Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/MRba5VPZ72a9IsOoAv8c8MijmQ8.roa
File: MRba5VPZ72a9IsOoAv8c8MijmQ8.roa (raw, json)
Hash identifier: T140vU8ef+Q76OPNefN4xpHHq9Qs3K21m3+PA/QKN2U=
Subject key identifier: 31:16:DA:E5:53:D9:EF:66:BD:22:C3:A8:02:FF:1C:F0:C8:A3:99:0F
Certificate issuer: /CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Certificate serial: 018570B085C52FE9E38E753C0C151382707F
Authority key identifier: 69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/MRba5VPZ72a9IsOoAv8c8MijmQ8.roa
Signing time: Mon 02 Jan 2023 04:14:54 +0000
ROA not before: Mon 02 Jan 2023 04:14:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3262
IP address blocks: 212.81.128.0/17 maxlen: 17
192.148.167.0/24 maxlen: 24
195.16.128.0/19 maxlen: 19
194.30.0.0/17 maxlen: 17
2a03:c600::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 01 Sep 2023 12:15:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:85:c5:2f:e9:e3:8e:75:3c:0c:15:13:82:70:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69adb825f9fdbca0cd7c7901deb7a22ae1797c06
Validity
Not Before: Jan 2 04:14:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3116dae553d9ef66bd22c3a802ff1cf0c8a3990f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:7b:d7:9f:c1:32:74:78:26:b4:31:bc:dc:bb:
99:07:00:75:40:fc:db:7f:e7:59:b9:52:0b:32:91:
ef:39:fa:a7:82:4d:41:7f:37:fe:da:97:fe:a8:a8:
19:cb:b1:91:2c:aa:eb:ca:d3:4e:f2:48:51:63:a2:
6a:71:79:92:5a:7a:ea:d0:ed:78:76:da:eb:d6:bf:
8e:e4:61:21:b5:d1:9b:4b:14:10:63:fc:ea:dd:2a:
f1:70:3f:61:6c:d1:71:dc:e2:35:c6:f2:a7:bd:f4:
63:b3:66:bd:59:ac:cc:cf:9d:c4:3c:2c:19:82:17:
dc:30:9d:a3:2a:7c:ab:60:f6:62:49:2e:c1:d6:3e:
b4:1c:fc:e4:44:91:86:a5:68:54:fd:30:89:95:33:
0b:3d:e7:10:5f:11:90:79:cf:d4:05:0f:8e:c6:24:
35:37:5c:c8:6d:17:c6:c7:ec:62:27:71:7d:3a:5f:
dc:90:7a:d3:11:02:6e:d2:e7:e3:31:e3:b5:20:57:
69:d3:08:28:28:2a:cc:e0:ab:27:18:38:61:f8:20:
74:b4:2a:1b:9c:c6:5e:04:fd:bb:73:0e:b1:37:c8:
5a:67:53:89:a7:af:7a:4c:bf:65:9b:c1:86:58:fa:
dc:02:1a:53:f8:6b:3d:d6:c2:c1:8d:2b:1a:83:57:
79:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:16:DA:E5:53:D9:EF:66:BD:22:C3:A8:02:FF:1C:F0:C8:A3:99:0F
X509v3 Authority Key Identifier:
keyid:69:AD:B8:25:F9:FD:BC:A0:CD:7C:79:01:DE:B7:A2:2A:E1:79:7C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa24Jfn9vKDNfHkB3reiKuF5fAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/MRba5VPZ72a9IsOoAv8c8MijmQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/af6b7a-9a70-494e-8a90-3236267c8799/1/aa24Jfn9vKDNfHkB3reiKuF5fAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.148.167.0/24
