Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPTl_81g_c9WOuNACytVPng60qY.roa
File: MPTl_81g_c9WOuNACytVPng60qY.roa (raw, json)
Hash identifier: uZACKmsQK5m2FnrJba1lSgbdTbIewst5xdDUGXOYtnU=
Subject key identifier: 30:F4:E5:FF:CD:60:FD:CF:56:3A:E3:40:0B:2B:55:3E:78:3A:D2:A6
Certificate issuer: /CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Certificate serial: 0190716CDE925BBD407F14A38416A3FF7F67
Authority key identifier: 52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPTl_81g_c9WOuNACytVPng60qY.roa
Signing time: Tue 02 Jul 2024 03:11:18 +0000
ROA not before: Tue 02 Jul 2024 03:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jul 2024 04:06:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:71:6c:de:92:5b:bd:40:7f:14:a3:84:16:a3:ff:7f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52620415d2490a5ec3f6925b9f79040e8e22ddbf
Validity
Not Before: Jul 2 03:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30f4e5ffcd60fdcf563ae3400b2b553e783ad2a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:3c:49:9f:44:81:62:08:a0:85:05:86:38:
5e:0e:f3:f5:c0:ac:1a:5c:d5:4d:62:b4:b1:7a:1d:
00:18:41:b7:77:7a:8d:7b:ea:cc:68:78:17:c7:64:
6e:e9:d2:f4:76:4e:63:b8:a7:17:4d:d1:e9:b0:6f:
26:fe:55:70:4e:87:f4:70:34:77:38:22:28:11:ab:
5b:20:06:28:08:24:d2:cf:64:c4:2f:df:82:36:33:
cb:f4:0a:79:31:96:df:d8:3a:95:cc:93:59:18:6c:
14:b5:14:11:63:26:97:01:92:56:78:c0:ec:5e:24:
fb:d6:36:7c:cf:5d:4a:87:db:a9:9e:13:e1:ef:d8:
10:9b:25:0b:1f:d7:0f:d2:3f:e7:c4:9c:de:35:ae:
7f:9c:a7:de:fa:34:47:65:dc:01:e9:a3:fc:b1:bf:
1e:31:76:df:06:05:98:be:8b:86:81:38:88:b9:3b:
dc:46:ae:7f:a2:2d:2a:86:17:5a:91:b6:a8:77:10:
35:de:cb:39:22:37:2b:7a:6c:70:fe:90:f7:fa:98:
3b:18:c5:d6:01:6c:bf:35:a3:23:40:be:b8:0c:d2:
e7:3c:30:fd:cf:fc:89:58:14:88:39:e8:35:e0:ea:
5d:24:7a:9c:5c:25:e8:31:70:d4:96:49:98:46:78:
41:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F4:E5:FF:CD:60:FD:CF:56:3A:E3:40:0B:2B:55:3E:78:3A:D2:A6
X509v3 Authority Key Identifier:
keyid:52:62:04:15:D2:49:0A:5E:C3:F6:92:5B:9F:79:04:0E:8E:22:DD:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmIEFdJJCl7D9pJbn3kEDo4i3b8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/MPTl_81g_c9WOuNACytVPng60qY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/09837c-98f3-4c9f-aebf-881488ffdbb0/1/UmIEFdJJCl7D9pJbn3kEDo4i3b8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
51:df:5b:5f:24:36:f9:2d:12:b6:c9:d6:1d:c8:53:69:07:5d:
5b:3d:95:00:99:8b:76:f5:59:9d:2d:ff:07:e6:92:8c:be:19:
bd:e8:b8:c3:b2:b6:09:e5:bb:25:40:6e:70:45:46:f5:a9:03:
05:6f:02:b1:55:e5:dc:24:9a:96:22:fc:5d:81:e9:22:72:58:
6a:bc:78:9f:62:c2:3b:c1:6f:76:95:07:6f:09:6d:4d:9d:db:
c4:32:b3:a3:3c:eb:8e:24:13:53:79:37:c2:04:5f:6a:13:37:
72:cc:03:c0:75:d7:fb:25:45:67:0c:40:9a:cf:a1:24:4b:77:
87:0c:e4:39:74:38:2e:ce:c4:f9:3f:03:d1:3e:de:b0:1b:ce:
64:84:5b:f0:e8:52:50:2f:54:30:81:6e:f3:ef:9d:8b:9a:0c:
38:eb:c4:dd:04:9f:a0:9b:78:18:0a:a0:86:f2:32:8b:79:5f:
92:4d:1a:6d:77:d9:6b:75:c0:dd:86:1d:d1:15:f5:d0:82:f4:
f6:71:b3:18:b2:82:1f:1d:fb:cf:21:78:71:74:51:c3:10:ac:
20:ec:0c:83:f7:d5:1f:a9:fa:2f:ee:81:e3:cb:f3:b1:3d:9d:
15:9e:df:9b:9e:69:5c:0b:45:75:ef:37:aa:74:cd:3e:22:98:
73:a1:b4:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZBxbN6SW71AfxSjhBaj/39nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjIwNDE1ZDI0OTBhNWVjM2Y2OTI1YjlmNzkwNDBlOGUy
MmRkYmYwHhcNMjQwNzAyMDMxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY0ZTVmZmNkNjBmZGNmNTYzYWUzNDAwYjJiNTUzZTc4M2FkMmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0M8SZ9EgWIIoIUFhjheDvP1wKwa
XNVNYrSxeh0AGEG3d3qNe+rMaHgXx2Ru6dL0dk5juKcXTdHpsG8m/lVwTof0cDR3
OCIoEatbIAYoCCTSz2TEL9+CNjPL9Ap5MZbf2DqVzJNZGGwUtRQRYyaXAZJWeMDs
XiT71jZ8z11Kh9upnhPh79gQmyULH9cP0j/nxJzeNa5/nKfe+jRHZdwB6aP8sb8e
MXbfBgWYvouGgTiIuTvcRq5/oi0qhhdakbaodxA13ss5Ijcremxw/pD3+pg7GMXW
AWy/NaMjQL64DNLnPDD9z/yJWBSIOeg14OpdJHqcXCXoMXDUlkmYRnhB8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDD05f/NYP3PVjrjQAsrVT54OtKmMB8GA1UdIwQY
MBaAFFJiBBXSSQpew/aSW595BA6OIt2/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYt
ODgxNDg4ZmZkYmIwLzEvTVBUbF84MWdfYzlXT3VOQUN5dFZQbmc2MHFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wOTgzN2MtOThmMy00YzlmLWFlYmYtODgxNDg4ZmZkYmIw
LzEvVW1JRUZkSkpDbDdEOXBKYm4za0VEbzRpM2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFHfW18kNvktErbJ1h3I
U2kHXVs9lQCZi3b1WZ0t/wfmkoy+Gb3ouMOytgnluyVAbnBFRvWpAwVvArFV5dwk
mpYi/F2B6SJyWGq8eJ9iwjvBb3aVB28JbU2d28Qys6M8644kE1N5N8IEX2oTN3LM
A8B11/slRWcMQJrPoSRLd4cM5Dl0OC7OxPk/A9E+3rAbzmSEW/DoUlAvVDCBbvPv
nYuaDDjrxN0En6CbeBgKoIbyMot5X5JNGm132Wt1wN2GHdEV9dCC9PZxsxiygh8d
+88heHF0UcMQrCDsDIP31R+p+i/ugePL87E9nRWe35ueaVwLRXXvN6p0zT4imHOh
tHw=
-----END CERTIFICATE-----
Generated at Tue Jul 2 04:52:19 2024 by rpki-client on console-fra.rpki-client.org