Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/mb_E6Sxhy5mCRGCssrBpnmImzEI.roa
File: mb_E6Sxhy5mCRGCssrBpnmImzEI.roa (raw, json)
Hash identifier: bM6EYW1AfdAyO3+kw914sGTitJ/n9pfoGR0RTcK2uu4=
Subject key identifier: 99:BF:C4:E9:2C:61:CB:99:82:44:60:AC:B2:B0:69:9E:62:26:CC:42
Certificate issuer: /CN=5847f1f4f6bcb2a4758ac8a997bc108000e418d1
Certificate serial: 018B5F1B71E095BB10431241C8A20833E8AA
Authority key identifier: 58:47:F1:F4:F6:BC:B2:A4:75:8A:C8:A9:97:BC:10:80:00:E4:18:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WEfx9Pa8sqR1isipl7wQgADkGNE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/mb_E6Sxhy5mCRGCssrBpnmImzEI.roa
Signing time: Tue 24 Oct 2023 00:35:15 +0000
ROA not before: Tue 24 Oct 2023 00:35:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198346
IP address blocks: 91.222.54.0/24 maxlen: 24
91.222.55.0/24 maxlen: 24
91.222.52.0/24 maxlen: 24
91.222.53.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5f:1b:71:e0:95:bb:10:43:12:41:c8:a2:08:33:e8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5847f1f4f6bcb2a4758ac8a997bc108000e418d1
Validity
Not Before: Oct 24 00:35:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99bfc4e92c61cb99824460acb2b0699e6226cc42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ed:24:c2:22:d0:4b:54:ec:4e:72:ac:e8:c2:
cf:b2:b1:a5:55:b8:2a:98:42:cc:97:78:93:c9:1d:
71:b8:13:b4:0a:39:c9:7f:09:96:d6:32:9b:b1:65:
b3:a2:69:86:3e:f9:79:77:32:51:7f:d8:d3:a8:b0:
5e:d8:ce:cd:df:10:37:d4:49:59:f9:94:c1:4e:5d:
46:a9:fb:dc:fb:1a:27:ec:8a:13:74:86:86:5d:20:
34:78:68:86:72:64:00:c6:c9:d9:d0:19:ff:d5:f3:
39:0f:ca:e1:ee:8d:39:ac:56:a5:84:42:84:39:5f:
6e:d0:14:f8:e0:74:aa:4c:28:55:1a:ef:93:d0:a7:
6f:42:34:4c:3c:53:90:a0:46:24:57:09:29:af:9a:
6f:e3:66:ec:95:34:a8:50:9a:a2:45:d3:91:11:ae:
b4:ce:b5:e1:ae:09:2c:ad:72:f2:c0:b0:c4:f0:0d:
4e:e4:87:5d:8d:ab:4c:c4:36:9c:5f:83:22:b4:5b:
c2:14:9f:dd:56:4a:cb:48:b5:42:87:98:94:60:1b:
82:48:c6:bb:74:80:c5:1f:3c:ac:2e:82:eb:b5:4a:
fb:3b:88:a5:7e:72:08:25:17:ec:46:1a:ab:b1:3f:
ca:47:06:45:66:f3:69:a4:ce:8a:45:15:46:70:99:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:BF:C4:E9:2C:61:CB:99:82:44:60:AC:B2:B0:69:9E:62:26:CC:42
X509v3 Authority Key Identifier:
keyid:58:47:F1:F4:F6:BC:B2:A4:75:8A:C8:A9:97:BC:10:80:00:E4:18:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WEfx9Pa8sqR1isipl7wQgADkGNE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/mb_E6Sxhy5mCRGCssrBpnmImzEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/38006f-fbfc-48aa-85ef-065bc28c2a52/1/WEfx9Pa8sqR1isipl7wQgADkGNE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.52.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:42:60:23:77:3c:8e:29:b7:5b:ee:e7:1c:a0:f6:df:25:e9:
5d:4e:fe:1f:69:91:3a:6e:a4:95:96:85:08:17:e9:2f:76:1e:
3e:35:ee:b1:62:83:9d:0e:78:f5:25:2d:22:e1:3b:e0:36:14:
08:2f:c2:ea:79:ba:1e:25:64:68:d3:db:50:b3:42:7d:1f:cd:
f2:5b:f6:a6:99:76:ec:6f:1a:ac:7e:31:9c:73:07:e7:f6:ab:
7d:d7:ec:a3:ba:15:3f:1d:de:0f:d0:d7:4b:dd:29:81:82:52:
8b:de:b8:44:d3:a2:d1:c5:02:ae:58:c2:fe:cb:c4:05:ba:a6:
64:15:8a:34:86:ed:b4:25:fd:6e:b2:10:4e:e6:72:d7:51:1e:
5e:5e:89:d7:f4:7b:74:b6:b8:1e:9f:a7:35:ed:9e:58:0d:93:
ab:b9:4c:e9:04:b5:8b:e6:a1:11:d4:b3:53:f7:ef:06:c6:d2:
8f:e5:8e:b8:16:67:fe:99:f9:f7:9d:dc:db:5e:87:6c:27:81:
e5:91:bb:bc:bf:2a:ca:bb:0b:38:5c:fb:aa:8e:b8:b8:b0:07:
1e:1e:d5:58:f6:cc:8b:0d:75:00:5b:4e:22:b3:99:ce:b6:00:
16:78:89:a1:e5:7a:41:7c:a6:b7:a5:6b:fe:c5:3b:8d:4d:ba:
b2:c4:90:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtfG3HglbsQQxJByKIIM+iqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NDdmMWY0ZjZiY2IyYTQ3NThhYzhhOTk3YmMxMDgwMDBl
NDE4ZDEwHhcNMjMxMDI0MDAzNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWJmYzRlOTJjNjFjYjk5ODI0NDYwYWNiMmIwNjk5ZTYyMjZjYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO0kwiLQS1TsTnKs6MLPsrGlVbgq
mELMl3iTyR1xuBO0CjnJfwmW1jKbsWWzommGPvl5dzJRf9jTqLBe2M7N3xA31ElZ
+ZTBTl1Gqfvc+xon7IoTdIaGXSA0eGiGcmQAxsnZ0Bn/1fM5D8rh7o05rFalhEKE
OV9u0BT44HSqTChVGu+T0KdvQjRMPFOQoEYkVwkpr5pv42bslTSoUJqiRdOREa60
zrXhrgksrXLywLDE8A1O5IddjatMxDacX4MitFvCFJ/dVkrLSLVCh5iUYBuCSMa7
dIDFHzysLoLrtUr7O4ilfnIIJRfsRhqrsT/KRwZFZvNppM6KRRVGcJn0kwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJm/xOksYcuZgkRgrLKwaZ5iJsxCMB8GA1UdIwQY
MBaAFFhH8fT2vLKkdYrIqZe8EIAA5BjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0VmeDlQYThzcVIxaXNpcGw3d1FnQURrR05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8zODAwNmYtZmJmYy00OGFhLTg1ZWYt
MDY1YmMyOGMyYTUyLzEvbWJfRTZTeGh5NW1DUkdDc3NyQnBubUltekVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8zODAwNmYtZmJmYy00OGFhLTg1ZWYtMDY1YmMyOGMyYTUy
LzEvV0VmeDlQYThzcVIxaXNpcGw3d1FnQURrR05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW940MA0G
CSqGSIb3DQEBCwUAA4IBAQAfQmAjdzyOKbdb7uccoPbfJeldTv4faZE6bqSVloUI
F+kvdh4+Ne6xYoOdDnj1JS0i4TvgNhQIL8LqeboeJWRo09tQs0J9H83yW/ammXbs
bxqsfjGccwfn9qt91+yjuhU/Hd4P0NdL3SmBglKL3rhE06LRxQKuWML+y8QFuqZk
FYo0hu20Jf1ushBO5nLXUR5eXonX9Ht0trgen6c17Z5YDZOruUzpBLWL5qER1LNT
9+8GxtKP5Y64Fmf+mfn3ndzbXodsJ4Hlkbu8vyrKuws4XPuqjri4sAceHtVY9syL
DXUAW04is5nOtgAWeImh5XpBfKa3pWv+xTuNTbqyxJCv
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:41 2024 by rpki-client on console-fra.rpki-client.org