Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/mvbDvwj3O1Ky8dC2Qw0FBrx8A44.roa
File: mvbDvwj3O1Ky8dC2Qw0FBrx8A44.roa (raw, json)
Hash identifier: pa/83EntU4VRx5zl5bGZScoVxRk7kvtKuRQe+ohUde8=
Subject key identifier: 9A:F6:C3:BF:08:F7:3B:52:B2:F1:D0:B6:43:0D:05:06:BC:7C:03:8E
Certificate issuer: /CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Certificate serial: 0185719E6873AC31567EA9B41D805A136FC1
Authority key identifier: 75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/mvbDvwj3O1Ky8dC2Qw0FBrx8A44.roa
Signing time: Mon 02 Jan 2023 08:34:44 +0000
ROA not before: Mon 02 Jan 2023 08:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 193.151.94.0/24 maxlen: 24
195.8.103.0/24 maxlen: 24
91.240.19.0/24 maxlen: 24
91.240.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:32:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:9e:68:73:ac:31:56:7e:a9:b4:1d:80:5a:13:6f:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75dcc776b2bf595bf4b3e60bba4245f0120a2176
Validity
Not Before: Jan 2 08:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af6c3bf08f73b52b2f1d0b6430d0506bc7c038e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0d:84:a0:ba:d9:c6:5f:5f:0b:e3:92:8e:47:
5d:38:1c:e9:fc:cb:5e:fa:c5:17:58:1f:a1:bd:83:
22:08:e7:0c:bb:af:34:e9:33:66:1e:40:fa:7b:a8:
3f:db:db:e0:37:1c:56:50:8b:22:f6:06:72:47:c7:
4d:83:08:6d:41:ec:6e:83:77:d0:5e:77:ef:e0:77:
ee:34:b5:cd:e0:4f:3b:ca:84:c7:fc:d1:4a:bc:35:
89:10:d5:c0:c4:8a:8f:a2:fc:3d:35:32:5f:d7:d7:
e5:16:f1:97:00:ec:cf:9a:50:e5:cf:4f:db:8b:54:
ff:b0:b5:5b:88:5e:7c:10:0c:a1:48:1a:2e:f0:df:
3b:f4:4c:01:fd:0a:43:0e:5a:df:fa:8b:d5:33:5a:
d5:06:2a:79:3f:9e:c4:92:85:b0:d8:a3:60:c4:34:
81:b2:98:a7:98:12:53:da:1f:a2:00:dd:2a:14:2a:
62:09:5d:03:ad:0f:1e:2b:93:49:4e:17:33:fc:fb:
9f:f6:d6:8e:cf:2b:7f:a9:ba:63:9c:e9:92:59:ee:
3b:c0:61:bf:15:9a:bb:ae:20:88:59:e8:ba:6d:7a:
6c:9b:2d:25:97:86:ae:65:6c:c5:8d:68:63:85:7b:
26:76:2a:92:f4:e9:b2:a6:ac:8e:87:b1:ce:64:d8:
13:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F6:C3:BF:08:F7:3B:52:B2:F1:D0:B6:43:0D:05:06:BC:7C:03:8E
X509v3 Authority Key Identifier:
keyid:75:DC:C7:76:B2:BF:59:5B:F4:B3:E6:0B:BA:42:45:F0:12:0A:21:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddzHdrK_WVv0s-YLukJF8BIKIXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/mvbDvwj3O1Ky8dC2Qw0FBrx8A44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/581c5d-bc9b-40a6-a5a4-64540205ecf4/1/ddzHdrK_WVv0s-YLukJF8BIKIXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.18.0/23
