Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/MkwBB19vG-MOekoScpRbz90D72k.roa
File: MkwBB19vG-MOekoScpRbz90D72k.roa (raw, json)
Hash identifier: LlbEl1R2T1PS9iRDkPUktW0uZir2fng2kQJ++xx1Mes=
Subject key identifier: 32:4C:01:07:5F:6F:1B:E3:0E:7A:4A:12:72:94:5B:CF:DD:03:EF:69
Certificate issuer: /CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Certificate serial: 018CC56EEE48583274E26439955EE61775C7
Authority key identifier: EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/MkwBB19vG-MOekoScpRbz90D72k.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16245
IP address blocks: 193.17.206.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ee:48:58:32:74:e2:64:39:95:5e:e6:17:75:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef477ca3b449bbc41247e8c921e4c8dabfc1afae
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=324c01075f6f1be30e7a4a1272945bcfdd03ef69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:99:71:c3:3c:f6:22:38:e6:ba:3f:db:47:
73:c0:d7:b0:2a:be:e2:89:6f:4f:c2:eb:1f:49:bc:
89:48:bb:7e:0f:92:dd:49:e9:94:70:e8:fe:f6:3b:
07:f9:89:8a:e6:25:45:63:7b:db:70:61:10:6a:80:
b3:61:25:32:0f:2e:6d:5f:c9:74:a2:21:e5:6c:e9:
81:d7:0c:52:bb:9b:a4:74:db:92:f7:84:2c:6c:8e:
08:95:f1:85:6b:13:27:6f:6b:a1:6e:77:c8:43:8e:
8d:7f:e4:ce:b0:e9:f6:9f:05:06:36:4e:13:e0:bc:
22:4b:d2:13:c3:a3:18:f5:1e:88:8c:bb:6c:23:04:
5e:ca:6a:6c:48:ae:e5:be:80:34:56:6c:47:f6:99:
f4:05:92:15:b0:99:e9:16:08:d9:fc:1d:24:df:3e:
05:6f:ff:76:f2:b7:39:37:8c:a7:7d:7c:23:61:9e:
c1:03:40:cb:d8:f0:d6:46:91:11:4c:00:e8:54:49:
9b:7f:15:fc:4f:eb:83:be:e1:4c:70:35:65:17:35:
3f:fb:d0:68:90:e2:48:d3:de:7b:d3:d4:a9:8b:d1:
2b:fd:71:82:13:5b:0c:92:c4:41:fb:13:50:65:84:
66:f4:4d:6c:48:24:68:98:29:c0:c2:a9:a1:4d:71:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4C:01:07:5F:6F:1B:E3:0E:7A:4A:12:72:94:5B:CF:DD:03:EF:69
X509v3 Authority Key Identifier:
keyid:EF:47:7C:A3:B4:49:BB:C4:12:47:E8:C9:21:E4:C8:DA:BF:C1:AF:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70d8o7RJu8QSR-jJIeTI2r_Br64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/MkwBB19vG-MOekoScpRbz90D72k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f1eea2-9582-4a65-b5be-603aa1f209d8/1/70d8o7RJu8QSR-jJIeTI2r_Br64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.206.0/24
Signature Algorithm: sha256WithRSAEncryption
69:8a:ec:3d:7e:73:a5:7c:38:bb:31:f3:54:b3:72:60:b9:63:
1a:d3:6a:58:39:9d:7f:8e:9d:ef:cf:1d:7e:9f:a9:f2:2b:84:
0a:04:fd:10:14:b5:46:21:da:5c:1b:46:c1:3f:01:57:c1:60:
a2:49:57:1d:a3:46:c9:89:57:1f:5d:d5:0a:81:4d:d2:42:4d:
82:f4:f8:15:23:f7:d1:be:13:2e:30:dd:da:26:7f:3e:21:1c:
59:69:4b:e6:e0:3d:f6:1f:f1:ee:56:89:dd:21:b6:3c:59:00:
cb:f7:c6:3c:af:ff:b6:da:ee:39:4f:e3:3c:70:1f:4e:50:a8:
0f:87:9f:84:66:1f:2b:0c:ff:b8:4e:3a:99:74:39:a3:b4:0f:
03:68:e9:c7:e9:96:1a:96:2f:5f:dc:3c:13:da:90:a7:23:2b:
fc:e7:53:7b:dd:24:14:0a:d6:33:13:d4:5e:bb:ea:41:65:ea:
37:54:18:7d:9d:94:3e:65:80:02:d2:c2:9a:ce:bb:81:a3:cd:
b3:fd:f9:69:e8:44:95:11:5c:16:91:e5:51:f9:08:e7:a2:cf:
d4:aa:5f:3d:a8:b9:9e:42:2f:88:55:d8:39:dc:fd:28:bd:99:
76:65:f4:e9:7b:6f:a7:7a:1a:c4:65:f3:90:7b:a1:eb:05:43:
41:58:fb:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbu5IWDJ04mQ5lV7mF3XHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDc3Y2EzYjQ0OWJiYzQxMjQ3ZThjOTIxZTRjOGRhYmZj
MWFmYWUwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRjMDEwNzVmNmYxYmUzMGU3YTRhMTI3Mjk0NWJjZmRkMDNlZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkaZccM89iI45ro/20dzwNewKr7i
iW9PwusfSbyJSLt+D5LdSemUcOj+9jsH+YmK5iVFY3vbcGEQaoCzYSUyDy5tX8l0
oiHlbOmB1wxSu5ukdNuS94QsbI4IlfGFaxMnb2uhbnfIQ46Nf+TOsOn2nwUGNk4T
4LwiS9ITw6MY9R6IjLtsIwReympsSK7lvoA0VmxH9pn0BZIVsJnpFgjZ/B0k3z4F
b/928rc5N4ynfXwjYZ7BA0DL2PDWRpERTADoVEmbfxX8T+uDvuFMcDVlFzU/+9Bo
kOJI095709Spi9Er/XGCE1sMksRB+xNQZYRm9E1sSCRomCnAwqmhTXE7dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJMAQdfbxvjDnpKEnKUW8/dA+9pMB8GA1UdIwQY
MBaAFO9HfKO0SbvEEkfoySHkyNq/wa+uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUt
NjAzYWExZjIwOWQ4LzEvTWt3QkIxOXZHLU1PZWtvU2NwUmJ6OTBENzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMWVlYTItOTU4Mi00YTY1LWI1YmUtNjAzYWExZjIwOWQ4
LzEvNzBkOG83Ukp1OFFTUi1qSkllVEkycl9CcjY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRHOMA0G
CSqGSIb3DQEBCwUAA4IBAQBpiuw9fnOlfDi7MfNUs3JguWMa02pYOZ1/jp3vzx1+
n6nyK4QKBP0QFLVGIdpcG0bBPwFXwWCiSVcdo0bJiVcfXdUKgU3SQk2C9PgVI/fR
vhMuMN3aJn8+IRxZaUvm4D32H/HuVondIbY8WQDL98Y8r/+22u45T+M8cB9OUKgP
h5+EZh8rDP+4TjqZdDmjtA8DaOnH6ZYali9f3DwT2pCnIyv851N73SQUCtYzE9Re
u+pBZeo3VBh9nZQ+ZYAC0sKazruBo82z/flp6ESVEVwWkeVR+Qjnos/Uql89qLme
Qi+IVdg53P0ovZl2ZfTpe2+nehrEZfOQe6HrBUNBWPtK
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:09:02 2025 by rpki-client