Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/MhAKYYNf5xowwTuiTHHGADGoXwM.roa
File: MhAKYYNf5xowwTuiTHHGADGoXwM.roa (raw, json)
Hash identifier: NcPHxTpTvBs8px1tohf+v4Bn6n+pYfnLBoemvZEQsxM=
Subject key identifier: 32:10:0A:61:83:5F:E7:1A:30:C1:3B:A2:4C:71:C6:00:31:A8:5F:03
Certificate issuer: /CN=0b5a5eca6cd38e921b5a14570854adb4a3b69238
Certificate serial: 0188104137909994430CDB2EE81BD523A7E7
Authority key identifier: 0B:5A:5E:CA:6C:D3:8E:92:1B:5A:14:57:08:54:AD:B4:A3:B6:92:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1peymzTjpIbWhRXCFSttKO2kjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/MhAKYYNf5xowwTuiTHHGADGoXwM.roa
Signing time: Fri 12 May 2023 13:58:09 +0000
ROA not before: Fri 12 May 2023 13:58:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1930
IP address blocks: 192.153.13.0/24 maxlen: 24
192.147.155.0/24 maxlen: 24
192.92.135.0/24 maxlen: 24
192.82.214.0/24 maxlen: 24
192.133.108.0/24 maxlen: 24
192.26.239.0/24 maxlen: 24
192.207.196.0/24 maxlen: 24
192.94.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:41:37:90:99:94:43:0c:db:2e:e8:1b:d5:23:a7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5a5eca6cd38e921b5a14570854adb4a3b69238
Validity
Not Before: May 12 13:58:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32100a61835fe71a30c13ba24c71c60031a85f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:90:54:db:55:19:06:62:89:71:79:4f:f9:63:
99:27:69:36:06:d5:3d:88:1c:59:54:1a:88:4d:ef:
d5:e9:75:98:35:75:16:7a:cc:75:a8:66:44:2d:7d:
b8:cf:37:a5:78:8f:68:d9:82:31:f5:83:03:61:e7:
00:de:52:fb:fe:3b:89:65:75:21:2f:9e:b4:0d:a7:
51:ef:62:b0:1c:63:f7:2d:4d:af:04:a0:19:77:88:
99:fd:a1:c0:21:4c:ae:35:fa:b7:70:2e:28:16:a3:
bd:4a:9c:06:1e:02:9e:0f:d0:73:2d:68:d6:e7:57:
a4:22:a3:29:69:65:74:72:22:2a:46:52:d0:91:cd:
05:d4:eb:04:82:64:67:61:94:12:ff:31:a3:92:61:
a3:c3:91:60:36:ea:ce:e9:fe:29:85:8e:da:10:6e:
be:fa:1e:6b:9d:ab:92:4b:b2:f4:ca:2e:3e:b8:96:
29:87:a6:d6:1f:f5:e0:f5:27:43:3f:a7:70:1b:01:
53:94:a9:dc:ab:99:96:31:49:c3:cd:3b:84:2a:c1:
fb:e1:d9:b9:9e:3f:36:d2:07:b8:18:aa:21:61:09:
57:a6:24:b2:6c:97:9b:86:66:25:bc:90:64:c3:59:
d9:3e:57:a7:0b:cf:c1:5a:85:46:b2:57:bf:bf:1a:
2b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:10:0A:61:83:5F:E7:1A:30:C1:3B:A2:4C:71:C6:00:31:A8:5F:03
X509v3 Authority Key Identifier:
keyid:0B:5A:5E:CA:6C:D3:8E:92:1B:5A:14:57:08:54:AD:B4:A3:B6:92:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1peymzTjpIbWhRXCFSttKO2kjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/MhAKYYNf5xowwTuiTHHGADGoXwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/dc4e4d-ae22-4147-ac87-e0d914c1cb50/1/C1peymzTjpIbWhRXCFSttKO2kjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.26.239.0/24
