Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MdR8cJ7UGI9ae7lbYXxHS2Ox9r0.roa
File: MdR8cJ7UGI9ae7lbYXxHS2Ox9r0.roa (raw, json)
Hash identifier: L9q25WOwMuWFHCHANQelOO3RSy6+jF9dkwzuJMpogj0=
Subject key identifier: 31:D4:7C:70:9E:D4:18:8F:5A:7B:B9:5B:61:7C:47:4B:63:B1:F6:BD
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018CB595BC7B2E9F136C705E21006FF46EDD
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MdR8cJ7UGI9ae7lbYXxHS2Ox9r0.roa
Signing time: Fri 29 Dec 2023 12:38:58 +0000
ROA not before: Fri 29 Dec 2023 12:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216127
IP address blocks: 193.37.71.0/24 maxlen: 24
80.66.87.0/24 maxlen: 24
87.251.87.0/24 maxlen: 24
87.251.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b5:95:bc:7b:2e:9f:13:6c:70:5e:21:00:6f:f4:6e:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Dec 29 12:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31d47c709ed4188f5a7bb95b617c474b63b1f6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:86:60:90:c8:24:47:2b:44:49:fc:d1:88:58:
0c:1e:57:84:c6:59:37:5f:96:d0:2a:7c:17:78:8e:
53:94:18:14:77:db:84:33:7f:e0:59:3d:e6:35:10:
25:69:e8:42:d1:0d:7a:6b:fe:0a:77:31:96:31:02:
ea:49:3e:4a:15:5f:87:84:33:50:1a:aa:db:25:b5:
84:31:0e:14:ee:73:20:f8:6a:1c:bc:13:3b:d6:db:
9c:6b:6b:5e:e8:e6:25:95:dc:c2:72:86:15:ea:c7:
e2:74:95:d5:71:3a:a6:75:f3:0c:dd:51:01:95:c4:
d7:d8:15:bb:9c:31:b0:c0:cf:a5:c0:2a:e5:28:48:
88:cc:f4:6e:91:53:e0:89:7b:2e:96:fe:ae:94:a4:
0b:fb:66:67:ce:01:0a:88:c4:7c:2b:37:66:49:92:
02:c2:75:68:69:2a:a0:d7:34:e9:0f:e5:1b:ec:30:
1a:ce:2d:ba:11:bb:82:ce:7c:0c:97:b8:a1:c9:1d:
53:7b:53:94:6b:8a:44:43:b9:d1:f4:77:80:e2:f4:
41:dd:49:6f:65:e7:d9:a0:78:f2:4a:45:b0:1a:15:
9c:9f:f4:97:27:8c:84:a0:e9:ab:7c:69:e5:9b:2e:
24:d4:17:b3:7e:64:1c:4f:fa:0b:7e:5b:a5:86:8b:
6d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D4:7C:70:9E:D4:18:8F:5A:7B:B9:5B:61:7C:47:4B:63:B1:F6:BD
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MdR8cJ7UGI9ae7lbYXxHS2Ox9r0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.87.0/24
87.251.86.0/23
193.37.71.0/24
Signature Algorithm: sha256WithRSAEncryption
26:47:54:1f:96:02:4b:3c:89:16:4b:d6:a2:fb:17:66:38:ea:
92:60:ef:58:8f:8f:0d:c2:fb:1e:db:3a:0f:fe:fc:67:5d:05:
e5:00:f2:69:d0:f6:64:ff:e6:06:a7:00:83:b3:f1:b6:f6:22:
7a:60:29:39:42:78:c4:0d:3a:c1:c3:2d:c3:ae:60:18:58:d6:
e8:1f:1d:30:e7:52:a3:08:2b:23:44:29:68:e6:17:1b:21:f7:
31:76:5f:60:92:e3:18:ad:76:d3:12:f1:ff:13:c8:43:98:e9:
8f:4f:6a:75:56:5b:29:ca:19:7c:2d:2b:2f:38:3e:25:08:c9:
c3:15:ba:2c:76:fb:78:77:ed:b1:a0:c2:70:4b:06:dc:8c:50:
41:28:d6:2e:6f:3a:9a:8c:d8:5d:d0:2a:85:49:d7:c5:4a:f8:
77:82:0c:06:94:e2:8f:04:f4:9c:9f:e8:cf:90:b4:c7:a0:31:
d2:36:1b:1a:22:aa:2a:66:8c:74:ac:2a:6b:bf:01:6e:4c:2d:
36:08:4b:36:a3:b2:95:87:a4:b6:4a:23:fa:e9:0e:ef:52:b2:
bc:35:56:b7:8f:c7:6c:d6:69:d8:ad:4f:71:19:d3:91:3d:e1:
e5:ce:6a:20:40:61:3d:45:f7:4f:79:5f:00:d4:46:7c:e4:3b:
c0:f6:e6:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYy1lbx7Lp8TbHBeIQBv9G7dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjMxMjI5MTIzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWQ0N2M3MDllZDQxODhmNWE3YmI5NWI2MTdjNDc0YjYzYjFmNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4ZgkMgkRytESfzRiFgMHleExlk3
X5bQKnwXeI5TlBgUd9uEM3/gWT3mNRAlaehC0Q16a/4KdzGWMQLqST5KFV+HhDNQ
GqrbJbWEMQ4U7nMg+GocvBM71tuca2te6OYlldzCcoYV6sfidJXVcTqmdfMM3VEB
lcTX2BW7nDGwwM+lwCrlKEiIzPRukVPgiXsulv6ulKQL+2ZnzgEKiMR8KzdmSZIC
wnVoaSqg1zTpD+Ub7DAazi26EbuCznwMl7ihyR1Te1OUa4pEQ7nR9HeA4vRB3Ulv
ZefZoHjySkWwGhWcn/SXJ4yEoOmrfGnlmy4k1BezfmQcT/oLflulhottZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDHUfHCe1BiPWnu5W2F8R0tjsfa9MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvTWRSOGNKN1VHSTlhZTdsYllYeEhTMk94OXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEJXAwQB
V/tWAwQAwSVHMA0GCSqGSIb3DQEBCwUAA4IBAQAmR1QflgJLPIkWS9ai+xdmOOqS
YO9Yj48Nwvse2zoP/vxnXQXlAPJp0PZk/+YGpwCDs/G29iJ6YCk5QnjEDTrBwy3D
rmAYWNboHx0w51KjCCsjRClo5hcbIfcxdl9gkuMYrXbTEvH/E8hDmOmPT2p1Vlsp
yhl8LSsvOD4lCMnDFbosdvt4d+2xoMJwSwbcjFBBKNYubzqajNhd0CqFSdfFSvh3
ggwGlOKPBPScn+jPkLTHoDHSNhsaIqoqZox0rCprvwFuTC02CEs2o7KVh6S2SiP6
6Q7vUrK8NVa3j8ds1mnYrU9xGdORPeHlzmogQGE9RfdPeV8A1EZ85DvA9ua4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:50 2024 by rpki-client on console-ams.rpki-client.org