Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/ML6LuvXs66OtMZaYcRSMxJHH5n0.roa
File: ML6LuvXs66OtMZaYcRSMxJHH5n0.roa (raw, json)
Hash identifier: pTOjRG/jH190J33PNEYg5g2qiZD8HUNmzjE6HPFj26Q=
Subject key identifier: 30:BE:8B:BA:F5:EC:EB:A3:AD:31:96:98:71:14:8C:C4:91:C7:E6:7D
Certificate issuer: /CN=63926fcff81bb91a6a71ae5e8935ab4daae53744
Certificate serial: 018A17F150014119E17EF59F94582DEAB404
Authority key identifier: 63:92:6F:CF:F8:1B:B9:1A:6A:71:AE:5E:89:35:AB:4D:AA:E5:37:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/ML6LuvXs66OtMZaYcRSMxJHH5n0.roa
Signing time: Mon 21 Aug 2023 11:53:25 +0000
ROA not before: Mon 21 Aug 2023 11:53:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41853
IP address blocks: 91.102.152.0/21 maxlen: 24
91.102.158.0/24 maxlen: 24
91.102.155.0/24 maxlen: 24
91.102.154.0/24 maxlen: 24
93.189.40.0/21 maxlen: 24
2a00:5820::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:30:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:f1:50:01:41:19:e1:7e:f5:9f:94:58:2d:ea:b4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63926fcff81bb91a6a71ae5e8935ab4daae53744
Validity
Not Before: Aug 21 11:53:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30be8bbaf5eceba3ad31969871148cc491c7e67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:74:38:eb:95:2c:32:6f:58:03:33:d8:08:8e:
08:0c:3f:f9:a2:f7:9a:98:29:b7:7e:4a:34:46:fc:
99:92:24:fa:35:4c:6b:06:07:39:6a:4b:71:14:79:
4e:0d:9a:bf:04:c1:d8:d6:6c:c9:f6:62:2f:11:9c:
76:20:88:92:59:ad:c7:3d:c3:33:1e:70:e2:05:93:
66:f8:a8:74:3d:1c:7d:c9:7b:79:7a:80:e1:b8:80:
b4:04:6e:5b:86:9c:00:5e:5c:2d:a8:eb:30:0f:c2:
55:db:45:98:ff:f4:86:fb:71:39:90:ac:2d:0e:30:
7b:f6:91:8c:50:f1:d6:1f:ae:c1:c7:8d:59:40:34:
ad:71:5e:62:ef:6c:c9:00:a3:3c:c7:23:64:a9:49:
d9:8e:99:cb:8d:38:9a:43:85:37:28:21:9d:f2:50:
23:32:5d:92:d8:a3:94:86:e2:ff:88:81:92:db:dc:
1d:99:59:09:c9:06:78:2a:21:1b:e3:0c:9d:08:66:
6d:fa:7f:7e:47:1f:e3:d3:4c:80:02:60:8a:1f:7d:
57:89:04:9c:e0:d0:8c:c0:d7:b4:db:af:4b:ea:2b:
8f:f9:f4:ca:28:a3:e9:89:db:e5:34:23:08:76:83:
a1:d4:a5:0c:2e:4e:31:ab:d4:7b:1a:ab:13:14:25:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:BE:8B:BA:F5:EC:EB:A3:AD:31:96:98:71:14:8C:C4:91:C7:E6:7D
X509v3 Authority Key Identifier:
keyid:63:92:6F:CF:F8:1B:B9:1A:6A:71:AE:5E:89:35:AB:4D:AA:E5:37:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/ML6LuvXs66OtMZaYcRSMxJHH5n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/e04fc4-2c6e-4af7-939e-048391f8db9c/1/Y5Jvz_gbuRpqca5eiTWrTarlN0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.152.0/21
93.189.40.0/21
IPv6:
2a00:5820::/32
