Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/nMVvuKF7SEX5Zrazkzc3v4L3iZQ.roa
File: nMVvuKF7SEX5Zrazkzc3v4L3iZQ.roa (raw, json)
Hash identifier: FMZGg5w3ugBcH8MifF6fKqJmv/PbEDmQ1AMltyW7vIM=
Subject key identifier: 9C:C5:6F:B8:A1:7B:48:45:F9:66:B6:B3:93:37:37:BF:82:F7:89:94
Certificate issuer: /CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Certificate serial: 018656B206955F71403AC0B78C62063AC9E2
Authority key identifier: E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/nMVvuKF7SEX5Zrazkzc3v4L3iZQ.roa
Signing time: Wed 15 Feb 2023 20:09:12 +0000
ROA not before: Wed 15 Feb 2023 20:09:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11426
IP address blocks: 45.147.68.0/22 maxlen: 22
5.182.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:b2:06:95:5f:71:40:3a:c0:b7:8c:62:06:3a:c9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76d0dab347a38e2b87b5a22a2f7c9e21c18c9bc
Validity
Not Before: Feb 15 20:09:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cc56fb8a17b4845f966b6b3933737bf82f78994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3f:b6:99:8b:bd:3d:56:2e:77:6b:54:f8:0c:
f4:2c:30:55:35:a7:f8:71:1d:34:f4:9c:d9:74:4d:
d2:45:d7:16:36:76:8f:62:05:d7:b7:54:c3:26:d1:
d9:71:86:0c:8d:6c:a6:1d:d9:4c:3b:ca:81:34:cf:
0d:3c:98:a9:4d:10:a9:6a:79:d3:27:41:a5:12:7b:
d5:b3:18:99:9f:0a:19:61:2e:f9:49:a5:82:91:46:
59:db:27:85:08:bf:74:e1:80:39:a1:82:4a:d1:21:
0d:5c:fb:ed:b6:59:79:85:2a:59:f0:f0:d7:f7:82:
0a:0a:69:6f:47:27:8e:4d:21:d7:15:e6:fe:34:5b:
16:5e:bb:a2:83:b9:94:b4:40:df:32:cd:c0:ed:f1:
79:85:e4:4e:ad:1d:92:5f:ec:ad:de:fc:7a:bb:20:
8b:9d:2a:3a:b9:17:d7:f9:7c:1a:75:8d:2d:44:7f:
82:64:40:47:8b:8a:7d:7c:34:2e:c4:66:7f:92:6b:
9e:d8:de:c0:1c:fb:d9:01:52:bc:47:39:54:ba:3c:
56:4c:1e:4e:9b:4a:af:66:a5:11:50:35:78:57:8d:
85:60:15:f2:67:01:ac:4b:4d:83:e7:40:ea:06:5b:
8d:b8:36:98:4e:ae:74:39:3e:7f:c7:e6:86:d8:a9:
af:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:C5:6F:B8:A1:7B:48:45:F9:66:B6:B3:93:37:37:BF:82:F7:89:94
X509v3 Authority Key Identifier:
keyid:E7:6D:0D:AB:34:7A:38:E2:B8:7B:5A:22:A2:F7:C9:E2:1C:18:C9:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/520NqzR6OOK4e1oiovfJ4hwYybw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/nMVvuKF7SEX5Zrazkzc3v4L3iZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3dbb3d-f328-4b27-95d9-bd3bfc99bda9/1/520NqzR6OOK4e1oiovfJ4hwYybw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.120.0/22
