Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/MzFiOTVqft_5tqSqQh7nKeR-KCc.roa
File: MzFiOTVqft_5tqSqQh7nKeR-KCc.roa (raw, json)
Hash identifier: CNhcIcIHioKnSZLwm37gdCyNxlnZgMWGN8F8HD0kc5w=
Subject key identifier: 33:31:62:39:35:6A:7E:DF:F9:B6:A4:AA:42:1E:E7:29:E4:7E:28:27
Certificate issuer: /CN=04747b565844e3e2fc712fab5be85924aac58643
Certificate serial: 01856C1CBFA3C6AF535C942BD1632CE60394
Authority key identifier: 04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/MzFiOTVqft_5tqSqQh7nKeR-KCc.roa
Signing time: Sun 01 Jan 2023 06:55:01 +0000
ROA not before: Sun 01 Jan 2023 06:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50392
IP address blocks: 176.121.13.0/24 maxlen: 24
176.121.15.0/24 maxlen: 24
193.106.144.0/22 maxlen: 24
91.237.244.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:bf:a3:c6:af:53:5c:94:2b:d1:63:2c:e6:03:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04747b565844e3e2fc712fab5be85924aac58643
Validity
Not Before: Jan 1 06:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33316239356a7edff9b6a4aa421ee729e47e2827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:68:32:7b:19:fa:30:05:45:88:a0:02:ea:ba:
a2:cf:10:27:a8:79:2e:77:a0:66:bd:07:86:dc:aa:
c3:6f:f0:e7:b4:09:d0:15:e1:aa:60:4a:f4:27:83:
6a:fb:21:77:a6:04:12:e4:de:34:23:d7:7c:b7:29:
c5:57:ae:23:f6:e7:56:fc:14:d2:b1:04:22:b3:e9:
d5:5d:40:2a:17:2d:f4:e8:01:0d:f1:f2:28:98:0b:
9f:5d:64:11:fa:64:75:f5:47:cf:91:d9:7b:15:e3:
68:19:43:4b:cb:67:21:02:de:04:e2:71:d9:ff:f4:
ba:c1:2e:a1:ee:a5:d5:8f:84:a5:91:a9:33:c8:e9:
a5:ce:6b:fd:80:b7:bf:95:e6:16:33:03:38:e1:4b:
99:f2:52:3d:df:b2:cc:46:6a:c4:a7:b0:56:b8:89:
a7:08:63:5f:5d:3a:48:56:ff:b2:b0:b2:ef:26:97:
90:98:b8:d0:45:d8:9e:0b:0a:42:07:f5:6b:8c:b5:
a6:85:33:93:7d:e8:9f:60:f5:99:fc:f2:ac:13:23:
84:c3:d3:b6:2f:8b:b1:76:f9:1f:dd:a4:c1:a4:1e:
28:46:06:20:10:61:ad:c8:6d:4a:39:2c:03:a4:8a:
7a:32:3c:71:7d:67:d8:b8:5a:01:6d:ad:57:4c:a9:
a2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:31:62:39:35:6A:7E:DF:F9:B6:A4:AA:42:1E:E7:29:E4:7E:28:27
X509v3 Authority Key Identifier:
keyid:04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/MzFiOTVqft_5tqSqQh7nKeR-KCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/BHR7VlhE4-L8cS-rW-hZJKrFhkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.244.0/22
176.121.13.0/24
176.121.15.0/24
193.106.144.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:e4:51:4c:51:6e:10:9a:f8:7d:ab:4c:78:f0:23:ed:85:2b:
