Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/MK7U-yVhRMcBjY71thUmdJnVq9I.roa
File: MK7U-yVhRMcBjY71thUmdJnVq9I.roa (raw, json)
Hash identifier: 5qvdIqJKQh7cHRgIVj1/MmedyKJGUf+tEjsZkURO5Dc=
Subject key identifier: 30:AE:D4:FB:25:61:44:C7:01:8D:8E:F5:B6:15:26:74:99:D5:AB:D2
Certificate issuer: /CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Certificate serial: 01856F02163F384CF56A8CDFC0A0E51F801E
Authority key identifier: 01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/MK7U-yVhRMcBjY71thUmdJnVq9I.roa
Signing time: Sun 01 Jan 2023 20:24:45 +0000
ROA not before: Sun 01 Jan 2023 20:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208128
IP address blocks: 193.108.111.0/24 maxlen: 24
193.108.110.0/24 maxlen: 24
193.108.110.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:16:3f:38:4c:f5:6a:8c:df:c0:a0:e5:1f:80:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Validity
Not Before: Jan 1 20:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30aed4fb256144c7018d8ef5b615267499d5abd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:7b:04:9f:1d:ac:ea:fc:d8:22:21:e1:5f:
12:d9:ba:68:ae:bb:f5:a4:bd:88:ed:bc:40:3a:13:
9a:cc:93:43:05:ec:b3:7a:c6:5e:76:60:58:8c:45:
8a:c9:de:f0:b7:84:a0:5f:65:47:b9:c5:64:cc:7e:
4c:ff:b8:af:49:ef:14:b6:de:cf:23:ca:54:7c:c1:
1a:09:5e:ad:87:a1:ef:be:ab:c5:5b:1a:7d:7b:02:
e1:39:18:97:a4:bc:64:34:53:f2:3f:07:50:4a:02:
4e:08:d9:a6:bd:ee:76:66:60:8b:1c:2a:56:d4:71:
2f:16:ba:f9:b2:89:28:8b:c2:83:64:e0:d4:7e:4b:
88:fb:c6:28:35:2e:21:2f:7d:d7:1a:d1:24:ae:fc:
7f:2d:5e:89:4b:94:99:bc:82:b3:32:4a:74:bd:fa:
50:87:f9:3b:e1:ea:37:a4:e6:21:95:d5:fb:bb:4e:
17:a9:b7:b0:7f:80:ad:7b:e9:02:6b:6a:76:08:53:
fa:85:e7:c3:8a:cb:df:e4:4f:d5:5e:75:c5:7f:58:
42:68:e5:29:70:aa:8f:ac:99:f8:f0:7f:9b:95:6c:
22:79:16:e0:2f:d4:d7:e1:4b:f0:be:15:49:f7:ca:
d7:47:ac:56:f8:c6:59:0a:72:70:3b:e2:d7:dd:27:
ae:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AE:D4:FB:25:61:44:C7:01:8D:8E:F5:B6:15:26:74:99:D5:AB:D2
X509v3 Authority Key Identifier:
keyid:01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/MK7U-yVhRMcBjY71thUmdJnVq9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/AcS3hNgWbovQ9H1yD95frsFkWzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.110.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:06:cb:73:67:f5:81:e7:18:1d:49:a9:e6:d4:63:64:0f:58:
94:58:a1:63:86:1f:f9:21:cc:9a:99:db:a5:e7:20:b5:23:41:
3e:dd:82:12:d7:9b:19:b4:2e:67:be:a5:4a:e7:ab:98:d7:03:
8a:fd:42:0c:1b:bd:b2:fa:b2:5c:2d:a6:79:f5:05:12:a0:9e:
d5:eb:d5:bf:72:9f:32:45:bb:13:ee:1a:05:09:d3:25:16:b9:
35:af:f6:01:f7:9a:c0:0b:3d:67:b1:cf:c4:d8:93:a1:61:be:
83:86:b8:70:d0:e9:ba:24:8f:6d:bd:57:1d:82:60:c8:f6:93:
55:2e:a8:c7:29:3c:9b:97:ed:67:7e:a2:6c:1a:cd:86:38:0d:
e3:5a:ff:71:e2:23:0d:b1:c5:0a:59:13:58:53:8e:d9:8c:2e:
da:83:29:15:53:2c:75:4d:95:99:18:f3:27:00:a7:79:16:55:
d6:84:04:ad:73:9b:78:f9:b9:87:65:86:36:95:b1:8c:71:a5:
01:10:de:c0:f4:e2:6b:4b:8a:0c:d3:d4:1b:7e:26:66:10:6a:
35:8e:c7:d4:1c:af:10:6c:79:74:89:d6:db:67:c9:53:05:9c:
da:f8:36:28:5b:a6:93:9d:20:ec:a4:1c:58:69:a3:d2:10:45:
75:43:bb:e9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAhY/OEz1aozfwKDlH4AeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxYzRiNzg0ZDgxNjZlOGJkMGY0N2Q3MjBmZGU1ZmFlYzE2
NDViMzQwHhcNMjMwMTAxMjAyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFlZDRmYjI1NjE0NGM3MDE4ZDhlZjViNjE1MjY3NDk5ZDVhYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJx7BJ8drOr82CIh4V8S2bporrv1
pL2I7bxAOhOazJNDBeyzesZedmBYjEWKyd7wt4SgX2VHucVkzH5M/7ivSe8Utt7P
I8pUfMEaCV6th6HvvqvFWxp9ewLhORiXpLxkNFPyPwdQSgJOCNmmve52ZmCLHCpW
1HEvFrr5sokoi8KDZODUfkuI+8YoNS4hL33XGtEkrvx/LV6JS5SZvIKzMkp0vfpQ
h/k74eo3pOYhldX7u04Xqbewf4Cte+kCa2p2CFP6hefDisvf5E/VXnXFf1hCaOUp
cKqPrJn48H+blWwieRbgL9TX4UvwvhVJ98rXR6xW+MZZCnJwO+LX3SeuIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCu1PslYUTHAY2O9bYVJnSZ1avSMB8GA1UdIwQY
MBaAFAHEt4TYFm6L0PR9cg/eX67BZFs0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWNTM2hOZ1dib3ZROUgxeUQ5NWZyc0ZrV3pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9mMmI4NDAtMmM4NS00NjViLThiOTMt
NWI1YmViMTA1MTNiLzEvTUs3VS15VmhSTWNCalk3MXRoVW1kSm5WcTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9mMmI4NDAtMmM4NS00NjViLThiOTMtNWI1YmViMTA1MTNi
LzEvQWNTM2hOZ1dib3ZROUgxeUQ5NWZyc0ZrV3pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwWxuMA0G
CSqGSIb3DQEBCwUAA4IBAQCnBstzZ/WB5xgdSanm1GNkD1iUWKFjhh/5Icyamdul
5yC1I0E+3YIS15sZtC5nvqVK56uY1wOK/UIMG72y+rJcLaZ59QUSoJ7V69W/cp8y
RbsT7hoFCdMlFrk1r/YB95rACz1nsc/E2JOhYb6Dhrhw0Om6JI9tvVcdgmDI9pNV
LqjHKTybl+1nfqJsGs2GOA3jWv9x4iMNscUKWRNYU47ZjC7agykVUyx1TZWZGPMn
AKd5FlXWhAStc5t4+bmHZYY2lbGMcaUBEN7A9OJrS4oM09QbfiZmEGo1jsfUHK8Q
bHl0idbbZ8lTBZza+DYoW6aTnSDspBxYaaPSEEV1Q7vp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:56 2024 by rpki-client on console-fra.rpki-client.org