2a12:26c0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:ab:83:c4:14:6a:d7:92:a8:4b:db:48:1e:20:65:f9:61:e7:
8c:ff:48:12:a8:6b:c7:fe:4a:1e:c6:9d:3d:95:3f:93:80:f3:
e9:03:e1:3c:f6:3d:8f:dc:02:02:fd:97:3e:41:ef:1b:48:84:
a3:41:b7:0a:59:e1:38:9c:6b:2f:02:94:fa:f4:f0:7b:59:a7:
77:7d:2e:0a:1e:b2:6e:31:76:8a:83:e1:96:30:5e:3f:db:e0:
e3:57:7f:0c:08:aa:f2:e5:20:a2:49:f1:db:57:47:31:1d:d1:
f8:f7:63:0a:f6:a8:e8:5a:d3:4e:75:95:3c:7b:56:29:c9:58:
4a:5e:1f:5a:f0:c1:bc:44:ce:92:5f:77:c4:02:62:bf:36:6a:
ec:01:56:6e:2d:86:bc:79:a6:2b:d3:2b:a1:5d:84:2d:17:53:
b0:67:fd:42:a6:81:b5:26:ed:54:76:77:3d:07:8f:87:ac:f5:
07:5f:92:34:2c:e4:69:84:f2:43:fe:ca:f8:2a:3f:6a:6c:31:
dc:35:9f:d6:85:1f:07:89:32:29:20:f2:98:cd:3c:0e:d8:65:
5c:8f:9e:c5:e8:1e:a2:20:8f:87:2e:6e:1b:9f:b9:8b:61:e2:
d1:81:26:a7:31:61:66:b8:14:c7:21:ac:1e:2a:d6:49:61:38:
ba:09:d7:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVy+lSRdRCogFvS5aN0b/D0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMmFlOGQ0YjAxNjg3MDIxYjc3Yjg3NGYxMTBjMWI2ZGJm
ZWM2NTEwHhcNMjMwMTAyMTQ1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY0ZDI2ZDIzMTA3MjA3ZjY5MTA3MjdjMGU5YmFhNmQ4YTU0ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDP8nByMKpdEGF4pWZSlZVVXGPH1
+sYfuZCh9KRnGRLM+bU1E3IbXsLyoMWCUDOLiueF2sRh2ket3J/wj4aThLWLBPNt
At/bCeE+9SPnrHblHoXCYyQgfq52Or9xLIHLHBNgkVcTXLnDpkkH3t87TXFs3Cz5
TO81ttNuR1KMGAV9b7UN0toO+uGuIUy+cEoyK0HKMtY9JyzcGw1WoMKy71ccQd7F
otVrRokaYQe6NmFI+zRXzkmt9bIqX56/3ZT/XqCY02tjhorxLC+9ahdvZ2QadLFO
ZkKzRFsRBRGA0va6enHfjb9A3mhxX0C6Gpeg/ZWctjJY6pqEUZany4mWdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJj00m0jEHIH9pEHJ8DpuqbYpU5MMB8GA1UdIwQY
MBaAFJoq6NSwFocCG3e4dPEQwbbb/sZRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlybzFMQVdod0liZDdoMDhSREJ0dHYteGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9jNDhhMmQtMDk3ZC00OThiLWJjNjIt
YjUxM2EwYzJmMzUzLzEvbVBUU2JTTVFjZ2Yya1FjbndPbTZwdGlsVGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9jNDhhMmQtMDk3ZC00OThiLWJjNjItYjUxM2EwYzJmMzUz
LzEvbWlybzFMQVdod0liZDdoMDhSREJ0dHYteGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyPMA0E
AgACMAcDBQMqEibAMA0GCSqGSIb3DQEBCwUAA4IBAQBaq4PEFGrXkqhL20geIGX5
YeeM/0gSqGvH/koexp09lT+TgPPpA+E89j2P3AIC/Zc+Qe8bSISjQbcKWeE4nGsv
ApT69PB7Wad3fS4KHrJuMXaKg+GWMF4/2+DjV38MCKry5SCiSfHbV0cxHdH492MK
9qjoWtNOdZU8e1YpyVhKXh9a8MG8RM6SX3fEAmK/NmrsAVZuLYa8eaYr0yuhXYQt
F1OwZ/1CpoG1Ju1Udnc9B4+HrPUHX5I0LORphPJD/sr4Kj9qbDHcNZ/WhR8HiTIp
IPKYzTwO2GVcj57F6B6iII+HLm4bn7mLYeLRgSanMWFmuBTHIaweKtZJYTi6Cdf1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:16 2024 by rpki-client on console-fra.rpki-client.org