Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/MxAHCGzEVZk6JcTI4W9eKVEp4Uk.roa
File: MxAHCGzEVZk6JcTI4W9eKVEp4Uk.roa (raw, json)
Hash identifier: ItYTOy2660HSk8OGJzc3g+yUSIedE9bT2oa5+MMAGOY=
Subject key identifier: 33:10:07:08:6C:C4:55:99:3A:25:C4:C8:E1:6F:5E:29:51:29:E1:49
Certificate issuer: /CN=d33a620b2acc8fc30b8c4d518f9297e3f7c9a60a
Certificate serial: 01856ECB5DBE6F7F1939208B2EA0C27C9A24
Authority key identifier: D3:3A:62:0B:2A:CC:8F:C3:0B:8C:4D:51:8F:92:97:E3:F7:C9:A6:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/MxAHCGzEVZk6JcTI4W9eKVEp4Uk.roa
Signing time: Sun 01 Jan 2023 19:24:59 +0000
ROA not before: Sun 01 Jan 2023 19:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198061
IP address blocks: 194.0.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5d:be:6f:7f:19:39:20:8b:2e:a0:c2:7c:9a:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d33a620b2acc8fc30b8c4d518f9297e3f7c9a60a
Validity
Not Before: Jan 1 19:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=331007086cc455993a25c4c8e16f5e295129e149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:f4:10:46:d6:60:72:26:71:c5:24:f5:cb:
da:c1:fc:0f:02:8c:07:b9:67:78:f5:25:6e:f9:a3:
a0:2d:5c:54:a3:6a:cb:47:cd:1f:e0:ac:1d:26:49:
21:c9:1c:00:70:a1:e5:03:21:18:bb:3b:66:55:1e:
69:c3:80:ae:d5:81:1f:c4:08:0c:41:5a:af:12:65:
2a:81:77:11:39:81:b1:7d:32:c7:a8:59:0a:5e:38:
6c:51:3f:1b:a9:6b:2d:2b:16:07:6b:30:7f:94:6d:
87:06:98:90:0f:b1:8a:08:14:c1:37:df:11:eb:1a:
a6:cf:d5:9e:8d:b5:ad:4f:47:1a:ef:1a:45:35:85:
94:c2:a5:27:f7:a3:af:f6:59:9e:fa:af:58:eb:a9:
0a:eb:1d:a2:1a:0d:b6:7d:82:88:e2:1d:a5:24:e8:
bb:f7:ee:b1:e0:bf:1e:c6:6f:57:32:26:f5:cb:f2:
ff:cf:62:a3:a9:f0:37:28:7e:1d:dc:ef:d8:d8:24:
f2:f8:0f:e6:d6:6c:ce:dc:32:e6:a2:21:72:4a:0d:
37:90:a7:89:9c:33:0e:64:8c:e5:de:5e:22:f2:33:
3d:18:99:c5:ce:09:31:b0:8a:47:d3:a0:db:e0:59:
eb:b0:b4:8c:a1:29:31:a9:58:51:d4:61:07:be:f9:
3d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:10:07:08:6C:C4:55:99:3A:25:C4:C8:E1:6F:5E:29:51:29:E1:49
X509v3 Authority Key Identifier:
keyid:D3:3A:62:0B:2A:CC:8F:C3:0B:8C:4D:51:8F:92:97:E3:F7:C9:A6:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/MxAHCGzEVZk6JcTI4W9eKVEp4Uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/2a4ee3-d76d-48be-add6-78f992475e1f/1/0zpiCyrMj8MLjE1Rj5KX4_fJpgo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.191.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:bb:0f:e4:c8:d5:b9:b5:38:ff:2f:65:41:eb:e7:0d:18:14:
dc:ec:99:90:04:af:3b:4f:1d:1c:07:0e:82:2f:0a:62:d4:79:
2c:82:cb:f6:ba:64:0d:b2:d5:74:35:55:07:32:d3:93:0f:99:
2c:ff:04:d3:aa:d3:39:0a:f4:a1:26:c3:4a:69:9e:b0:f3:25:
e9:59:d3:b5:3b:59:cb:e4:de:ca:d1:5f:f6:28:5a:f2:cb:38:
e9:54:71:8c:fe:0a:a3:26:03:1f:09:03:21:c7:d1:55:7c:b9:
79:17:b4:f7:0a:2e:75:78:f6:0c:11:99:87:38:ec:df:04:c2:
96:9e:66:ba:79:c6:5f:83:d2:40:5c:71:ff:98:70:72:5f:2f:
de:82:2a:7f:b3:db:b5:b0:e0:1b:ad:2d:2f:7f:4c:ea:f6:d4:
5a:48:59:b1:02:af:44:72:bd:7c:1f:a5:2b:2d:bf:46:bc:54:
d3:83:e2:28:23:1e:e4:34:5f:c9:69:0c:1b:62:65:25:a4:05:
2d:bd:a7:96:d1:3e:db:66:36:e3:db:a1:70:2c:25:a7:70:ed:
f4:ca:cd:d5:c3:dd:b2:60:96:3c:23:47:2f:33:69:c8:6d:8a:
4b:90:bf:f1:91:42:1a:c7:03:52:84:70:d2:fc:d8:d2:df:02:
d9:24:64:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy12+b38ZOSCLLqDCfJokMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzM2E2MjBiMmFjYzhmYzMwYjhjNGQ1MThmOTI5N2UzZjdj
OWE2MGEwHhcNMjMwMTAxMTkyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzEwMDcwODZjYzQ1NTk5M2EyNWM0YzhlMTZmNWUyOTUxMjllMTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGb0EEbWYHImccUk9cvawfwPAowH
uWd49SVu+aOgLVxUo2rLR80f4KwdJkkhyRwAcKHlAyEYuztmVR5pw4Cu1YEfxAgM
QVqvEmUqgXcROYGxfTLHqFkKXjhsUT8bqWstKxYHazB/lG2HBpiQD7GKCBTBN98R
6xqmz9WejbWtT0ca7xpFNYWUwqUn96Ov9lme+q9Y66kK6x2iGg22fYKI4h2lJOi7
9+6x4L8exm9XMib1y/L/z2KjqfA3KH4d3O/Y2CTy+A/m1mzO3DLmoiFySg03kKeJ
nDMOZIzl3l4i8jM9GJnFzgkxsIpH06Db4FnrsLSMoSkxqVhR1GEHvvk9hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDMQBwhsxFWZOiXEyOFvXilRKeFJMB8GA1UdIwQY
MBaAFNM6YgsqzI/DC4xNUY+Sl+P3yaYKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpwaUN5ck1qOE1MakUxUmo1S1g0X2ZKcGdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8yYTRlZTMtZDc2ZC00OGJlLWFkZDYt
NzhmOTkyNDc1ZTFmLzEvTXhBSENHekVWWms2SmNUSTRXOWVLVkVwNFVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8yYTRlZTMtZDc2ZC00OGJlLWFkZDYtNzhmOTkyNDc1ZTFm
LzEvMHpwaUN5ck1qOE1MakUxUmo1S1g0X2ZKcGdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgC/MA0G
CSqGSIb3DQEBCwUAA4IBAQB/uw/kyNW5tTj/L2VB6+cNGBTc7JmQBK87Tx0cBw6C
Lwpi1Hksgsv2umQNstV0NVUHMtOTD5ks/wTTqtM5CvShJsNKaZ6w8yXpWdO1O1nL
5N7K0V/2KFryyzjpVHGM/gqjJgMfCQMhx9FVfLl5F7T3Ci51ePYMEZmHOOzfBMKW
nma6ecZfg9JAXHH/mHByXy/egip/s9u1sOAbrS0vf0zq9tRaSFmxAq9Ecr18H6Ur
Lb9GvFTTg+IoIx7kNF/JaQwbYmUlpAUtvaeW0T7bZjbj26FwLCWncO30ys3Vw92y
YJY8I0cvM2nIbYpLkL/xkUIaxwNShHDS/NjS3wLZJGQZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:50 2024 by rpki-client on console-fra.rpki-client.org