Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MSI4NR28WR51rtbKGEn_MxiFECo.roa
File: MSI4NR28WR51rtbKGEn_MxiFECo.roa (raw, json)
Hash identifier: dKgYTQXWHC9Rte4PmD25prA9FnmGJ0hqYbOIr4SNyc0=
Subject key identifier: 31:22:38:35:1D:BC:59:1E:75:AE:D6:CA:18:49:FF:33:18:85:10:2A
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0187E36B7767E868ECE852780F619552D4C7
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MSI4NR28WR51rtbKGEn_MxiFECo.roa
Signing time: Wed 03 May 2023 21:01:23 +0000
ROA not before: Wed 03 May 2023 21:01:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198661
IP address blocks: 2a0e:97c0:7e0::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e3:6b:77:67:e8:68:ec:e8:52:78:0f:61:95:52:d4:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 3 21:01:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=312238351dbc591e75aed6ca1849ff331885102a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:80:6f:d3:b9:4d:d4:2c:60:c7:13:30:66:ee:
29:c9:2c:04:b2:4c:0a:87:9b:56:1f:08:42:9d:6c:
49:b6:74:23:06:ab:50:93:07:e3:ff:c3:80:fc:b3:
5f:de:45:7b:63:db:98:cd:b7:91:d3:c3:80:b7:82:
b9:b4:29:40:6a:a1:c0:23:f5:b8:c9:d3:43:63:88:
2e:ff:7d:0e:08:66:5a:50:bd:dc:66:41:b2:59:ac:
f7:70:e4:f9:37:d2:79:f4:d0:6b:9c:4c:97:1d:fe:
1d:99:92:ba:2d:e2:6d:c1:60:e6:1d:be:77:97:7b:
77:f2:e5:00:17:92:5b:29:03:5f:87:c5:c4:4a:d6:
8a:97:59:17:c0:70:9f:38:79:82:bd:e6:67:73:86:
9c:2c:7d:64:a8:7c:49:be:d1:16:a1:08:02:35:40:
f8:eb:65:a3:bd:56:84:b4:f3:a8:f2:50:b0:cb:a1:
1b:16:36:61:96:23:97:36:e2:fe:c6:b7:47:d9:8a:
9e:35:8c:88:80:41:11:ad:9d:9b:bd:76:5e:2e:64:
75:17:e0:2a:f0:6e:64:da:1b:b2:47:75:73:34:b3:
3c:f5:ba:50:ab:6e:b7:81:cc:46:52:08:96:0d:6e:
d3:5c:8f:1b:ef:da:02:66:7d:e0:c4:05:fd:42:d1:
45:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:22:38:35:1D:BC:59:1E:75:AE:D6:CA:18:49:FF:33:18:85:10:2A
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/MSI4NR28WR51rtbKGEn_MxiFECo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:7e0::/44
Signature Algorithm: sha256WithRSAEncryption
7c:69:2e:93:24:a5:d5:f0:dc:b6:53:29:29:94:35:56:a3:68:
98:a2:ea:66:7f:de:41:9b:5d:bf:82:11:f1:d7:5b:33:bc:d6:
4e:93:e6:2c:84:42:00:81:ed:3d:df:a5:ec:80:fd:6a:07:a5:
6e:7b:55:3b:c7:d4:93:21:e8:7d:1b:05:76:dd:c5:f9:8c:a8:
b2:cb:78:0d:b0:df:3e:40:f4:3c:1f:8e:0a:11:c7:30:94:ef:
eb:03:c1:eb:53:b6:2b:c1:87:82:5f:8e:7a:23:ed:77:15:fc:
d1:cb:f0:4f:e0:a9:c9:ad:94:64:63:ce:f1:ee:9d:ac:72:aa:
87:53:47:8b:db:a4:34:39:70:eb:93:ac:82:60:ab:52:0f:0c:
c3:98:da:51:db:86:a3:27:1e:00:62:64:0e:37:65:b8:18:53:
90:e4:5f:19:d3:ea:6b:b2:d7:bf:dc:72:70:1c:0c:35:ce:c9:
5f:35:e4:30:3d:9b:97:8b:45:13:ff:77:79:8d:30:fc:3b:0b:
f8:ce:18:7b:6c:f1:08:ad:0c:32:d2:b3:5b:9f:30:28:f7:06:
b9:2b:84:71:4f:fb:43:ac:b8:a3:a7:6a:60:57:47:28:2b:14:
4f:3f:ec:f0:05:c6:9f:04:d3:e0:c8:d4:ef:4e:a5:10:72:e1:
ea:d0:00:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYfja3dn6Gjs6FJ4D2GVUtTHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTAzMjEwMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIyMzgzNTFkYmM1OTFlNzVhZWQ2Y2ExODQ5ZmYzMzE4ODUxMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoBv07lN1CxgxxMwZu4pySwEskwK
h5tWHwhCnWxJtnQjBqtQkwfj/8OA/LNf3kV7Y9uYzbeR08OAt4K5tClAaqHAI/W4
ydNDY4gu/30OCGZaUL3cZkGyWaz3cOT5N9J59NBrnEyXHf4dmZK6LeJtwWDmHb53
l3t38uUAF5JbKQNfh8XEStaKl1kXwHCfOHmCveZnc4acLH1kqHxJvtEWoQgCNUD4
62WjvVaEtPOo8lCwy6EbFjZhliOXNuL+xrdH2YqeNYyIgEERrZ2bvXZeLmR1F+Aq
8G5k2huyR3VzNLM89bpQq263gcxGUgiWDW7TXI8b79oCZn3gxAX9QtFF0QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDEiODUdvFkeda7WyhhJ/zMYhRAqMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTVNJNE5SMjhXUjUxcnRiS0dFbl9NeGlGRUNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAfg
MA0GCSqGSIb3DQEBCwUAA4IBAQB8aS6TJKXV8Ny2UykplDVWo2iYoupmf95Bm12/
ghHx11szvNZOk+YshEIAge0936XsgP1qB6Vue1U7x9STIeh9GwV23cX5jKiyy3gN
sN8+QPQ8H44KEccwlO/rA8HrU7YrwYeCX456I+13FfzRy/BP4KnJrZRkY87x7p2s
cqqHU0eL26Q0OXDrk6yCYKtSDwzDmNpR24ajJx4AYmQON2W4GFOQ5F8Z0+prste/
3HJwHAw1zslfNeQwPZuXi0UT/3d5jTD8Owv4zhh7bPEIrQwy0rNbnzAo9wa5K4Rx
T/tDrLijp2pgV0coKxRPP+zwBcafBNPgyNTvTqUQcuHq0ADd
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:20:50 2024 by rpki-client on console-ams.rpki-client.org