Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa
File: MXJkAl7CZxw2HIkk7Lfpxz65lno.roa (raw, json)
Hash identifier: txhJVXXbfjrgMEk4iOGMD61oF4qzre9F4uU1Gp8oepo=
Subject key identifier: 31:72:64:02:5E:C2:67:1C:36:1C:89:24:EC:B7:E9:C7:3E:B9:96:7A
Certificate issuer: /CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Certificate serial: 01856F66FA10446A1A7627B19946038EC861
Authority key identifier: 5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa
Signing time: Sun 01 Jan 2023 22:14:57 +0000
ROA not before: Sun 01 Jan 2023 22:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209834
IP address blocks: 176.53.188.0/22 maxlen: 24
2a09:e100::/29 maxlen: 33
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:fa:10:44:6a:1a:76:27:b1:99:46:03:8e:c8:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1d4060fd501ebae93ed44da6b7a79e66705b2f
Validity
Not Before: Jan 1 22:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317264025ec2671c361c8924ecb7e9c73eb9967a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6d:8d:03:12:0a:84:a5:8f:f8:ad:65:5e:8a:
87:33:4a:10:9c:7e:f9:9b:b5:2b:d6:6f:81:df:97:
be:0a:aa:ae:7a:80:54:02:62:0d:bd:67:13:d8:5a:
84:15:ea:b8:7e:36:34:76:8b:6c:54:1b:33:18:de:
27:25:63:90:c6:37:36:16:43:2c:44:0a:5d:97:41:
54:50:5f:4a:b9:67:81:9e:ef:54:84:22:fb:b7:2b:
c4:4b:d7:6b:2f:c5:d3:11:e1:0c:5a:70:d5:e3:3f:
35:78:2a:85:f3:c7:2f:29:94:c0:0d:fb:bb:08:00:
13:04:1c:79:cc:bb:d9:46:91:a7:0c:77:7c:ce:9f:
fb:91:74:a0:1a:e8:4b:b3:42:b8:0f:74:96:c3:5e:
c5:51:63:a2:9c:4a:fb:59:48:7c:9d:47:8c:cf:be:
b4:07:9e:23:bd:39:f9:a9:73:7f:b9:3e:87:f6:58:
ac:11:41:64:cd:a9:2d:73:64:3d:57:2e:fa:97:11:
ce:99:a2:32:8e:63:81:56:1b:e1:59:b4:12:3a:e7:
b3:a7:ae:82:83:ed:05:fb:fd:2e:bf:24:5c:c1:ab:
eb:01:a9:9a:4f:fd:57:2d:b9:45:a7:33:51:67:77:
e2:e4:0e:f0:ec:e5:10:b9:9a:55:87:98:c2:03:c5:
d4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:72:64:02:5E:C2:67:1C:36:1C:89:24:EC:B7:E9:C7:3E:B9:96:7A
X509v3 Authority Key Identifier:
keyid:5E:1D:40:60:FD:50:1E:BA:E9:3E:D4:4D:A6:B7:A7:9E:66:70:5B:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xh1AYP1QHrrpPtRNprennmZwWy8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/MXJkAl7CZxw2HIkk7Lfpxz65lno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/a70a84-f552-4354-a104-0e1db98ad231/1/Xh1AYP1QHrrpPtRNprennmZwWy8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.188.0/22
IPv6:
2a09:e100::/29
Signature Algorithm: sha256WithRSAEncryption