193.151.94.0/24
195.8.103.0/24
Signature Algorithm: sha256WithRSAEncryption
90:28:70:d6:1b:3b:e4:9b:6d:d0:6b:62:f5:1f:64:56:b7:c7:
ca:93:b5:83:51:83:b0:c8:3b:f8:85:2b:39:0e:b9:4d:42:a1:
b8:a1:94:b4:b9:54:82:2e:dd:ae:5a:91:d2:27:29:6c:42:4c:
5b:70:10:fe:12:ca:d1:21:fe:e8:1b:a0:ec:b7:0d:db:b1:b2:
d1:11:c5:11:f0:24:fe:fe:56:46:a8:ad:9e:80:a6:c6:6d:21:
ed:8c:e4:7b:1d:00:d0:d5:33:f2:4e:4c:6b:27:fb:a8:6d:15:
ea:c1:35:9b:86:bf:e0:c9:47:74:f2:04:9b:d5:a0:cf:a1:f9:
90:7c:a4:7d:d5:cf:28:c1:20:3d:b2:f3:74:2d:b3:7b:19:1b:
58:85:eb:a9:7f:ab:50:c9:9f:61:62:6e:94:b7:70:53:8a:41:
ef:b5:1e:7e:47:5d:13:2f:95:e1:54:64:4d:f1:a7:a2:e2:d1:
2f:0f:a1:da:8c:60:d7:c7:38:49:2f:02:4a:d1:50:ab:f4:58:
0d:86:e0:63:c7:97:d6:74:d8:b3:61:e3:27:29:e2:a1:90:65:
1d:96:e4:81:1a:e2:31:e9:4b:3d:32:9f:ca:3b:79:9c:af:89:
ea:92:5b:df:87:ab:75:ec:1d:32:9c:8e:e9:5f:3c:d4:a9:97:
82:d9:29:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVxnmhzrDFWfqm0HYBaE2/BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGNjNzc2YjJiZjU5NWJmNGIzZTYwYmJhNDI0NWYwMTIw
YTIxNzYwHhcNMjMwMTAyMDgzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY2YzNiZjA4ZjczYjUyYjJmMWQwYjY0MzBkMDUwNmJjN2MwMzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQ2EoLrZxl9fC+OSjkddOBzp/Mte
+sUXWB+hvYMiCOcMu6806TNmHkD6e6g/29vgNxxWUIsi9gZyR8dNgwhtQexug3fQ
Xnfv4HfuNLXN4E87yoTH/NFKvDWJENXAxIqPovw9NTJf19flFvGXAOzPmlDlz0/b
i1T/sLVbiF58EAyhSBou8N879EwB/QpDDlrf+ovVM1rVBip5P57EkoWw2KNgxDSB
spinmBJT2h+iAN0qFCpiCV0DrQ8eK5NJThcz/Puf9taOzyt/qbpjnOmSWe47wGG/
FZq7riCIWei6bXpsmy0ll4auZWzFjWhjhXsmdiqS9OmypqyOh7HOZNgTiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJr2w78I9ztSsvHQtkMNBQa8fAOOMB8GA1UdIwQY
MBaAFHXcx3ayv1lb9LPmC7pCRfASCiF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQt
NjQ1NDAyMDVlY2Y0LzEvbXZiRHZ3ajNPMUt5OGRDMlF3MEZCcng4QTQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS81ODFjNWQtYmM5Yi00MGE2LWE1YTQtNjQ1NDAyMDVlY2Y0
LzEvZGR6SGRyS19XVnYwcy1ZTHVrSkY4QklLSVhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW/ASAwQA
wZdeAwQAwwhnMA0GCSqGSIb3DQEBCwUAA4IBAQCQKHDWGzvkm23Qa2L1H2RWt8fK
k7WDUYOwyDv4hSs5DrlNQqG4oZS0uVSCLt2uWpHSJylsQkxbcBD+EsrRIf7oG6Ds
tw3bsbLREcUR8CT+/lZGqK2egKbGbSHtjOR7HQDQ1TPyTkxrJ/uobRXqwTWbhr/g
yUd08gSb1aDPofmQfKR91c8owSA9svN0LbN7GRtYheupf6tQyZ9hYm6Ut3BTikHv
tR5+R10TL5XhVGRN8aei4tEvD6HajGDXxzhJLwJK0VCr9FgNhuBjx5fWdNizYeMn
KeKhkGUdluSBGuIx6Us9Mp/KO3mcr4nqklvfh6t17B0ynI7pXzzUqZeC2SlQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:59 2024 by rpki-client on console-ams.rpki-client.org