Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/MsU-mRUyK9ZJSJuEyif-fxKTAmg.roa
File: MsU-mRUyK9ZJSJuEyif-fxKTAmg.roa (raw, json)
Hash identifier: d4YpNVHBB6bNdd/d8Eq5XFx12Z6LLgSi7Fjn3/x65fo=
Subject key identifier: 32:C5:3E:99:15:32:2B:D6:49:48:9B:84:CA:27:FE:7F:12:93:02:68
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 018C8C9AB6769E6730911EC5F7742CB9CE50
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/MsU-mRUyK9ZJSJuEyif-fxKTAmg.roa
Signing time: Thu 21 Dec 2023 13:39:58 +0000
ROA not before: Thu 21 Dec 2023 13:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205960
IP address blocks: 91.204.224.0/24 maxlen: 24
2.59.153.0/24 maxlen: 24
91.204.226.0/24 maxlen: 24
91.204.225.0/24 maxlen: 24
91.204.227.0/24 maxlen: 24
45.91.225.0/24 maxlen: 24
194.126.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 26 Dec 2023 15:46:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:8c:9a:b6:76:9e:67:30:91:1e:c5:f7:74:2c:b9:ce:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Dec 21 13:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32c53e9915322bd649489b84ca27fe7f12930268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b5:8d:b1:46:6c:af:22:31:84:2b:e7:bc:ca:
e6:8a:83:08:cd:6e:4a:c6:bb:b6:87:ab:ff:6a:89:
6c:c3:2b:4c:e3:dc:59:a7:bf:d8:39:e1:6e:ea:74:
74:56:46:27:7e:5b:bd:2f:1d:4a:4f:7a:b7:df:72:
6d:e5:83:20:cd:75:a0:bb:3a:08:5f:82:f2:6e:57:
da:67:1b:ca:34:72:68:1c:be:d4:38:4c:dc:44:41:
04:99:14:2f:d1:2c:b3:87:e1:9f:b2:f9:ff:53:6d:
ca:ce:08:53:83:ad:3e:4a:db:17:a0:71:69:d9:0a:
9d:ba:f6:ac:2c:d4:56:71:96:f5:8e:cd:89:24:16:
4b:42:5c:57:10:f5:2e:6a:4d:9b:08:d7:ff:b1:f9:
91:7f:67:f4:9f:5c:be:80:af:2e:8e:c1:f6:11:28:
be:f3:66:7c:76:de:6c:3b:78:77:93:3f:80:26:32:
9a:b1:2a:62:fe:05:9a:2c:93:15:b9:e2:34:b6:03:
ea:ea:b7:9c:fc:70:af:c1:22:77:73:e5:a4:57:1c:
cf:39:77:b2:40:da:ee:c9:47:c3:b3:13:82:02:81:
62:4b:46:5e:7c:f7:e0:85:90:11:1c:dc:d6:4c:27:
98:44:ef:64:42:f9:ec:8d:94:87:9a:8e:ea:89:05:
1a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C5:3E:99:15:32:2B:D6:49:48:9B:84:CA:27:FE:7F:12:93:02:68
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/MsU-mRUyK9ZJSJuEyif-fxKTAmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.153.0/24
45.91.225.0/24
91.204.224.0/22
194.126.215.0/24
Signature Algorithm: sha256WithRSAEncryption
52:eb:57:f1:0e:79:9b:b1:84:8b:d1:8b:48:66:e2:5b:4c:53:
41:d7:b4:28:6b:45:52:5b:d6:a4:28:60:22:63:34:e0:dc:a9:
d9:59:ff:44:2c:86:93:76:ed:3a:54:bb:16:08:bc:1f:8b:ca:
a4:33:29:49:02:29:76:cc:bb:04:dc:b4:70:ea:a3:6e:9e:33:
59:eb:24:72:ab:f3:16:a4:f7:05:62:c4:67:33:4c:27:0c:11:
d3:99:42:e9:f8:79:7f:94:92:c3:4c:99:aa:c0:af:82:8f:66:
71:a6:b6:21:2d:d2:83:80:8c:15:ad:a0:ff:30:70:76:80:51:
da:06:7e:31:a3:e8:cd:c5:b6:fc:fe:fb:7b:d8:1c:9b:ee:f6:
48:c5:b2:ad:7e:3e:5b:db:44:28:23:13:f9:c2:8d:71:51:f3:
7a:7b:e6:ae:7f:f1:8f:3e:31:0b:39:1a:50:cf:01:b2:db:0e:
08:2e:f1:e7:66:fc:65:91:cf:d0:8f:69:7e:f9:46:db:b2:07:
ff:cf:45:e9:e8:3f:bd:e2:16:3c:59:70:31:f0:8b:99:4d:82:
67:be:1c:c2:ff:f2:cb:69:8b:aa:ec:67:83:91:95:09:ba:9f:
df:ca:af:89:5b:69:3f:3e:14:5f:e0:88:4c:85:9d:45:11:e1:
f0:f2:6d:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYyMmrZ2nmcwkR7F93Qsuc5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjMxMjIxMTMzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmM1M2U5OTE1MzIyYmQ2NDk0ODliODRjYTI3ZmU3ZjEyOTMwMjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbWNsUZsryIxhCvnvMrmioMIzW5K
xru2h6v/aolswytM49xZp7/YOeFu6nR0VkYnflu9Lx1KT3q333Jt5YMgzXWguzoI
X4LyblfaZxvKNHJoHL7UOEzcREEEmRQv0Syzh+Gfsvn/U23KzghTg60+StsXoHFp
2QqduvasLNRWcZb1js2JJBZLQlxXEPUuak2bCNf/sfmRf2f0n1y+gK8ujsH2ESi+
82Z8dt5sO3h3kz+AJjKasSpi/gWaLJMVueI0tgPq6rec/HCvwSJ3c+WkVxzPOXey
QNruyUfDsxOCAoFiS0ZefPfghZARHNzWTCeYRO9kQvnsjZSHmo7qiQUa6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDLFPpkVMivWSUibhMon/n8SkwJoMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvTXNVLW1SVXlLOVpKU0p1RXlpZi1meEtUQW1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjuZAwQA
LVvhAwQCW8zgAwQAwn7XMA0GCSqGSIb3DQEBCwUAA4IBAQBS61fxDnmbsYSL0YtI
ZuJbTFNB17Qoa0VSW9akKGAiYzTg3KnZWf9ELIaTdu06VLsWCLwfi8qkMylJAil2
zLsE3LRw6qNunjNZ6yRyq/MWpPcFYsRnM0wnDBHTmULp+Hl/lJLDTJmqwK+Cj2Zx
prYhLdKDgIwVraD/MHB2gFHaBn4xo+jNxbb8/vt72Byb7vZIxbKtfj5b20QoIxP5
wo1xUfN6e+auf/GPPjELORpQzwGy2w4ILvHnZvxlkc/Qj2l++Ubbsgf/z0Xp6D+9
4hY8WXAx8IuZTYJnvhzC//LLaYuq7GeDkZUJup/fyq+JW2k/PhRf4IhMhZ1FEeHw
8m1G
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:02 2024 by rpki-client on console-ams.rpki-client.org