Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MqFMkwhPul6p5TyMmKFM0Emn5pA.roa
File: MqFMkwhPul6p5TyMmKFM0Emn5pA.roa (raw, json)
Hash identifier: 5Czep0GPVFGBoGdYmLhnl51VwZ7krelrbsl4efTYUuo=
Subject key identifier: 32:A1:4C:93:08:4F:BA:5E:A9:E5:3C:8C:98:A1:4C:D0:49:A7:E6:90
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01877C845C0CF11ADF66B94F24A82B7040CF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MqFMkwhPul6p5TyMmKFM0Emn5pA.roa
Signing time: Thu 13 Apr 2023 21:27:41 +0000
ROA not before: Thu 13 Apr 2023 21:27:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 62.76.235.0/24 maxlen: 24
194.87.36.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:84:5c:0c:f1:1a:df:66:b9:4f:24:a8:2b:70:40:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Apr 13 21:27:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32a14c93084fba5ea9e53c8c98a14cd049a7e690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:22:0e:f9:3a:c9:f1:e6:bf:a2:b2:ca:d7:75:
d7:90:0d:d2:70:d0:ea:42:15:c6:b1:ab:33:0e:77:
9c:07:bf:b9:20:19:ce:e0:ff:dd:fc:54:18:d8:4f:
2e:d9:31:e1:9b:82:88:1d:1c:1e:ce:bd:9a:bc:dd:
4d:6f:66:85:41:ee:9d:01:71:a6:8f:66:0d:6b:78:
bd:50:4e:d2:d8:7b:ed:d9:35:81:0a:f7:61:7f:ab:
3d:66:1f:68:64:7b:dc:81:97:18:ec:29:9b:02:2a:
eb:a6:d1:66:d3:89:8a:48:a9:ac:9f:85:35:e1:56:
be:68:ed:e1:e1:b1:7a:9d:f3:91:c9:1a:e3:99:4f:
00:2f:6f:cf:3e:76:fb:de:82:27:5b:35:63:92:48:
1f:36:f3:fd:b6:c0:a0:b7:0b:cb:20:f2:32:12:67:
50:be:ff:d8:b9:a1:33:69:ab:0e:5e:05:a0:9c:02:
d1:db:43:c0:39:48:dd:8c:46:ff:3f:7d:f8:40:43:
e5:47:b2:4f:8b:fb:e9:0f:d6:8b:b8:8e:c6:33:93:
bd:a2:37:18:2e:42:52:39:6e:b6:23:c5:c7:c4:4f:
66:63:f9:56:63:64:77:44:ac:75:29:06:44:08:26:
d2:55:4b:cc:f6:79:8d:22:00:0e:6e:f4:e2:2a:80:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:A1:4C:93:08:4F:BA:5E:A9:E5:3C:8C:98:A1:4C:D0:49:A7:E6:90
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MqFMkwhPul6p5TyMmKFM0Emn5pA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.235.0/24
194.87.36.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ca:76:cb:af:a4:40:08:a0:cc:87:1b:8e:fc:f3:ea:aa:18:
bb:36:6c:cb:c8:05:9f:36:79:c3:96:aa:23:0b:51:98:9b:0e:
cc:b6:f0:64:b0:16:c4:f8:12:8b:ab:4b:49:d7:1f:d2:51:30:
ef:37:9b:b9:26:51:f0:92:c6:29:8d:62:10:1e:3b:b8:2b:df:
95:cf:f4:bc:ea:69:7e:5f:22:ac:5a:a9:3c:c4:87:db:58:6c:
2f:71:05:6f:7e:99:2b:89:19:1f:9d:bc:ef:c1:52:8d:2a:30:
c9:02:34:75:d2:70:c3:88:0b:27:47:ea:06:30:a1:f1:b6:ad:
1a:07:18:2b:ca:a6:9e:f1:5c:2b:31:99:4a:d7:cf:ab:96:b3:
cf:22:4a:ac:3b:50:86:a0:d4:2e:44:96:f0:9c:c2:e2:bc:81:
8a:c7:25:31:6e:4d:c1:b3:df:0a:cb:72:1d:6f:8e:c3:9f:96:
2f:04:49:46:13:5c:b5:ed:6d:34:19:a6:30:1a:77:e0:ac:37:
fd:6c:9f:eb:b9:53:40:18:ab:91:dc:56:c9:9c:26:5f:75:b2:
5b:5e:05:52:50:41:1a:34:14:3f:bf:88:28:4d:72:26:25:6d:
86:a3:33:05:22:bc:64:20:d9:55:36:c0:d6:5e:93:ae:67:82:
5a:d5:d3:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYd8hFwM8RrfZrlPJKgrcEDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNDEzMjEyNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmExNGM5MzA4NGZiYTVlYTllNTNjOGM5OGExNGNkMDQ5YTdlNjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7yIO+TrJ8ea/orLK13XXkA3ScNDq
QhXGsaszDnecB7+5IBnO4P/d/FQY2E8u2THhm4KIHRwezr2avN1Nb2aFQe6dAXGm
j2YNa3i9UE7S2Hvt2TWBCvdhf6s9Zh9oZHvcgZcY7CmbAirrptFm04mKSKmsn4U1
4Va+aO3h4bF6nfORyRrjmU8AL2/PPnb73oInWzVjkkgfNvP9tsCgtwvLIPIyEmdQ
vv/YuaEzaasOXgWgnALR20PAOUjdjEb/P334QEPlR7JPi/vpD9aLuI7GM5O9ojcY
LkJSOW62I8XHxE9mY/lWY2R3RKx1KQZECCbSVUvM9nmNIgAObvTiKoCywwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKhTJMIT7peqeU8jJihTNBJp+aQMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTXFGTWt3aFB1bDZwNVR5TW1LRk0wRW1uNXBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkzrAwQA
wlckMA0GCSqGSIb3DQEBCwUAA4IBAQAkynbLr6RACKDMhxuO/PPqqhi7NmzLyAWf
NnnDlqojC1GYmw7MtvBksBbE+BKLq0tJ1x/SUTDvN5u5JlHwksYpjWIQHju4K9+V
z/S86ml+XyKsWqk8xIfbWGwvcQVvfpkriRkfnbzvwVKNKjDJAjR10nDDiAsnR+oG
MKHxtq0aBxgryqae8VwrMZlK18+rlrPPIkqsO1CGoNQuRJbwnMLivIGKxyUxbk3B
s98Ky3Idb47Dn5YvBElGE1y17W00GaYwGnfgrDf9bJ/ruVNAGKuR3FbJnCZfdbJb
XgVSUEEaNBQ/v4goTXImJW2GozMFIrxkINlVNsDWXpOuZ4Ja1dOf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:01 2023 by rpki-client on console-fra.rpki-client.org