75:12:3d:0e:e7:1f:b5:d1:82:1b:8f:00:5a:d5:60:98:76:3b:
42:c1:9a:c2:ac:98:15:3c:9d:93:f5:41:89:bb:3f:ae:7c:34:
1a:4c:7f:79:c7:5a:7b:37:b6:84:ed:b7:10:f2:cc:81:13:e2:
22:44:85:a5:a8:40:e9:c5:1b:e3:c0:7b:58:cb:9b:36:4f:b1:
a1:98:e9:16:93:b5:e0:10:68:75:b9:2b:8f:6d:76:9c:e4:9e:
65:f8:11:40:f9:99:ac:e0:bc:92:da:a8:b4:a7:fd:3f:43:12:
ee:a7:88:8b:18:cc:8d:e2:b2:77:74:0a:a1:ee:f2:1b:a6:2b:
46:fd:3c:10:66:35:4f:f4:9f:f8:f5:5d:ff:20:c4:e4:a6:1b:
46:54:0e:22:b5:9c:33:e9:b1:f7:bc:6b:b7:fb:6e:57:b3:ee:
ca:0e:e2:99:b8:2d:d4:e2:04:19:89:14:94:9b:7b:5e:7a:eb:
6e:04:4c:2e:10:5c:f4:58:6b:7b:9c:29:af:16:ce:37:6f:5a:
b4:14:96:2c:cc:05:8f:24:c3:72:fc:0d:0a:79:52:66:ca:92:
07:e0:53:68:a0:53:59:a0:fd:45:9c:65:8e:34:20:af:5f:cc:
2a:03:4e:57:a7:45:22:3d:f7:ad:b0:39:d6:b0:cd:88:b4:ab:
72:8a:f9:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvZvoQRGoadiexmUYDjshhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWQ0MDYwZmQ1MDFlYmFlOTNlZDQ0ZGE2YjdhNzllNjY3
MDViMmYwHhcNMjMwMTAxMjIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTcyNjQwMjVlYzI2NzFjMzYxYzg5MjRlY2I3ZTljNzNlYjk5NjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm2NAxIKhKWP+K1lXoqHM0oQnH75
m7Ur1m+B35e+CqqueoBUAmINvWcT2FqEFeq4fjY0dotsVBszGN4nJWOQxjc2FkMs
RApdl0FUUF9KuWeBnu9UhCL7tyvES9drL8XTEeEMWnDV4z81eCqF88cvKZTADfu7
CAATBBx5zLvZRpGnDHd8zp/7kXSgGuhLs0K4D3SWw17FUWOinEr7WUh8nUeMz760
B54jvTn5qXN/uT6H9lisEUFkzaktc2Q9Vy76lxHOmaIyjmOBVhvhWbQSOuezp66C
g+0F+/0uvyRcwavrAamaT/1XLblFpzNRZ3fi5A7w7OUQuZpVh5jCA8XU2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDFyZAJewmccNhyJJOy36cc+uZZ6MB8GA1UdIwQY
MBaAFF4dQGD9UB666T7UTaa3p55mcFsvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQt
MGUxZGI5OGFkMjMxLzEvTVhKa0FsN0NaeHcySElrazdMZnB4ejY1bG5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9hNzBhODQtZjU1Mi00MzU0LWExMDQtMGUxZGI5OGFkMjMx
LzEvWGgxQVlQMVFIcnJwUHRSTnByZW5ubVp3V3k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCsDW8MA0E
AgACMAcDBQMqCeEAMA0GCSqGSIb3DQEBCwUAA4IBAQB1Ej0O5x+10YIbjwBa1WCY
djtCwZrCrJgVPJ2T9UGJuz+ufDQaTH95x1p7N7aE7bcQ8syBE+IiRIWlqEDpxRvj
wHtYy5s2T7GhmOkWk7XgEGh1uSuPbXac5J5l+BFA+Zms4LyS2qi0p/0/QxLup4iL
GMyN4rJ3dAqh7vIbpitG/TwQZjVP9J/49V3/IMTkphtGVA4itZwz6bH3vGu3+25X
s+7KDuKZuC3U4gQZiRSUm3teeutuBEwuEFz0WGt7nCmvFs43b1q0FJYszAWPJMNy
/A0KeVJmypIH4FNooFNZoP1FnGWONCCvX8wqA05Xp0UiPfetsDnWsM2ItKtyivmP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:12 2024 by rpki-client on console-fra.rpki-client.org