Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mlWwEsKUzBlMzRtG9JVaCW13MBM.roa
File: mlWwEsKUzBlMzRtG9JVaCW13MBM.roa (raw, json)
Hash identifier: OMPoYxKyrP0WJ2sPprA33g+96nhw2NHUFSfMYv7gM0s=
Subject key identifier: 9A:55:B0:12:C2:94:CC:19:4C:CD:1B:46:F4:95:5A:09:6D:77:30:13
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0188AF2B945C1582625FE128A223B14611CD
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mlWwEsKUzBlMzRtG9JVaCW13MBM.roa
Signing time: Mon 12 Jun 2023 10:34:08 +0000
ROA not before: Mon 12 Jun 2023 10:34:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 109.122.42.0/24 maxlen: 24
109.122.46.0/24 maxlen: 24
89.251.27.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Jun 2023 03:58:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:2b:94:5c:15:82:62:5f:e1:28:a2:23:b1:46:11:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 12 10:34:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a55b012c294cc194ccd1b46f4955a096d773013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:63:98:a1:01:3e:f0:c3:e5:31:6f:68:9f:76:
24:d0:ea:c1:46:9c:c6:23:38:82:e6:51:51:f9:ed:
cb:53:6d:a5:c5:52:e0:8d:e5:9e:39:6f:03:22:de:
04:1f:5b:30:5e:56:62:14:50:3a:32:aa:ef:3d:d3:
13:ec:6a:db:85:41:63:81:f4:bf:42:44:22:08:ab:
00:c9:b7:3f:18:5f:fa:3f:09:59:58:b6:9f:8c:f7:
a3:48:16:8b:f6:83:a5:c1:51:a2:11:9b:f4:4c:6f:
fd:a5:57:2f:5f:18:59:2f:70:ea:e1:15:76:da:21:
b5:ee:8b:fb:10:53:b1:d2:a5:f4:1a:fb:fa:0b:d4:
b8:39:2a:3f:97:26:0d:05:2e:33:24:c4:4a:ac:cd:
8a:20:1e:53:c8:70:8b:a6:d2:43:f7:0d:c2:10:dc:
e9:e0:1d:8b:ca:95:8b:7e:14:b9:00:ac:bc:59:73:
32:ab:12:62:98:fe:6a:a6:29:90:22:e5:bf:0f:9e:
4c:6e:8a:63:bd:e5:e9:42:24:3e:3a:59:4c:a9:7f:
d6:a9:d2:63:ab:9b:1f:9f:13:2a:a1:5e:51:0b:5d:
50:4f:10:a2:cb:46:ff:62:b6:a4:dd:3a:89:de:91:
90:9a:26:ee:c6:66:b0:c6:95:45:76:1d:9d:fc:eb:
e9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:55:B0:12:C2:94:CC:19:4C:CD:1B:46:F4:95:5A:09:6D:77:30:13
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/mlWwEsKUzBlMzRtG9JVaCW13MBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.27.0/24
109.122.42.0/24
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:22:43:17:af:bc:e7:55:80:51:a6:9e:c2:b4:16:fd:ef:ab:
0b:a3:32:17:82:df:b0:09:24:18:55:14:90:a2:16:62:af:22:
ff:5a:72:15:c8:fd:46:c3:2f:20:6e:b3:24:d4:71:ef:52:f8:
b5:0a:c4:b7:0f:54:54:7a:ab:62:8e:9e:96:a5:38:ff:87:e0:
4b:5f:9a:9d:ff:da:73:ea:2b:cc:2d:16:1f:3f:c4:fe:7d:a6:
9f:91:65:1e:76:3d:91:69:2c:54:44:52:6b:20:f8:ee:ee:4a:
58:56:7f:5a:53:e5:89:f0:bb:8d:0c:11:78:0c:48:34:08:2d:
f2:38:f3:60:ba:e6:0e:57:3f:e5:b2:96:d9:69:76:84:8e:bd:
d8:ee:6c:01:6b:5c:a6:8f:81:eb:76:72:c3:4e:d0:fa:3b:e2:
1c:76:8c:4b:9a:28:8e:71:56:5c:67:6f:19:cc:21:55:50:ac:
3f:92:55:d7:73:39:1d:e0:5c:4f:85:03:54:40:56:fd:23:53:
4c:32:a1:ad:89:0f:fc:eb:0e:bf:36:98:87:83:6a:84:ba:54:
e8:04:59:bc:cc:1d:b6:82:e8:a0:5f:cf:20:12:cb:66:be:ed:
4a:f5:0c:a0:34:75:61:22:05:29:44:fc:39:bc:85:65:f4:3b:
6b:3c:19:fa
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYivK5RcFYJiX+EooiOxRhHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMwNjEyMTAzNDA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTU1YjAxMmMyOTRjYzE5NGNjZDFiNDZmNDk1NWEwOTZkNzczMDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmOYoQE+8MPlMW9on3Yk0OrBRpzG
IziC5lFR+e3LU22lxVLgjeWeOW8DIt4EH1swXlZiFFA6MqrvPdMT7GrbhUFjgfS/
QkQiCKsAybc/GF/6PwlZWLafjPejSBaL9oOlwVGiEZv0TG/9pVcvXxhZL3Dq4RV2
2iG17ov7EFOx0qX0Gvv6C9S4OSo/lyYNBS4zJMRKrM2KIB5TyHCLptJD9w3CENzp
4B2LypWLfhS5AKy8WXMyqxJimP5qpimQIuW/D55MbopjveXpQiQ+OllMqX/WqdJj
q5sfnxMqoV5RC11QTxCiy0b/Yrak3TqJ3pGQmibuxmawxpVFdh2d/Ovp6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJpVsBLClMwZTM0bRvSVWgltdzATMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbWxXd0VzS1V6QmxNelJ0RzlKVmFDVzEzTUJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsbAwQA
bXoqAwQAbXouMA0GCSqGSIb3DQEBCwUAA4IBAQCMIkMXr7znVYBRpp7CtBb976sL
ozIXgt+wCSQYVRSQohZiryL/WnIVyP1Gwy8gbrMk1HHvUvi1CsS3D1RUeqtijp6W
pTj/h+BLX5qd/9pz6ivMLRYfP8T+faafkWUedj2RaSxURFJrIPju7kpYVn9aU+WJ
8LuNDBF4DEg0CC3yOPNguuYOVz/lspbZaXaEjr3Y7mwBa1ymj4HrdnLDTtD6O+Ic
doxLmiiOcVZcZ28ZzCFVUKw/klXXczkd4FxPhQNUQFb9I1NMMqGtiQ/86w6/NpiH
g2qEulToBFm8zB22guigX88gEstmvu1K9QygNHVhIgUpRPw5vIVl9DtrPBn6
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:37 2024 by rpki-client on console-fra.rpki-client.org