Signature Algorithm: sha256WithRSAEncryption
40:a0:fa:61:99:39:56:bf:8b:24:46:8c:cf:22:9e:2f:6c:73:
1f:e0:dc:52:97:a1:0a:72:f9:0b:1e:89:63:66:34:3e:21:44:
10:09:c3:97:4a:48:50:d4:80:7e:a8:9b:6f:0c:a7:77:48:b2:
c8:b9:17:68:3e:c0:43:eb:05:41:e3:fa:07:f8:b3:93:73:17:
ba:b4:e5:13:07:82:a4:08:76:8b:15:a1:40:b6:ee:f1:e2:2d:
7d:13:95:a8:04:23:fe:63:27:22:1a:6f:0c:33:9b:a7:7a:dc:
98:f0:b0:1a:cb:05:4d:c9:c0:18:1c:b3:d9:7b:3f:ec:50:50:
4b:65:0c:8d:5c:5a:3d:cf:4b:cc:e8:ec:6c:ab:4d:28:bc:09:
0c:24:dd:7a:65:db:23:e7:3e:f0:a7:fa:69:22:c5:9d:3e:5b:
aa:64:16:3a:aa:7a:bf:02:cf:c2:24:9b:1f:5e:31:08:d7:ef:
ae:46:3d:81:0b:a7:b9:79:d5:75:72:77:ac:d2:d6:6f:95:fb:
fc:83:25:63:29:27:83:b9:34:2d:4b:8f:4b:36:7a:25:78:b7:
a4:b6:73:ff:84:3a:af:3f:d4:a6:5e:b7:c9:5d:e6:aa:5b:56:
9a:72:62:69:ac:89:98:50:15:df:a3:e8:37:59:49:04:a5:8d:
7f:16:7f:9e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYoX8VABQRnhfvWflFgt6rQEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOTI2ZmNmZjgxYmI5MWE2YTcxYWU1ZTg5MzVhYjRkYWFl
NTM3NDQwHhcNMjMwODIxMTE1MzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGJlOGJiYWY1ZWNlYmEzYWQzMTk2OTg3MTE0OGNjNDkxYzdlNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnQ465UsMm9YAzPYCI4IDD/5ovea
mCm3fko0RvyZkiT6NUxrBgc5aktxFHlODZq/BMHY1mzJ9mIvEZx2IIiSWa3HPcMz
HnDiBZNm+Kh0PRx9yXt5eoDhuIC0BG5bhpwAXlwtqOswD8JV20WY//SG+3E5kKwt
DjB79pGMUPHWH67Bx41ZQDStcV5i72zJAKM8xyNkqUnZjpnLjTiaQ4U3KCGd8lAj
Ml2S2KOUhuL/iIGS29wdmVkJyQZ4KiEb4wydCGZt+n9+Rx/j00yAAmCKH31XiQSc
4NCMwNe0269L6iuP+fTKKKPpidvlNCMIdoOh1KUMLk4xq9R7GqsTFCUf8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDC+i7r17OujrTGWmHEUjMSRx+Z9MB8GA1UdIwQY
MBaAFGOSb8/4G7kaanGuXok1q02q5TdEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTVKdnpfZ2J1UnBxY2E1ZWlUV3JUYXJsTjBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9lMDRmYzQtMmM2ZS00YWY3LTkzOWUt
MDQ4MzkxZjhkYjljLzEvTUw2THV2WHM2Nk90TVphWWNSU014SkhINW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9lMDRmYzQtMmM2ZS00YWY3LTkzOWUtMDQ4MzkxZjhkYjlj
LzEvWTVKdnpfZ2J1UnBxY2E1ZWlUV3JUYXJsTjBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW2aYAwQD
Xb0oMA0EAgACMAcDBQAqAFggMA0GCSqGSIb3DQEBCwUAA4IBAQBAoPphmTlWv4sk
RozPIp4vbHMf4NxSl6EKcvkLHoljZjQ+IUQQCcOXSkhQ1IB+qJtvDKd3SLLIuRdo
PsBD6wVB4/oH+LOTcxe6tOUTB4KkCHaLFaFAtu7x4i19E5WoBCP+YyciGm8MM5un
etyY8LAaywVNycAYHLPZez/sUFBLZQyNXFo9z0vM6Oxsq00ovAkMJN16Zdsj5z7w
p/ppIsWdPluqZBY6qnq/As/CJJsfXjEI1++uRj2BC6e5edV1cnes0tZvlfv8gyVj
KSeDuTQtS49LNnoleLektnP/hDqvP9SmXrfJXeaqW1aacmJprImYUBXfo+g3WUkE
pY1/Fn+e
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:23 2024 by rpki-client on console-fra.rpki-client.org