Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/mOe43S0aRxkOadaXVsDAfUgjCaQ.roa
File: mOe43S0aRxkOadaXVsDAfUgjCaQ.roa (raw, json)
Hash identifier: 9kgvfvtdPn05Yp5OY+QaK29l+eC+83+vUxlHvP81bYQ=
Subject key identifier: 98:E7:B8:DD:2D:1A:47:19:0E:69:D6:97:56:C0:C0:7D:48:23:09:A4
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 018572BA8BA23CFE9EA51CB09E1089C4F3B8
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/mOe43S0aRxkOadaXVsDAfUgjCaQ.roa
Signing time: Mon 02 Jan 2023 13:45:06 +0000
ROA not before: Mon 02 Jan 2023 13:45:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204021
IP address blocks: 213.189.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:8b:a2:3c:fe:9e:a5:1c:b0:9e:10:89:c4:f3:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 2 13:45:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98e7b8dd2d1a47190e69d69756c0c07d482309a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d7:9f:79:02:0f:2e:d3:f9:45:a2:3f:e8:73:
ad:ed:93:88:26:0a:f9:b5:d8:96:66:45:a4:ef:e8:
c4:9d:3a:3b:4d:ff:19:9e:fb:f3:37:5c:16:da:bb:
a9:cb:a1:26:d5:28:ee:20:72:0a:20:a8:86:ad:c6:
ac:0e:19:b6:21:37:3e:74:51:ad:94:81:b9:f5:01:
c5:52:42:1f:70:a8:42:00:1f:97:13:5b:c3:d6:48:
ec:dc:c7:4f:f1:f4:80:d5:ae:82:77:e3:fd:65:c1:
6e:ac:29:e4:e7:72:cd:f8:cd:f2:d1:8b:3d:05:12:
0c:c7:88:f7:50:e3:d1:b9:22:2a:41:d6:cc:ad:66:
33:28:0d:bc:f8:db:1b:1c:52:d9:cf:12:bb:e5:d2:
ee:bb:0c:47:87:e1:14:c2:55:a0:1f:d0:76:ff:dd:
42:1c:a5:d5:e9:64:89:22:77:d7:b9:2a:d3:d0:4e:
2e:62:d1:96:0e:f3:b7:78:cc:88:a0:df:fa:74:47:
69:e9:0d:1e:5f:3c:cc:a2:f1:78:ad:38:b1:7f:fc:
8b:c6:08:88:8b:59:3a:d5:93:1d:b3:a4:e1:56:c0:
c1:07:96:4c:57:da:07:fb:9c:3c:b0:dd:85:bd:39:
35:54:50:74:38:ac:da:b5:b6:53:c5:34:56:78:97:
a4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E7:B8:DD:2D:1A:47:19:0E:69:D6:97:56:C0:C0:7D:48:23:09:A4
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/mOe43S0aRxkOadaXVsDAfUgjCaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.189.49.0/24
Signature Algorithm: sha256WithRSAEncryption
44:28:ed:69:3a:5b:9e:4e:8c:06:6f:fe:1c:e5:8e:17:94:8d:
95:4c:9c:e8:0f:86:ad:26:09:ef:dc:1c:92:a4:87:61:b3:4d:
ef:59:0a:1b:b1:b6:c3:c4:3f:26:dc:c7:04:30:c8:0b:6c:4f:
2b:23:d5:98:b1:04:74:3c:bd:7b:50:ce:76:53:83:59:de:77:
46:2a:9b:7a:c1:de:d1:36:74:df:b5:5d:5e:f7:84:63:62:0d:
62:f5:6b:d6:6b:c1:f8:f3:d3:55:34:25:e8:4f:c0:63:0a:1a:
e8:ce:8a:a1:19:1e:ce:c2:5d:6e:53:eb:2d:d5:ec:9d:2a:f5:
83:f7:66:ce:61:d7:b1:16:58:57:7b:3a:03:8f:c3:32:45:e5:
6e:a8:8a:30:ae:08:7b:af:75:a3:5b:3b:62:55:04:3e:0b:29:
05:76:ff:1a:df:18:04:03:37:d3:c2:45:d1:4e:2e:71:91:b2:
ff:c4:e6:a0:ce:11:1e:8a:9d:25:26:55:8a:e7:15:24:ed:ee:
bf:1a:77:4a:0b:ac:d3:6e:50:77:cc:76:e1:f0:27:3d:22:0b:
aa:e3:fd:46:ec:d7:34:54:13:7a:37:19:76:a2:51:9b:d2:83:
2b:ed:51:c5:02:ad:3b:9c:7a:04:eb:fc:78:91:b8:ff:99:d1:
26:e4:41:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuouiPP6epRywnhCJxPO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjMwMTAyMTM0NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU3YjhkZDJkMWE0NzE5MGU2OWQ2OTc1NmMwYzA3ZDQ4MjMwOWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNefeQIPLtP5RaI/6HOt7ZOIJgr5
tdiWZkWk7+jEnTo7Tf8ZnvvzN1wW2rupy6Em1SjuIHIKIKiGrcasDhm2ITc+dFGt
lIG59QHFUkIfcKhCAB+XE1vD1kjs3MdP8fSA1a6Cd+P9ZcFurCnk53LN+M3y0Ys9
BRIMx4j3UOPRuSIqQdbMrWYzKA28+NsbHFLZzxK75dLuuwxHh+EUwlWgH9B2/91C
HKXV6WSJInfXuSrT0E4uYtGWDvO3eMyIoN/6dEdp6Q0eXzzMovF4rTixf/yLxgiI
i1k61ZMds6ThVsDBB5ZMV9oH+5w8sN2FvTk1VFB0OKzatbZTxTRWeJekcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjnuN0tGkcZDmnWl1bAwH1IIwmkMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvbU9lNDNTMGFSeGtPYWRhWFZzREFmVWdqQ2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1b0xMA0G
CSqGSIb3DQEBCwUAA4IBAQBEKO1pOlueTowGb/4c5Y4XlI2VTJzoD4atJgnv3ByS
pIdhs03vWQobsbbDxD8m3McEMMgLbE8rI9WYsQR0PL17UM52U4NZ3ndGKpt6wd7R
NnTftV1e94RjYg1i9WvWa8H489NVNCXoT8BjChrozoqhGR7Owl1uU+st1eydKvWD
92bOYdexFlhXezoDj8MyReVuqIowrgh7r3WjWztiVQQ+CykFdv8a3xgEAzfTwkXR
Ti5xkbL/xOagzhEeip0lJlWK5xUk7e6/GndKC6zTblB3zHbh8Cc9Iguq4/1G7Nc0
VBN6Nxl2olGb0oMr7VHFAq07nHoE6/x4kbj/mdEm5EFA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:52 2024 by rpki-client on console-ams.rpki-client.org