Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mmopgDv9sqPrFs9LWVq4onbw85o.roa
File: mmopgDv9sqPrFs9LWVq4onbw85o.roa (raw, json)
Hash identifier: XqWvjxKIEZ01lby54a9cUC7WnukbY0iu75JPeeDDHCo=
Subject key identifier: 9A:6A:29:80:3B:FD:B2:A3:EB:16:CF:4B:59:5A:B8:A2:76:F0:F3:9A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189AB6BDC08D64A45C0EC718569D64B3887
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mmopgDv9sqPrFs9LWVq4onbw85o.roa
Signing time: Mon 31 Jul 2023 10:08:39 +0000
ROA not before: Mon 31 Jul 2023 10:08:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 194.87.136.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 10:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:6b:dc:08:d6:4a:45:c0:ec:71:85:69:d6:4b:38:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 31 10:08:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a6a29803bfdb2a3eb16cf4b595ab8a276f0f39a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:60:0a:05:0a:09:a9:9e:bf:46:0a:70:27:
3b:17:26:e6:c3:b8:e2:50:4c:67:11:a4:ed:ce:97:
8d:b5:d2:48:c9:dc:9a:7a:88:74:dd:74:57:86:26:
7e:87:40:9e:b1:1e:a3:8c:a2:fa:5e:31:8b:19:d7:
d9:5b:28:47:0c:fe:e5:f8:a7:cd:7e:3c:43:b6:bd:
2f:c0:f5:dd:24:8d:64:27:40:89:b8:64:99:7e:af:
13:f1:0b:d6:63:a9:8a:0d:db:ab:18:e0:08:62:61:
d9:93:32:52:5e:f8:e2:b0:83:3f:36:8c:2b:8c:6c:
67:0d:fc:79:ee:38:1b:34:dc:30:98:97:56:c6:40:
83:5f:68:03:c6:33:16:5e:75:87:42:77:32:8e:e1:
19:87:26:83:77:b7:80:d3:4f:05:69:ae:a2:f8:68:
2f:63:7b:9c:3c:3c:7b:35:30:ff:4e:70:bc:75:02:
4c:d3:35:5a:a1:d4:11:eb:61:dc:73:fe:1a:46:04:
a1:5f:2a:06:64:c0:e2:36:29:12:8b:a9:b0:7b:81:
9a:d7:75:08:4c:2c:db:b5:87:b1:cb:8c:db:a6:46:
9a:ab:c8:4f:c8:51:ce:6c:47:08:45:13:0a:4f:1f:
f6:9f:c3:71:91:99:21:7f:60:cd:4e:98:67:37:6b:
74:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:6A:29:80:3B:FD:B2:A3:EB:16:CF:4B:59:5A:B8:A2:76:F0:F3:9A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mmopgDv9sqPrFs9LWVq4onbw85o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.58.43.0/24
194.87.136.0/24
Signature Algorithm: sha256WithRSAEncryption
12:89:32:54:ec:31:65:c3:22:bf:e2:6b:20:52:19:7e:db:75:
70:4a:7c:4c:4f:f9:71:35:cf:e5:5f:b2:66:18:84:d2:f2:48:
ba:1c:75:ab:ce:fe:1f:b1:bf:8e:3e:bf:8a:a1:86:b5:a0:72:
21:68:10:5f:69:25:ad:08:d6:27:d4:fb:95:68:10:d5:7e:a3:
59:81:57:26:ad:ca:8e:92:a9:e5:34:9c:33:da:eb:5f:6f:4b:
a9:d5:31:a9:43:53:d9:6d:3d:70:d5:88:4f:71:8b:60:ac:cc:
b5:7c:b9:48:82:1f:d1:ef:08:f7:9c:d9:31:06:75:97:d8:fb:
11:d6:e1:6c:e7:51:74:8c:46:1d:f7:38:64:50:87:84:18:70:
98:ba:ea:c3:6d:e7:70:c8:a8:78:7f:2d:92:32:72:b1:26:ac:
f4:03:aa:23:ef:e8:0f:b3:50:0a:62:d1:39:78:01:2a:cc:3a:
1b:8d:21:ec:b9:07:8e:2a:8b:42:b5:7e:a2:e4:c8:85:31:87:
43:55:72:ce:43:60:a1:a5:0f:7e:2e:33:cd:d1:1e:2f:c6:f0:
4c:bc:5b:23:f3:84:81:ec:37:80:7b:e8:29:3d:c3:87:bc:c9:
b6:94:23:d9:7b:9b:5c:f5:0c:28:2b:ad:79:d0:9d:37:5e:f7:
b7:aa:e5:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYmra9wI1kpFwOxxhWnWSziHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzMxMTAwODM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTZhMjk4MDNiZmRiMmEzZWIxNmNmNGI1OTVhYjhhMjc2ZjBmMzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCFgCgUKCamev0YKcCc7Fybmw7ji
UExnEaTtzpeNtdJIydyaeoh03XRXhiZ+h0CesR6jjKL6XjGLGdfZWyhHDP7l+KfN
fjxDtr0vwPXdJI1kJ0CJuGSZfq8T8QvWY6mKDdurGOAIYmHZkzJSXvjisIM/Nowr
jGxnDfx57jgbNNwwmJdWxkCDX2gDxjMWXnWHQncyjuEZhyaDd7eA008Faa6i+Ggv
Y3ucPDx7NTD/TnC8dQJM0zVaodQR62Hcc/4aRgShXyoGZMDiNikSi6mwe4Ga13UI
TCzbtYexy4zbpkaaq8hPyFHObEcIRRMKTx/2n8NxkZkhf2DNTphnN2t0rQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJpqKYA7/bKj6xbPS1lauKJ28POaMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbW1vcGdEdjlzcVByRnM5TFdWcTRvbmJ3ODVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwjorAwQA
wleIMA0GCSqGSIb3DQEBCwUAA4IBAQASiTJU7DFlwyK/4msgUhl+23VwSnxMT/lx
Nc/lX7JmGITS8ki6HHWrzv4fsb+OPr+KoYa1oHIhaBBfaSWtCNYn1PuVaBDVfqNZ
gVcmrcqOkqnlNJwz2utfb0up1TGpQ1PZbT1w1YhPcYtgrMy1fLlIgh/R7wj3nNkx
BnWX2PsR1uFs51F0jEYd9zhkUIeEGHCYuurDbedwyKh4fy2SMnKxJqz0A6oj7+gP
s1AKYtE5eAEqzDobjSHsuQeOKotCtX6i5MiFMYdDVXLOQ2ChpQ9+LjPN0R4vxvBM
vFsj84SB7DeAe+gpPcOHvMm2lCPZe5tc9QwoK6150J03Xve3quWf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:45 2024 by rpki-client on console-ams.rpki-client.org