192.82.214.0/24
192.92.135.0/24
192.94.24.0/24
192.133.108.0/24
192.147.155.0/24
192.153.13.0/24
192.207.196.0/24
Signature Algorithm: sha256WithRSAEncryption
33:f4:eb:e9:80:08:7a:1a:35:fe:de:ea:f9:82:f4:98:04:05:
f2:7b:c4:22:32:f7:63:7b:9a:d0:27:d0:46:5e:74:a4:1f:fb:
1a:c4:94:ff:7c:2f:a2:b4:b2:e7:1a:a0:25:7b:8b:7b:2e:c2:
2e:af:aa:46:95:6f:48:f5:f5:6b:25:04:b3:63:00:5d:32:2e:
73:1e:03:f7:90:7d:46:5a:ec:4c:69:73:9a:ad:e5:27:c8:fb:
c2:48:fb:ee:b5:f7:40:12:0d:b4:e8:7a:06:9c:ba:4c:1f:7e:
a0:cc:58:9b:19:ab:08:70:5d:1c:0a:34:c9:b8:b2:f3:c9:4c:
66:52:60:76:31:ae:ab:3f:4d:41:61:89:d0:d0:21:e7:f8:7e:
59:96:6e:0f:1d:07:c5:75:bd:79:91:0b:51:9c:7a:54:d7:e2:
80:40:cc:6c:8f:f0:dc:4f:6f:77:17:25:9d:66:2d:db:07:89:
60:7a:11:c0:38:b8:93:0c:ea:04:08:c6:77:04:d8:46:f5:95:
7b:67:c8:f3:66:8f:68:6d:5a:12:1a:be:03:a7:8e:aa:1c:7f:
a1:6d:ef:a7:0d:85:f7:3d:35:85:a2:b5:16:09:86:d7:a3:43:
4d:e7:4a:b4:3d:c4:54:b4:24:b4:89:60:dd:82:17:3e:54:90:
35:8e:b1:e2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYgQQTeQmZRDDNsu6BvVI6fnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWE1ZWNhNmNkMzhlOTIxYjVhMTQ1NzA4NTRhZGI0YTNi
NjkyMzgwHhcNMjMwNTEyMTM1ODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEwMGE2MTgzNWZlNzFhMzBjMTNiYTI0YzcxYzYwMDMxYTg1ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5BU21UZBmKJcXlP+WOZJ2k2BtU9
iBxZVBqITe/V6XWYNXUWesx1qGZELX24zzeleI9o2YIx9YMDYecA3lL7/juJZXUh
L560DadR72KwHGP3LU2vBKAZd4iZ/aHAIUyuNfq3cC4oFqO9SpwGHgKeD9BzLWjW
51ekIqMpaWV0ciIqRlLQkc0F1OsEgmRnYZQS/zGjkmGjw5FgNurO6f4phY7aEG6+
+h5rnauSS7L0yi4+uJYph6bWH/Xg9SdDP6dwGwFTlKncq5mWMUnDzTuEKsH74dm5
nj820ge4GKohYQlXpiSybJebhmYlvJBkw1nZPlenC8/BWoVGsle/vxor3QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDIQCmGDX+caMME7okxxxgAxqF8DMB8GA1UdIwQY
MBaAFAtaXsps046SG1oUVwhUrbSjtpI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFwZXltelRqcEliV2hSWENGU3R0S08ya2pnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kYzRlNGQtYWUyMi00MTQ3LWFjODct
ZTBkOTE0YzFjYjUwLzEvTWhBS1lZTmY1eG93d1R1aVRISEdBREdvWHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kYzRlNGQtYWUyMi00MTQ3LWFjODctZTBkOTE0YzFjYjUw
LzEvQzFwZXltelRqcEliV2hSWENGU3R0S08ya2pnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwBrvAwQA
wFLWAwQAwFyHAwQAwF4YAwQAwIVsAwQAwJObAwQAwJkNAwQAwM/EMA0GCSqGSIb3
DQEBCwUAA4IBAQAz9OvpgAh6GjX+3ur5gvSYBAXye8QiMvdje5rQJ9BGXnSkH/sa
xJT/fC+itLLnGqAle4t7LsIur6pGlW9I9fVrJQSzYwBdMi5zHgP3kH1GWuxMaXOa
reUnyPvCSPvutfdAEg206HoGnLpMH36gzFibGasIcF0cCjTJuLLzyUxmUmB2Ma6r
P01BYYnQ0CHn+H5Zlm4PHQfFdb15kQtRnHpU1+KAQMxsj/DcT293FyWdZi3bB4lg
ehHAOLiTDOoECMZ3BNhG9ZV7Z8jzZo9obVoSGr4Dp46qHH+hbe+nDYX3PTWForUW
CYbXo0NN50q0PcRUtCS0iWDdghc+VJA1jrHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:12 2024 by rpki-client on console-fra.rpki-client.org