45.147.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:73:0b:1b:26:41:27:65:a8:f1:c1:92:51:be:16:fd:3f:79:
75:49:5a:e0:b6:bd:55:0a:a2:50:a2:70:32:ef:8d:f0:d4:97:
2e:90:70:42:f5:36:31:13:07:2b:a1:4c:e0:5a:6e:50:5a:a5:
55:11:21:c1:c8:28:3e:96:4f:de:f0:61:4c:01:91:02:cd:d8:
9e:cc:bb:91:fc:56:6d:94:c6:b6:7e:ed:2c:1d:47:a3:aa:3b:
42:af:5c:a3:bf:01:38:62:69:46:8a:96:16:0d:d6:64:9b:f0:
b9:20:1a:03:0e:bf:ac:f7:8c:6b:0d:40:ff:15:99:6e:f5:d6:
7c:0d:e0:b4:35:7c:76:29:a6:ac:90:1f:ba:0e:5d:46:d0:fa:
0e:9e:df:f7:69:0c:ff:81:b5:14:77:51:fd:3f:62:ef:de:5d:
6d:d6:f5:13:11:17:49:d3:49:1c:8d:9b:18:9e:32:30:f9:c4:
bc:59:6f:db:42:77:8a:02:1a:09:35:ab:c9:0a:c4:23:e5:31:
2d:95:76:1d:e4:40:e5:08:05:c7:56:1a:34:19:c4:13:e4:ab:
8d:5c:7a:52:cf:c5:5c:9b:ec:77:62:3e:0f:05:7e:d2:95:3a:
e8:40:0b:03:a0:0e:11:16:87:25:02:a2:ab:56:21:c4:35:7c:
f7:22:dc:d8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZWsgaVX3FAOsC3jGIGOsniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NmQwZGFiMzQ3YTM4ZTJiODdiNWEyMmEyZjdjOWUyMWMx
OGM5YmMwHhcNMjMwMjE1MjAwOTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2M1NmZiOGExN2I0ODQ1Zjk2NmI2YjM5MzM3MzdiZjgyZjc4OTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT+2mYu9PVYud2tU+Az0LDBVNaf4
cR009JzZdE3SRdcWNnaPYgXXt1TDJtHZcYYMjWymHdlMO8qBNM8NPJipTRCpannT
J0GlEnvVsxiZnwoZYS75SaWCkUZZ2yeFCL904YA5oYJK0SENXPvttll5hSpZ8PDX
94IKCmlvRyeOTSHXFeb+NFsWXruig7mUtEDfMs3A7fF5heROrR2SX+yt3vx6uyCL
nSo6uRfX+XwadY0tRH+CZEBHi4p9fDQuxGZ/kmue2N7AHPvZAVK8RzlUujxWTB5O
m0qvZqURUDV4V42FYBXyZwGsS02D50DqBluNuDaYTq50OT5/x+aG2KmvjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJzFb7ihe0hF+Wa2s5M3N7+C94mUMB8GA1UdIwQY
MBaAFOdtDas0ejjiuHtaIqL3yeIcGMm8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDkt
YmQzYmZjOTliZGE5LzEvbk1WdnVLRjdTRVg1WnJhemt6YzN2NEwzaVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zZGJiM2QtZjMyOC00YjI3LTk1ZDktYmQzYmZjOTliZGE5
LzEvNTIwTnF6UjZPT0s0ZTFvaW92Zko0aHdZeWJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCBbZ4AwQC
LZNEMA0GCSqGSIb3DQEBCwUAA4IBAQBacwsbJkEnZajxwZJRvhb9P3l1SVrgtr1V
CqJQonAy743w1JcukHBC9TYxEwcroUzgWm5QWqVVESHByCg+lk/e8GFMAZECzdie
zLuR/FZtlMa2fu0sHUejqjtCr1yjvwE4YmlGipYWDdZkm/C5IBoDDr+s94xrDUD/
FZlu9dZ8DeC0NXx2KaaskB+6Dl1G0PoOnt/3aQz/gbUUd1H9P2Lv3l1t1vUTERdJ
00kcjZsYnjIw+cS8WW/bQneKAhoJNavJCsQj5TEtlXYd5EDlCAXHVho0GcQT5KuN
XHpSz8Vcm+x3Yj4PBX7SlTroQAsDoA4RFoclAqKrViHENXz3ItzY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:15 2024 by rpki-client on console-ams.rpki-client.org