Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/msQkjqb-u47k5dcVBxcqw4dxf_A.roa
File: msQkjqb-u47k5dcVBxcqw4dxf_A.roa (raw, json)
Hash identifier: tHQFK8/EWP5K0kPDRQGwRSaYnuDmcGGOA2SCN3Ui8XI=
Subject key identifier: 9A:C4:24:8E:A6:FE:BB:8E:E4:E5:D7:15:07:17:2A:C3:87:71:7F:F0
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018C80C1FC04414E8AB277737AC4A39EB043
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/msQkjqb-u47k5dcVBxcqw4dxf_A.roa
Signing time: Tue 19 Dec 2023 06:27:25 +0000
ROA not before: Tue 19 Dec 2023 06:27:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211090
IP address blocks: 185.253.76.0/24 maxlen: 24
185.253.77.0/24 maxlen: 24
185.253.78.0/24 maxlen: 24
91.239.119.0/24 maxlen: 24
2a10:f1c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:80:c1:fc:04:41:4e:8a:b2:77:73:7a:c4:a3:9e:b0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Dec 19 06:27:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ac4248ea6febb8ee4e5d71507172ac387717ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d9:00:a4:bc:e4:7d:98:87:80:35:2f:23:5d:
69:87:95:0d:1b:3b:c8:5b:28:4e:f8:33:27:3a:4b:
3f:a6:51:5c:86:3d:75:2d:93:5f:49:19:3c:19:45:
09:cc:af:c1:97:07:03:00:92:85:dd:26:93:66:7f:
26:96:de:72:4c:88:4b:a9:3c:a8:e3:72:52:21:ec:
35:86:57:ed:1f:39:b1:52:94:fa:e3:47:b5:2c:b9:
af:55:a2:2c:74:ea:11:00:5e:82:5b:95:e9:77:ff:
32:27:17:da:35:92:fe:ab:b8:71:1e:f7:a3:a6:9a:
f2:9c:10:60:ab:7b:dc:c6:ec:01:14:91:f2:00:8e:
ac:08:3b:c0:83:fd:29:99:05:d8:81:10:0f:45:64:
ff:f2:53:21:2e:21:40:5c:44:77:c7:87:ac:e2:9f:
05:2a:7a:ad:57:ba:0c:0a:1a:45:08:3b:33:a6:c0:
1c:ed:98:fa:e0:ef:d4:1c:ed:38:94:bb:f6:ab:19:
bf:53:08:21:e9:fc:36:e3:e2:bc:8b:1a:c0:d9:55:
ca:68:c8:ca:ca:02:c9:df:29:5b:59:b9:ca:ba:d4:
df:91:3c:21:cc:20:e3:f7:dd:77:f9:e9:64:39:3c:
71:1e:8e:d3:1b:da:98:74:95:a9:a9:42:79:ab:04:
3c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C4:24:8E:A6:FE:BB:8E:E4:E5:D7:15:07:17:2A:C3:87:71:7F:F0
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/msQkjqb-u47k5dcVBxcqw4dxf_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.119.0/24
185.253.76.0-185.253.78.255
IPv6:
2a10:f1c0::/48
Signature Algorithm: sha256WithRSAEncryption
89:72:b7:16:78:b1:d2:d0:b7:74:e3:01:f6:d7:2f:48:00:b8:
76:a1:5b:86:ce:ff:50:9a:6c:95:6d:42:00:da:09:a3:09:16:
ea:39:af:fe:a3:7f:d3:ff:86:20:3c:1f:3a:7d:7b:36:28:7f:
1d:a3:41:24:7d:b0:fb:39:45:92:7d:17:57:87:ea:b0:31:be:
d5:c6:ea:de:d4:01:0d:a7:fe:f0:f9:a8:a6:aa:a2:2a:cd:09:
21:24:08:09:73:17:8e:bf:03:8f:fb:c2:f5:de:ed:f2:7e:56:
fd:7a:89:5c:fc:f5:c3:51:29:76:63:14:cb:54:52:69:9d:c4:
4a:7a:de:c8:48:25:8e:53:75:3b:39:24:6a:fd:70:61:03:69:
53:1a:f7:c4:96:70:7b:15:c3:a3:f2:a4:0c:e0:9f:17:2f:a0:
b9:cf:03:13:64:5e:fa:78:c6:92:77:ce:4f:04:13:ee:fc:a8:
f5:d5:23:f0:9d:e6:37:c0:1b:87:ce:4b:49:12:03:ef:84:b5:
d9:8b:b6:f5:01:26:6c:80:65:ed:ae:0a:4d:60:dc:88:c0:31:
20:0a:7b:df:cc:3e:6f:27:01:99:75:f1:f3:61:7f:6f:97:72:
0d:24:cf:44:a1:98:c0:c1:f8:f3:1c:56:16:0a:ad:ad:bf:16:
12:1d:ab:61
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYyAwfwEQU6KsndzesSjnrBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMxMjE5MDYyNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM0MjQ4ZWE2ZmViYjhlZTRlNWQ3MTUwNzE3MmFjMzg3NzE3ZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdkApLzkfZiHgDUvI11ph5UNGzvI
WyhO+DMnOks/plFchj11LZNfSRk8GUUJzK/BlwcDAJKF3SaTZn8mlt5yTIhLqTyo
43JSIew1hlftHzmxUpT640e1LLmvVaIsdOoRAF6CW5Xpd/8yJxfaNZL+q7hxHvej
pprynBBgq3vcxuwBFJHyAI6sCDvAg/0pmQXYgRAPRWT/8lMhLiFAXER3x4es4p8F
KnqtV7oMChpFCDszpsAc7Zj64O/UHO04lLv2qxm/Uwgh6fw24+K8ixrA2VXKaMjK
ygLJ3ylbWbnKutTfkTwhzCDj9913+elkOTxxHo7TG9qYdJWpqUJ5qwQ8mwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJrEJI6m/ruO5OXXFQcXKsOHcX/wMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvbXNRa2pxYi11NDdrNWRjVkJ4Y3F3NGR4Zl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAW+93MAwD
BAK5/UwDBAC5/U4wDwQCAAIwCQMHACoQ8cAAADANBgkqhkiG9w0BAQsFAAOCAQEA
iXK3Fnix0tC3dOMB9tcvSAC4dqFbhs7/UJpslW1CANoJowkW6jmv/qN/0/+GIDwf
On17Nih/HaNBJH2w+zlFkn0XV4fqsDG+1cbq3tQBDaf+8PmopqqiKs0JISQICXMX
jr8Dj/vC9d7t8n5W/XqJXPz1w1EpdmMUy1RSaZ3ESnreyEgljlN1Ozkkav1wYQNp
Uxr3xJZwexXDo/KkDOCfFy+guc8DE2Re+njGknfOTwQT7vyo9dUj8J3mN8Abh85L
SRID74S12Yu29QEmbIBl7a4KTWDciMAxIAp738w+bycBmXXx82F/b5dyDSTPRKGY
wMH48xxWFgqtrb8WEh2rYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:51 2024 by rpki-client on console-ams.rpki-client.org