Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/MOzw5bBrvumgXz9WjZ7fp2SSnYA.roa
File: MOzw5bBrvumgXz9WjZ7fp2SSnYA.roa (raw, json)
Hash identifier: NnPsnXE0tpVXzcMM+s6yOkE90AeWD686YVBtVAZvgpM=
Subject key identifier: 30:EC:F0:E5:B0:6B:BE:E9:A0:5F:3F:56:8D:9E:DF:A7:64:92:9D:80
Certificate issuer: /CN=582ac3589fc539ab852690f85d9f3f7f234ec39b
Certificate serial: 01880AD546CFADAD18461B6086BA706C9001
Authority key identifier: 58:2A:C3:58:9F:C5:39:AB:85:26:90:F8:5D:9F:3F:7F:23:4E:C3:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/MOzw5bBrvumgXz9WjZ7fp2SSnYA.roa
Signing time: Thu 11 May 2023 12:42:09 +0000
ROA not before: Thu 11 May 2023 12:42:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28952
IP address blocks: 91.191.69.0/24 maxlen: 24
91.191.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0a:d5:46:cf:ad:ad:18:46:1b:60:86:ba:70:6c:90:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=582ac3589fc539ab852690f85d9f3f7f234ec39b
Validity
Not Before: May 11 12:42:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30ecf0e5b06bbee9a05f3f568d9edfa764929d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:57:78:25:22:fc:0b:16:23:86:bf:73:4b:86:
94:c4:cb:d6:ca:84:7f:bc:84:ca:9c:90:27:f7:e4:
60:ec:b2:77:7a:31:1c:fb:d1:64:de:c2:57:8f:6d:
df:f5:cd:54:5e:17:6b:70:b3:e9:8a:84:3c:a7:ad:
e2:cb:ba:d2:cd:73:4f:21:20:42:47:6a:bf:0d:74:
8f:84:7b:37:90:ac:ad:5c:54:18:cd:b4:05:d8:59:
5a:9d:6c:64:a0:f0:7d:4b:79:48:74:1a:59:ef:ee:
20:96:f5:c7:a2:6b:82:00:16:5b:7a:9b:e7:63:4b:
79:33:d0:4b:62:3a:13:f4:89:5a:74:72:e1:1a:48:
c3:88:46:0b:5f:64:a2:a8:59:32:34:5a:93:38:7d:
e4:83:07:4f:44:c5:43:13:42:e5:48:18:a0:1f:14:
0b:1e:67:eb:6b:3e:fb:4e:3c:e9:99:c4:98:b9:e6:
31:d2:60:d1:99:57:91:ce:9f:ae:b0:ff:ea:01:f7:
27:95:50:a6:05:98:95:99:0e:a3:d8:78:f5:1d:5f:
03:20:8a:c8:db:25:7e:19:3b:e0:4a:f2:db:57:a4:
74:96:85:52:38:2c:7d:9b:b9:a6:14:08:c3:40:95:
c2:7a:61:27:b6:d4:11:d7:68:46:b4:49:50:e2:4e:
59:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EC:F0:E5:B0:6B:BE:E9:A0:5F:3F:56:8D:9E:DF:A7:64:92:9D:80
X509v3 Authority Key Identifier:
keyid:58:2A:C3:58:9F:C5:39:AB:85:26:90:F8:5D:9F:3F:7F:23:4E:C3:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/MOzw5bBrvumgXz9WjZ7fp2SSnYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/0015d3-1b21-4e55-850b-674328d52bd7/1/WCrDWJ_FOauFJpD4XZ8_fyNOw5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.191.69.0/24
91.191.80.0/22
Signature Algorithm: sha256WithRSAEncryption
50:fc:07:db:e9:55:52:20:d2:eb:30:f3:31:64:1b:2c:63:47:
4a:9d:b4:60:62:07:2e:95:39:e5:b7:66:4e:db:d2:b6:b8:44:
fd:fd:fc:af:a5:54:69:d2:d1:78:17:9e:af:c5:02:c9:2d:c3:
d5:12:da:49:94:bc:3e:79:97:80:d0:c1:6f:c2:80:d6:85:56:
30:95:41:46:06:6a:29:fe:f2:a8:02:df:c3:b2:5e:a3:0b:d7:
4a:e3:c5:33:83:ef:45:67:73:e4:60:97:d9:dc:66:8f:5c:9b:
95:b1:45:1b:88:28:e8:8d:44:3e:03:fa:55:24:bd:ac:c5:7b:
01:02:42:d6:c3:53:ae:d7:d2:14:21:91:41:1c:fd:c7:7a:dd:
6e:df:02:35:4b:16:be:94:1a:d5:8c:11:08:cb:c6:9e:e6:3c:
a5:e8:e2:d9:9f:23:87:8e:22:b1:91:1e:87:18:e9:27:69:11:
de:88:ed:ab:41:24:3e:e7:ab:e0:c4:86:71:bc:af:2f:96:2d:
c8:05:c1:1a:db:f8:b1:21:4c:79:58:fc:16:f9:8a:e7:fa:85:
b2:8b:2c:d2:ca:8e:a7:c9:d1:c6:03:55:8b:45:ce:c6:94:ea:
5f:e5:8e:44:77:4f:2e:74:db:bd:26:2c:ff:56:c4:eb:41:47:
ce:81:dd:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYgK1UbPra0YRhtghrpwbJABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MmFjMzU4OWZjNTM5YWI4NTI2OTBmODVkOWYzZjdmMjM0
ZWMzOWIwHhcNMjMwNTExMTI0MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVjZjBlNWIwNmJiZWU5YTA1ZjNmNTY4ZDllZGZhNzY0OTI5ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVd4JSL8CxYjhr9zS4aUxMvWyoR/
vITKnJAn9+Rg7LJ3ejEc+9Fk3sJXj23f9c1UXhdrcLPpioQ8p63iy7rSzXNPISBC
R2q/DXSPhHs3kKytXFQYzbQF2FlanWxkoPB9S3lIdBpZ7+4glvXHomuCABZbepvn
Y0t5M9BLYjoT9IladHLhGkjDiEYLX2SiqFkyNFqTOH3kgwdPRMVDE0LlSBigHxQL
Hmfraz77TjzpmcSYueYx0mDRmVeRzp+usP/qAfcnlVCmBZiVmQ6j2Hj1HV8DIIrI
2yV+GTvgSvLbV6R0loVSOCx9m7mmFAjDQJXCemEnttQR12hGtElQ4k5ZGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDDs8OWwa77poF8/Vo2e36dkkp2AMB8GA1UdIwQY
MBaAFFgqw1ifxTmrhSaQ+F2fP38jTsObMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0NyRFdKX0ZPYXVGSnBENFhaOF9meU5PdzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8wMDE1ZDMtMWIyMS00ZTU1LTg1MGIt
Njc0MzI4ZDUyYmQ3LzEvTU96dzViQnJ2dW1nWHo5V2paN2ZwMlNTbllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8wMDE1ZDMtMWIyMS00ZTU1LTg1MGItNjc0MzI4ZDUyYmQ3
LzEvV0NyRFdKX0ZPYXVGSnBENFhaOF9meU5PdzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW79FAwQC
W79QMA0GCSqGSIb3DQEBCwUAA4IBAQBQ/Afb6VVSINLrMPMxZBssY0dKnbRgYgcu
lTnlt2ZO29K2uET9/fyvpVRp0tF4F56vxQLJLcPVEtpJlLw+eZeA0MFvwoDWhVYw
lUFGBmop/vKoAt/Dsl6jC9dK48Uzg+9FZ3PkYJfZ3GaPXJuVsUUbiCjojUQ+A/pV
JL2sxXsBAkLWw1Ou19IUIZFBHP3Het1u3wI1Sxa+lBrVjBEIy8ae5jyl6OLZnyOH
jiKxkR6HGOknaRHeiO2rQSQ+56vgxIZxvK8vli3IBcEa2/ixIUx5WPwW+Yrn+oWy
iyzSyo6nydHGA1WLRc7GlOpf5Y5Ed08udNu9Jiz/VsTrQUfOgd2J
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:46 2024 by rpki-client on console-fra.rpki-client.org