Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/mW-2t4YW1bv7DmqZ_J1e8rwYPHY.roa
File: mW-2t4YW1bv7DmqZ_J1e8rwYPHY.roa (raw, json)
Hash identifier: 3SNztrj51ih+C0KaCJ4WWXBH/h42EhEDODLzN0xIsMo=
Subject key identifier: 99:6F:B6:B7:86:16:D5:BB:FB:0E:6A:99:FC:9D:5E:F2:BC:18:3C:76
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01856C53D3B37B5B9697CE3A22CF230F8159
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/mW-2t4YW1bv7DmqZ_J1e8rwYPHY.roa
Signing time: Sun 01 Jan 2023 07:55:11 +0000
ROA not before: Sun 01 Jan 2023 07:55:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209737
IP address blocks: 185.254.31.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
91.194.55.0/24 maxlen: 24
193.160.141.0/24 maxlen: 24
193.160.143.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
93.190.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Nov 2023 16:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:d3:b3:7b:5b:96:97:ce:3a:22:cf:23:0f:81:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 07:55:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=996fb6b78616d5bbfb0e6a99fc9d5ef2bc183c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:1d:e1:cc:81:a7:39:76:7e:b7:4a:81:96:cc:
d1:5d:2d:6c:08:f4:dd:18:23:82:a2:6a:bb:a9:6c:
45:e7:e2:2d:fb:e1:1a:65:98:00:96:13:b1:c6:3d:
df:45:06:f4:93:17:e8:57:45:9e:e2:da:61:33:c4:
bd:11:ed:70:51:2a:87:e8:ae:26:5b:6c:8d:6c:fc:
d8:36:3a:dd:6e:63:27:5e:8e:13:a2:98:a1:4c:cf:
03:cf:37:b1:76:dc:b1:c8:c8:1d:d9:ff:ff:01:60:
c9:7a:27:07:a6:cf:5a:66:74:81:4c:1c:3b:4e:ce:
67:53:d8:5a:02:2e:5a:91:54:4f:14:11:40:20:ea:
ad:c0:eb:47:49:83:d1:24:f5:7e:f7:75:8f:c2:cc:
a8:35:66:fe:a2:e0:0b:b5:f2:ed:ee:f5:be:29:7a:
d8:f9:12:87:3c:86:19:23:e2:92:84:bd:15:62:7b:
44:f3:3c:af:11:68:06:c3:3b:4d:b0:2e:9e:1e:9d:
0b:9d:60:df:11:dc:fc:5f:f3:70:fa:e8:1a:e2:04:
da:07:08:73:29:39:9a:45:e1:15:1b:5b:fa:b0:ed:
87:26:22:ec:78:dd:c3:87:1f:1d:f0:db:3a:81:92:
5b:29:8f:20:94:cb:77:10:45:8f:e8:54:d6:c5:85:
d6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6F:B6:B7:86:16:D5:BB:FB:0E:6A:99:FC:9D:5E:F2:BC:18:3C:76
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/mW-2t4YW1bv7DmqZ_J1e8rwYPHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
93.190.12.0/24
109.236.49.0-109.236.51.255
185.86.6.0/24
185.254.31.0/24
193.160.141.0/24
193.160.143.0/24
Signature Algorithm: sha256WithRSAEncryption
71:08:43:49:3f:3d:b9:08:7f:be:ad:10:67:d5:84:b0:5b:01:
20:44:43:4a:c3:90:b2:fe:3c:28:28:71:4e:61:e9:b8:aa:35:
fe:0f:57:3a:a3:51:f1:c2:93:64:59:09:fa:c3:1a:66:42:ae:
38:67:c9:bb:b0:87:c1:4b:21:99:fd:82:db:54:49:82:d4:2f:
4d:a5:f9:ef:d6:bd:63:f7:34:bc:5e:78:34:89:71:49:ba:d0:
17:74:1e:ea:5a:28:c8:c9:4b:93:b4:05:14:7e:d3:c4:69:77:
6a:ab:91:17:8b:08:6b:52:c2:aa:cc:6b:cc:75:46:7e:11:4f:
6e:87:4e:b2:ae:8a:cb:a6:30:0f:cd:8b:19:62:a6:d8:0c:8b:
6a:85:41:23:7b:24:04:38:0d:e0:98:a8:7b:be:74:b1:4a:85:
e3:65:e1:7c:26:40:d8:03:43:36:b8:15:d0:c2:e9:b5:6c:2c:
18:5b:fa:6a:7b:15:ec:48:79:57:dc:96:30:ed:60:86:69:1e:
47:a2:b5:c1:7e:5e:0f:5c:ac:3c:a9:7d:4a:e2:fb:2a:16:c3:
82:de:f7:1b:ab:ca:5e:9a:0a:6c:88:83:1e:3e:73:a0:07:0e:
bd:8b:b5:30:50:cc:cd:c6:06:ae:95:ed:f7:b8:3b:af:c7:e8:
b4:2e:27:65
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVsU9Oze1uWl846Is8jD4FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjMwMTAxMDc1NTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZmYjZiNzg2MTZkNWJiZmIwZTZhOTlmYzlkNWVmMmJjMTgzYzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiR3hzIGnOXZ+t0qBlszRXS1sCPTd
GCOComq7qWxF5+It++EaZZgAlhOxxj3fRQb0kxfoV0We4tphM8S9Ee1wUSqH6K4m
W2yNbPzYNjrdbmMnXo4TopihTM8DzzexdtyxyMgd2f//AWDJeicHps9aZnSBTBw7
Ts5nU9haAi5akVRPFBFAIOqtwOtHSYPRJPV+93WPwsyoNWb+ouALtfLt7vW+KXrY
+RKHPIYZI+KShL0VYntE8zyvEWgGwztNsC6eHp0LnWDfEdz8X/Nw+uga4gTaBwhz
KTmaReEVG1v6sO2HJiLseN3Dhx8d8Ns6gZJbKY8glMt3EEWP6FTWxYXWeQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFJlvtreGFtW7+w5qmfydXvK8GDx2MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvbVctMnQ0WVcxYnY3RG1xWl9KMWU4cndZUEhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAW8I3AwQA
Xb4MMAwDBABt7DEDBAJt7DADBAC5VgYDBAC5/h8DBADBoI0DBADBoI8wDQYJKoZI
hvcNAQELBQADggEBAHEIQ0k/PbkIf76tEGfVhLBbASBEQ0rDkLL+PCgocU5h6biq
Nf4PVzqjUfHCk2RZCfrDGmZCrjhnybuwh8FLIZn9gttUSYLUL02l+e/WvWP3NLxe
eDSJcUm60Bd0HupaKMjJS5O0BRR+08Rpd2qrkReLCGtSwqrMa8x1Rn4RT26HTrKu
isumMA/NixliptgMi2qFQSN7JAQ4DeCYqHu+dLFKheNl4XwmQNgDQza4FdDC6bVs
LBhb+mp7FexIeVfcljDtYIZpHkeitcF+Xg9crDypfUri+yoWw4Le9xuryl6aCmyI
gx4+c6AHDr2LtTBQzM3GBq6V7fe4O6/H6LQuJ2U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org