Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/3-MMUyJHq1OZIscpJy6qxwMQTk8.roa
File: 3-MMUyJHq1OZIscpJy6qxwMQTk8.roa (raw, json)
Hash identifier: Y1ikpkcS/cVtS7NnJXAfd34AXJV8zomsAXQc9MH6LFY=
Subject key identifier: DF:E3:0C:53:22:47:AB:53:99:22:C7:29:27:2E:AA:C7:03:10:4E:4F
Certificate issuer: /CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Certificate serial: 018B8123A081D32A66C08E5C03AD96D6258A
Authority key identifier: F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/3-MMUyJHq1OZIscpJy6qxwMQTk8.roa
Signing time: Mon 30 Oct 2023 15:11:17 +0000
ROA not before: Mon 30 Oct 2023 15:11:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207829
IP address blocks: 91.198.170.0/23 maxlen: 23
2a0b:c140::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Oct 2023 15:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:81:23:a0:81:d3:2a:66:c0:8e:5c:03:ad:96:d6:25:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Validity
Not Before: Oct 30 15:11:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfe30c532247ab539922c729272eaac703104e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dc:c0:48:17:38:5a:5b:77:60:75:c6:a1:72:
c1:45:db:6c:cd:7b:b7:84:b6:06:70:28:a5:16:d3:
e1:b6:9e:64:a5:0a:a6:64:0a:61:59:2d:42:42:3c:
fb:c3:8e:04:6d:da:a1:8b:9e:e1:a6:3c:9c:8e:e9:
f3:e2:3e:bd:9d:3a:bf:ca:08:c9:4d:d7:51:86:3d:
04:ee:06:b5:ee:0c:ef:1b:e1:54:71:0b:26:e3:a3:
2d:81:4a:f4:c7:dd:bd:5c:77:d9:2d:49:e7:d5:8d:
a6:43:30:e1:58:c0:1b:ce:28:3c:24:aa:2e:0b:4f:
54:57:59:55:28:fb:b5:4a:4f:96:2c:8c:4e:96:2a:
fd:b3:b7:77:a8:ff:c1:f2:ac:44:45:6f:e3:e0:61:
67:21:14:c8:54:3d:b1:43:de:07:09:85:95:84:97:
b4:8b:c1:52:3c:1c:1b:5e:85:da:98:12:c7:71:cf:
b5:02:bf:5e:a6:0c:2f:b6:55:7c:35:f7:9d:98:8c:
6e:45:b9:3c:70:3c:a7:97:33:88:82:e8:3e:26:5a:
73:42:36:9c:d3:64:a7:e2:61:ee:61:db:34:31:b9:
a1:4b:10:60:2a:dd:f3:1f:63:6f:7b:03:69:58:c5:
a4:64:01:37:07:a5:d2:cf:a6:22:d3:69:55:17:fc:
ca:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:E3:0C:53:22:47:AB:53:99:22:C7:29:27:2E:AA:C7:03:10:4E:4F
X509v3 Authority Key Identifier:
keyid:F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/3-MMUyJHq1OZIscpJy6qxwMQTk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
IPv6:
2a0b:c140::/32
Signature Algorithm: sha256WithRSAEncryption
b0:db:8e:fd:2c:9a:2b:b6:64:cb:33:45:cd:e0:66:c7:1e:1e:
37:25:ed:b8:0b:df:36:31:25:ba:c0:d3:cc:c1:fd:0d:57:54:
dc:80:cc:34:7a:65:d6:55:56:b9:4c:58:8d:8f:57:5c:b6:4f:
18:4c:83:bc:e0:a0:f7:af:be:4e:4a:48:fb:4f:6c:d0:a9:bf:
45:9b:23:78:da:f0:3a:7f:9e:44:82:4e:8b:2d:ed:c0:2e:e9:
20:ff:e9:d6:3d:cb:1c:d1:c2:6f:ab:3c:4a:6a:62:2f:ea:9f:
11:19:b5:08:fb:23:5a:f8:a9:47:f1:d9:3a:6a:f5:a6:cb:e3:
72:de:ca:55:30:51:f2:21:a4:89:51:d7:18:1c:8f:68:3a:ae:
56:08:f2:5a:5d:db:61:a4:8e:43:7a:55:c6:2c:ed:6f:03:2d:
30:ea:76:ac:c6:fb:2f:1d:84:79:5a:99:69:8b:04:a8:a7:b6:
80:8c:c9:bd:35:38:2b:ac:f5:13:c9:a5:06:b8:97:56:88:18:
64:fa:d9:d6:ba:7c:20:dc:c1:3a:cf:66:32:c6:c8:70:da:77:
7c:e6:96:6f:7d:cd:1d:cf:d8:e5:19:9a:b4:a5:83:9f:ad:df:
e9:71:96:13:5e:83:fa:56:a6:61:30:f5:11:3b:24:e7:aa:36:
55:19:d1:4b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYuBI6CB0ypmwI5cA62W1iWKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTMyZDIxMjlhMzg2YzlhMGFmZGJiOTE1ZTBkYmYxMzBi
YTcwZDUwHhcNMjMxMDMwMTUxMTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmUzMGM1MzIyNDdhYjUzOTkyMmM3MjkyNzJlYWFjNzAzMTA0ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9zASBc4Wlt3YHXGoXLBRdtszXu3
hLYGcCilFtPhtp5kpQqmZAphWS1CQjz7w44Ebdqhi57hpjycjunz4j69nTq/ygjJ
TddRhj0E7ga17gzvG+FUcQsm46MtgUr0x929XHfZLUnn1Y2mQzDhWMAbzig8JKou
C09UV1lVKPu1Sk+WLIxOlir9s7d3qP/B8qxERW/j4GFnIRTIVD2xQ94HCYWVhJe0
i8FSPBwbXoXamBLHcc+1Ar9epgwvtlV8NfedmIxuRbk8cDynlzOIgug+JlpzQjac
02Sn4mHuYds0MbmhSxBgKt3zH2NvewNpWMWkZAE3B6XSz6Yi02lVF/zKHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN/jDFMiR6tTmSLHKScuqscDEE5PMB8GA1UdIwQY
MBaAFPCjLSEpo4bJoK/buRXg2/EwunDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYt
MmYwODM4MGFlNmM3LzEvMy1NTVV5SkhxMU9aSXNjcEp5NnF4d01RVGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYtMmYwODM4MGFlNmM3
LzEvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8aqMA0E
AgACMAcDBQAqC8FAMA0GCSqGSIb3DQEBCwUAA4IBAQCw2479LJortmTLM0XN4GbH
Hh43Je24C982MSW6wNPMwf0NV1TcgMw0emXWVVa5TFiNj1dctk8YTIO84KD3r75O
Skj7T2zQqb9FmyN42vA6f55Egk6LLe3ALukg/+nWPcsc0cJvqzxKamIv6p8RGbUI
+yNa+KlH8dk6avWmy+Ny3spVMFHyIaSJUdcYHI9oOq5WCPJaXdthpI5DelXGLO1v
Ay0w6nasxvsvHYR5WplpiwSop7aAjMm9NTgrrPUTyaUGuJdWiBhk+tnWunwg3ME6
z2Yyxshw2nd85pZvfc0dz9jlGZq0pYOfrd/pcZYTXoP6VqZhMPUROyTnqjZVGdFL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:49 2024 by rpki-client on console-fra.rpki-client.org