194.30.0.0/17
195.16.128.0/19
212.81.128.0/17
IPv6:
2a03:c600::/32
Signature Algorithm: sha256WithRSAEncryption
37:20:6e:b0:83:3e:88:5c:ee:09:16:60:00:91:85:b2:c1:aa:
62:a0:e2:af:cd:62:d9:fe:37:08:43:b4:21:39:85:a1:f2:74:
77:bf:41:2e:23:2d:3a:fa:27:48:5e:72:5d:2c:bf:c9:38:01:
c1:5c:eb:31:c9:a7:a5:6c:1e:5a:05:43:6d:1c:0c:a6:26:cd:
d6:87:39:00:c5:94:23:fc:72:30:fd:9d:61:6c:21:95:b5:48:
75:b7:31:d9:cd:6e:2a:fa:20:85:ec:fc:83:65:1a:6e:5f:6a:
09:32:db:71:ce:7c:1a:ac:34:fc:23:e7:3c:f0:43:89:ec:33:
a1:59:5f:9f:73:33:09:28:5a:11:c9:ad:67:f6:2f:88:47:e1:
7e:e5:89:24:bb:e1:8f:6c:84:b4:12:34:f4:9c:2b:9e:56:99:
09:3c:1b:9d:61:3b:4a:81:1a:f6:53:10:d8:7e:fe:0f:4c:39:
5f:2b:8e:8b:6e:f6:7a:28:b0:14:6e:16:56:c2:ac:71:5f:01:
db:a7:fd:91:7f:fe:77:e3:78:4a:24:c3:9d:62:93:e6:e7:26:
82:a4:0d:98:24:78:69:e7:a1:5f:e5:9d:e1:f3:5d:02:5d:67:
10:48:35:77:60:43:b6:79:b2:e3:b4:a3:4a:fc:43:a4:75:45:
ba:0b:96:dd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVwsIXFL+njjnU8DBUTgnB/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YWRiODI1ZjlmZGJjYTBjZDdjNzkwMWRlYjdhMjJhZTE3
OTdjMDYwHhcNMjMwMTAyMDQxNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTE2ZGFlNTUzZDllZjY2YmQyMmMzYTgwMmZmMWNmMGM4YTM5OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXvXn8EydHgmtDG83LuZBwB1QPzb
f+dZuVILMpHvOfqngk1Bfzf+2pf+qKgZy7GRLKrrytNO8khRY6JqcXmSWnrq0O14
dtrr1r+O5GEhtdGbSxQQY/zq3SrxcD9hbNFx3OI1xvKnvfRjs2a9WazMz53EPCwZ
ghfcMJ2jKnyrYPZiSS7B1j60HPzkRJGGpWhU/TCJlTMLPecQXxGQec/UBQ+OxiQ1
N1zIbRfGx+xiJ3F9Ol/ckHrTEQJu0ufjMeO1IFdp0wgoKCrM4KsnGDhh+CB0tCob
nMZeBP27cw6xN8haZ1OJp696TL9lm8GGWPrcAhpT+Gs91sLBjSsag1d5IQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDEW2uVT2e9mvSLDqAL/HPDIo5kPMB8GA1UdIwQY
MBaAFGmtuCX5/bygzXx5Ad63oirheXwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAt
MzIzNjI2N2M4Nzk5LzEvTVJiYTVWUFo3MmE5SXNPb0F2OGM4TWlqbVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9hZjZiN2EtOWE3MC00OTRlLThhOTAtMzIzNjI2N2M4Nzk5
LzEvYWEyNEpmbjl2S0ROZkhrQjNyZWlLdUY1ZkFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwJSnAwQH
wh4AAwQFwxCAAwQH1FGAMA0EAgACMAcDBQAqA8YAMA0GCSqGSIb3DQEBCwUAA4IB
AQA3IG6wgz6IXO4JFmAAkYWywapioOKvzWLZ/jcIQ7QhOYWh8nR3v0EuIy06+idI
XnJdLL/JOAHBXOsxyaelbB5aBUNtHAymJs3WhzkAxZQj/HIw/Z1hbCGVtUh1tzHZ
zW4q+iCF7PyDZRpuX2oJMttxznwarDT8I+c88EOJ7DOhWV+fczMJKFoRya1n9i+I
R+F+5Ykku+GPbIS0EjT0nCueVpkJPBudYTtKgRr2UxDYfv4PTDlfK46LbvZ6KLAU
bhZWwqxxXwHbp/2Rf/5343hKJMOdYpPm5yaCpA2YJHhp56Ff5Z3h810CXWcQSDV3
YEO2ebLjtKNK/EOkdUW6C5bd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:27 2024 by rpki-client on console-fra.rpki-client.org