Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/MFACjApBTDEj4tBsYsHYmQqBd10.roa
File: MFACjApBTDEj4tBsYsHYmQqBd10.roa (raw, json)
Hash identifier: asx/S2c7fPpjHbCzKscCKu+C4OupFKKllIUtYys6iso=
Subject key identifier: 30:50:02:8C:0A:41:4C:31:23:E2:D0:6C:62:C1:D8:99:0A:81:77:5D
Certificate issuer: /CN=5a48b5dfc0142a68c30bdaac550603e9e45d108a
Certificate serial: 01856C413337374AA00155E3D00BD714B665
Authority key identifier: 5A:48:B5:DF:C0:14:2A:68:C3:0B:DA:AC:55:06:03:E9:E4:5D:10:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wki138AUKmjDC9qsVQYD6eRdEIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/MFACjApBTDEj4tBsYsHYmQqBd10.roa
Signing time: Sun 01 Jan 2023 07:34:50 +0000
ROA not before: Sun 01 Jan 2023 07:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44019
IP address blocks: 193.238.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:33:37:37:4a:a0:01:55:e3:d0:0b:d7:14:b6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a48b5dfc0142a68c30bdaac550603e9e45d108a
Validity
Not Before: Jan 1 07:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3050028c0a414c3123e2d06c62c1d8990a81775d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5e:80:61:d0:a2:d8:89:e9:aa:ec:dc:68:a3:
a8:e1:73:e3:ec:f8:d9:e0:f1:2e:da:23:63:bf:d8:
52:46:14:5c:6d:2c:6e:26:2c:ad:4b:df:80:cb:bc:
8e:b2:e8:9c:09:3c:92:66:35:5a:a3:2c:b0:99:62:
b8:02:0c:00:ad:21:64:06:37:0d:ba:f6:69:cb:71:
28:7f:35:b0:4a:be:e4:d9:3f:4e:70:6a:84:31:19:
f4:ab:6d:81:40:ee:2e:13:bb:19:1a:8b:43:fb:a0:
5c:5a:7a:2f:37:0d:46:10:d5:ed:4b:27:07:5a:39:
c2:08:2f:b5:82:5c:62:4f:a4:d4:06:9b:1a:b4:0a:
e7:74:95:b5:f5:1a:4e:14:7a:1b:c4:6a:13:da:60:
93:e7:a5:cd:aa:93:c3:6e:7c:c1:2b:81:cf:cb:87:
b2:28:64:a1:12:b4:9c:f9:ca:47:74:b2:d3:ac:2e:
26:a8:c4:4a:bb:21:60:92:5d:f2:70:e0:05:77:8c:
80:16:ea:50:19:36:ba:70:d5:8a:81:d8:55:f0:2e:
55:75:74:1e:76:96:0c:29:f3:53:a9:53:7f:90:b5:
fe:0f:de:82:0a:a1:60:18:fc:80:b7:34:a1:bc:8c:
b1:a9:1c:c7:89:dd:01:71:0f:a5:64:11:6b:62:ad:
89:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:50:02:8C:0A:41:4C:31:23:E2:D0:6C:62:C1:D8:99:0A:81:77:5D
X509v3 Authority Key Identifier:
keyid:5A:48:B5:DF:C0:14:2A:68:C3:0B:DA:AC:55:06:03:E9:E4:5D:10:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wki138AUKmjDC9qsVQYD6eRdEIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/MFACjApBTDEj4tBsYsHYmQqBd10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/Wki138AUKmjDC9qsVQYD6eRdEIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.87.0/24
Signature Algorithm: sha256WithRSAEncryption