a3:24:24:3a:b2:20:6e:99:5c:77:a2:1e:9e:a0:5b:e1:c7:ed:
34:fd:0f:97:bd:e4:dd:c5:bd:a5:c0:44:49:a1:4e:8c:b4:23:
07:95:60:a8:92:2e:54:ed:c9:e0:0c:ef:d0:f9:26:d1:15:5d:
89:9f:f0:fe:f2:a9:19:41:a6:b4:3b:77:9f:38:f2:22:fe:7f:
ba:bc:25:af:12:f2:5a:fa:be:4e:ee:da:68:db:13:cf:af:81:
57:72:ae:4a:40:f3:e9:1f:c2:d5:36:38:d7:24:d1:84:f5:a6:
5a:5c:09:b6:66:7a:ed:b4:61:e8:bd:ee:3c:05:af:fa:8f:91:
65:6c:7b:d3:c5:e6:74:79:b9:07:36:0c:80:f2:94:d0:a0:47:
f4:a7:d8:88:a8:28:ca:be:a0:c6:a1:4e:64:1f:ee:5f:22:c8:
35:00:77:62:cb:f7:f6:a6:b2:d2:c4:c0:30:b1:3c:9d:c8:f0:
9f:84:dd:d0:eb:4c:63:dc:ba:46:33:18:89:90:c2:c8:07:16:
d5:df:d4:40:3e:ed:8d:64:2d:99:7e:4d:0a:77:a5:4e:09:fb:
3c:50:d8:35:80:8a:c9:21:eb:b5:04:06:06:5e:20:b6:7d:24:
46:0d:10:23
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVsHL+jxq9TXJQr0WMs5gOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NzQ3YjU2NTg0NGUzZTJmYzcxMmZhYjViZTg1OTI0YWFj
NTg2NDMwHhcNMjMwMTAxMDY1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzMxNjIzOTM1NmE3ZWRmZjliNmE0YWE0MjFlZTcyOWU0N2UyODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2gyexn6MAVFiKAC6rqizxAnqHku
d6BmvQeG3KrDb/DntAnQFeGqYEr0J4Nq+yF3pgQS5N40I9d8tynFV64j9udW/BTS
sQQis+nVXUAqFy306AEN8fIomAufXWQR+mR19UfPkdl7FeNoGUNLy2chAt4E4nHZ
//S6wS6h7qXVj4SlkakzyOmlzmv9gLe/leYWMwM44UuZ8lI937LMRmrEp7BWuImn
CGNfXTpIVv+ysLLvJpeQmLjQRdieCwpCB/VrjLWmhTOTfeifYPWZ/PKsEyOEw9O2
L4uxdvkf3aTBpB4oRgYgEGGtyG1KOSwDpIp6MjxxfWfYuFoBba1XTKmi9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDMxYjk1an7f+bakqkIe5ynkfignMB8GA1UdIwQY
MBaAFAR0e1ZYROPi/HEvq1voWSSqxYZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkhSN1ZsaEU0LUw4Y1MtclctaFpKS3JGaGtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82NDgwMGItNTRjYy00MGYyLWE3ZWQt
OTdiMjE1N2NiYWQxLzEvTXpGaU9UVnFmdF81dHFTcVFoN25LZVItS0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82NDgwMGItNTRjYy00MGYyLWE3ZWQtOTdiMjE1N2NiYWQx
LzEvQkhSN1ZsaEU0LUw4Y1MtclctaFpKS3JGaGtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW+30AwQA
sHkNAwQAsHkPAwQCwWqQMA0GCSqGSIb3DQEBCwUAA4IBAQBc5FFMUW4Qmvh9q0x4
8CPthSujJCQ6siBumVx3oh6eoFvhx+00/Q+XveTdxb2lwERJoU6MtCMHlWCoki5U
7cngDO/Q+SbRFV2Jn/D+8qkZQaa0O3efOPIi/n+6vCWvEvJa+r5O7tpo2xPPr4FX
cq5KQPPpH8LVNjjXJNGE9aZaXAm2ZnrttGHove48Ba/6j5FlbHvTxeZ0ebkHNgyA
8pTQoEf0p9iIqCjKvqDGoU5kH+5fIsg1AHdiy/f2prLSxMAwsTydyPCfhN3Q60xj
3LpGMxiJkMLIBxbV39RAPu2NZC2Zfk0Kd6VOCfs8UNg1gIrJIeu1BAYGXiC2fSRG
DRAj
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:04 2024 by rpki-client on console-ams.rpki-client.org