Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/U6MALOJxvxfMA5ZWeg48RCiKd2w.roa
File: U6MALOJxvxfMA5ZWeg48RCiKd2w.roa (raw, json)
Hash identifier: sO7vXOVP+cfv4n0K6OCJhnC5KuvUsLfnaPaA8PFE7Yw=
Subject key identifier: 53:A3:00:2C:E2:71:BF:17:CC:03:96:56:7A:0E:3C:44:28:8A:77:6C
Certificate issuer: /CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Certificate serial: 01856D53E4613D33AB9348F04E81DF0A3AF3
Authority key identifier: 8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/U6MALOJxvxfMA5ZWeg48RCiKd2w.roa
Signing time: Sun 01 Jan 2023 12:34:52 +0000
ROA not before: Sun 01 Jan 2023 12:34:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200325
IP address blocks: 91.200.176.0/24 maxlen: 24
193.162.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jan 2023 17:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:e4:61:3d:33:ab:93:48:f0:4e:81:df:0a:3a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Validity
Not Before: Jan 1 12:34:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53a3002ce271bf17cc0396567a0e3c44288a776c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d4:26:db:98:85:67:f1:25:3e:f9:11:17:12:
c6:99:ad:3f:92:4b:76:76:bf:88:1b:c9:a5:ff:95:
19:9f:6f:42:8b:7c:33:14:c6:89:e4:48:05:27:dd:
7f:70:5e:93:af:12:fb:5f:17:94:bc:44:50:67:c3:
7a:49:f0:6d:af:02:6c:76:73:ec:df:14:73:7c:28:
c5:30:02:07:11:3c:75:6c:ab:24:50:12:9f:f6:3a:
95:43:bb:15:1e:23:e0:c1:5a:a5:81:99:00:46:53:
cd:5e:95:a5:d1:11:c4:1a:02:d9:15:c8:55:8f:b7:
97:55:bf:bb:a5:28:9e:4e:46:3e:7e:90:e1:d0:a2:
d1:e8:bc:16:1c:1d:c0:e7:3a:f3:1c:9a:56:d1:1e:
55:32:1b:94:f4:2a:f9:d8:74:2c:59:48:e1:e7:ea:
bc:2c:e8:31:34:7f:58:1d:9c:b1:32:98:3e:30:9c:
8c:ca:51:33:c0:e3:2d:b5:32:34:75:e4:5e:f0:c4:
93:e5:94:66:2c:8a:b6:31:8f:51:4c:a8:12:13:7d:
24:74:a3:d6:91:1f:2f:95:e6:04:01:49:e0:25:94:
e0:f6:63:4a:da:33:00:b1:49:79:e3:60:97:b8:40:
2f:05:fa:71:0b:f1:b8:14:2c:7b:d2:93:79:59:95:
36:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:A3:00:2C:E2:71:BF:17:CC:03:96:56:7A:0E:3C:44:28:8A:77:6C
X509v3 Authority Key Identifier:
keyid:8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/U6MALOJxvxfMA5ZWeg48RCiKd2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.176.0/24
193.162.131.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6d:ff:ef:cd:e0:cd:1f:15:56:c8:0e:af:77:bc:49:5d:42:
d2:7f:a7:bf:6d:c3:2a:67:2c:72:3d:f1:fe:f7:b3:aa:3b:27:
97:c4:11:de:5c:9d:e0:32:0a:16:ef:4c:f1:aa:94:6e:9a:2a:
49:b6:2a:f7:b4:0b:47:6a:ae:6f:fe:e0:53:d7:6d:02:5d:76:
00:c0:18:69:3f:7e:39:f9:0b:be:0b:dc:6b:4b:55:c1:28:50:
48:cc:cd:50:34:4f:43:ab:07:50:c9:c8:6f:52:45:a3:9b:2d:
1d:84:29:c8:00:b3:c8:b6:9d:28:20:9d:4b:17:38:9a:11:4b:
bd:d2:d9:cb:a8:e7:02:a5:69:e8:74:d8:fe:92:85:59:19:93:
c3:4d:81:83:ee:e7:ff:a2:b6:03:84:43:26:5c:c3:5b:dc:84:
33:ea:6b:51:8f:77:ee:d0:30:b4:c8:29:f8:15:d1:b8:b3:6e:
33:dc:6b:ba:fd:9f:74:44:61:5b:aa:45:57:02:20:fd:d7:6b:
f1:38:49:67:70:5c:ff:b5:fe:c2:d3:ad:3d:ca:f1:c8:77:4f:
fc:94:3e:68:78:04:60:14:57:9a:41:15:eb:9b:84:d5:ad:2b:
17:e6:8c:13:49:e6:50:d3:3d:13:c4:3d:1d:cc:05:ec:5f:d6:
62:34:23:04
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtU+RhPTOrk0jwToHfCjrzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAyYTYxNmMwNDk0MWUyYzlmMDcxNjUxZTQ5YzVkZjNh
ZWQwYjEwHhcNMjMwMTAxMTIzNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2EzMDAyY2UyNzFiZjE3Y2MwMzk2NTY3YTBlM2M0NDI4OGE3NzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdQm25iFZ/ElPvkRFxLGma0/kkt2
dr+IG8ml/5UZn29Ci3wzFMaJ5EgFJ91/cF6TrxL7XxeUvERQZ8N6SfBtrwJsdnPs
3xRzfCjFMAIHETx1bKskUBKf9jqVQ7sVHiPgwVqlgZkARlPNXpWl0RHEGgLZFchV
j7eXVb+7pSieTkY+fpDh0KLR6LwWHB3A5zrzHJpW0R5VMhuU9Cr52HQsWUjh5+q8
LOgxNH9YHZyxMpg+MJyMylEzwOMttTI0deRe8MST5ZRmLIq2MY9RTKgSE30kdKPW
kR8vleYEAUngJZTg9mNK2jMAsUl542CXuEAvBfpxC/G4FCx70pN5WZU2swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFOjACzicb8XzAOWVnoOPEQoindsMB8GA1UdIwQY
MBaAFI5wKmFsBJQeLJ8HFlHknF3zrtCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMt
Y2Q2MGM4OTEwMDFiLzEvVTZNQUxPSnh2eGZNQTVaV2VnNDhSQ2lLZDJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMtY2Q2MGM4OTEwMDFi
LzEvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8iwAwQA
waKDMA0GCSqGSIb3DQEBCwUAA4IBAQAJbf/vzeDNHxVWyA6vd7xJXULSf6e/bcMq
ZyxyPfH+97OqOyeXxBHeXJ3gMgoW70zxqpRumipJtir3tAtHaq5v/uBT120CXXYA
wBhpP345+Qu+C9xrS1XBKFBIzM1QNE9DqwdQychvUkWjmy0dhCnIALPItp0oIJ1L
FziaEUu90tnLqOcCpWnodNj+koVZGZPDTYGD7uf/orYDhEMmXMNb3IQz6mtRj3fu
0DC0yCn4FdG4s24z3Gu6/Z90RGFbqkVXAiD912vxOElncFz/tf7C0609yvHId0/8
lD5oeARgFFeaQRXrm4TVrSsX5owTSeZQ0z0TxD0dzAXsX9ZiNCME
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:01 2024 by rpki-client on console-fra.rpki-client.org