68:ff:89:46:19:43:c7:61:88:63:a8:32:69:e4:40:6b:1a:5c:
5a:6c:cb:1e:89:68:6b:07:98:b0:fb:22:69:dd:ae:54:86:6c:
69:b5:06:c7:62:bf:f7:07:8b:90:ad:38:7d:42:e5:1b:4e:89:
ce:cc:3a:40:f7:94:b0:a2:06:ad:e6:a9:6c:f4:2f:e7:f6:d2:
3f:12:e5:8a:d1:ed:f5:66:4e:b6:cb:21:a7:de:e1:14:5d:b3:
d4:d7:fa:4d:a6:01:71:98:68:b9:cd:18:e6:95:ed:1c:7c:66:
64:68:49:f8:08:3f:47:e7:88:8b:6e:25:61:ca:61:11:09:da:
eb:dc:5a:db:a8:66:ed:f3:7a:db:66:d9:5c:ee:c0:96:ec:45:
98:b6:99:f5:ee:f8:33:ae:e3:7d:08:e5:81:e4:d4:ed:bc:74:
92:b8:36:05:1f:75:b2:f0:41:b1:5a:67:47:e3:3e:b9:88:4a:
14:49:bb:2a:59:37:40:e4:2f:27:75:56:bb:c7:57:48:8d:d6:
0e:68:50:0d:19:00:b3:ba:08:f2:2e:c7:02:9b:04:00:94:22:
92:b0:4a:02:e8:65:bd:66:70:2d:b2:a1:ed:2c:49:e2:64:2c:
3e:75:ef:c3:43:4d:17:a9:ea:55:77:0b:e0:27:7a:43:df:c5:
68:11:fd:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsQTM3N0qgAVXj0AvXFLZlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDhiNWRmYzAxNDJhNjhjMzBiZGFhYzU1MDYwM2U5ZTQ1
ZDEwOGEwHhcNMjMwMTAxMDczNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDUwMDI4YzBhNDE0YzMxMjNlMmQwNmM2MmMxZDg5OTBhODE3NzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF6AYdCi2InpquzcaKOo4XPj7PjZ
4PEu2iNjv9hSRhRcbSxuJiytS9+Ay7yOsuicCTySZjVaoyywmWK4AgwArSFkBjcN
uvZpy3EofzWwSr7k2T9OcGqEMRn0q22BQO4uE7sZGotD+6BcWnovNw1GENXtSycH
WjnCCC+1glxiT6TUBpsatArndJW19RpOFHobxGoT2mCT56XNqpPDbnzBK4HPy4ey
KGShErSc+cpHdLLTrC4mqMRKuyFgkl3ycOAFd4yAFupQGTa6cNWKgdhV8C5VdXQe
dpYMKfNTqVN/kLX+D96CCqFgGPyAtzShvIyxqRzHid0BcQ+lZBFrYq2JLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBQAowKQUwxI+LQbGLB2JkKgXddMB8GA1UdIwQY
MBaAFFpItd/AFCpowwvarFUGA+nkXRCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tpMTM4QVVLbWpEQzlxc1ZRWUQ2ZVJkRUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hY2QwZTItMzcxMi00Y2NjLTg3MmQt
ZTBkOTg4M2UwZmNjLzEvTUZBQ2pBcEJUREVqNHRCc1lzSFltUXFCZDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hY2QwZTItMzcxMi00Y2NjLTg3MmQtZTBkOTg4M2UwZmNj
LzEvV2tpMTM4QVVLbWpEQzlxc1ZRWUQ2ZVJkRUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe5XMA0G
CSqGSIb3DQEBCwUAA4IBAQBo/4lGGUPHYYhjqDJp5EBrGlxabMseiWhrB5iw+yJp
3a5UhmxptQbHYr/3B4uQrTh9QuUbTonOzDpA95Swogat5qls9C/n9tI/EuWK0e31
Zk62yyGn3uEUXbPU1/pNpgFxmGi5zRjmle0cfGZkaEn4CD9H54iLbiVhymERCdrr
3FrbqGbt83rbZtlc7sCW7EWYtpn17vgzruN9COWB5NTtvHSSuDYFH3Wy8EGxWmdH
4z65iEoUSbsqWTdA5C8ndVa7x1dIjdYOaFANGQCzugjyLscCmwQAlCKSsEoC6GW9
ZnAtsqHtLEniZCw+de/DQ00XqepVdwvgJ3pD38VoEf1t
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:03 2024 by rpki-client on console-ams.rpki-client.org