Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/atpMLx_M5IK4Wvn8VVNl56uszFo.roa
File: atpMLx_M5IK4Wvn8VVNl56uszFo.roa (raw, json)
Hash identifier: jnWMySp+HaOAXZ41iktfEucC6QfSVLfZ96H1NFJXnh0=
Subject key identifier: 6A:DA:4C:2F:1F:CC:E4:82:B8:5A:F9:FC:55:53:65:E7:AB:AC:CC:5A
Certificate issuer: /CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Certificate serial: 018790FB034538EDA78144377D9B09D98D4F
Authority key identifier: F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/atpMLx_M5IK4Wvn8VVNl56uszFo.roa
Signing time: Mon 17 Apr 2023 20:49:42 +0000
ROA not before: Mon 17 Apr 2023 20:49:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 192.162.219.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:90:fb:03:45:38:ed:a7:81:44:37:7d:9b:09:d9:8d:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f374f734c3695e67906a7032eb2e59fb3eb41b22
Validity
Not Before: Apr 17 20:49:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6ada4c2f1fcce482b85af9fc555365e7abaccc5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:1c:45:64:5f:5d:1c:ae:e2:7b:6a:83:43:93:
7f:64:91:e1:4d:c2:00:60:97:9e:3a:50:dd:03:56:
c5:8c:7c:4f:6a:0d:7d:50:c2:f6:0b:96:0c:ae:f6:
92:8a:a0:06:dd:65:9b:95:78:7a:e2:39:1d:b3:88:
9b:07:ac:87:7e:b1:8a:cd:0d:66:95:9b:31:79:ee:
c2:f3:ee:de:d5:e3:0a:d9:d4:4e:28:37:4f:7f:df:
53:8c:fa:7b:d7:c8:f2:3b:47:d0:c7:e2:48:76:5a:
3f:c1:72:24:c6:ef:d9:da:75:fb:87:45:39:ab:90:
6d:a8:d8:4a:70:2d:2f:b0:2c:aa:c8:14:a4:dd:f4:
e8:ad:72:f3:22:84:fd:27:8c:62:15:28:05:a5:49:
c0:f8:28:34:d2:7a:8a:37:f0:b7:5e:bd:4d:31:09:
b7:27:b5:57:97:5f:70:72:7c:c6:fe:bf:4a:3e:8b:
59:0b:31:df:eb:5e:ec:3f:e1:b0:73:6f:af:9f:5f:
95:90:fd:e6:4a:80:e4:c8:5b:b0:f8:e8:be:cc:84:
dc:bf:60:04:72:c6:17:e8:05:72:39:dd:9f:b1:aa:
9d:cd:41:a1:1b:c7:3c:27:7d:e0:6d:2a:3d:c3:9a:
5d:c2:87:5d:b9:3a:21:87:b1:97:03:4c:30:02:2e:
f9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DA:4C:2F:1F:CC:E4:82:B8:5A:F9:FC:55:53:65:E7:AB:AC:CC:5A
X509v3 Authority Key Identifier:
keyid:F3:74:F7:34:C3:69:5E:67:90:6A:70:32:EB:2E:59:FB:3E:B4:1B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/83T3NMNpXmeQanAy6y5Z-z60GyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/atpMLx_M5IK4Wvn8VVNl56uszFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f74914-dda8-4d45-9992-4bef8328aaab/1/83T3NMNpXmeQanAy6y5Z-z60GyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.219.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0d:9e:9a:8c:af:fa:6d:50:e3:d2:7a:55:bd:bd:e2:b7:d8:
b8:76:bf:38:dc:79:78:4b:ed:2f:15:81:70:65:cb:71:2b:d7:
7f:a4:23:09:48:f5:aa:5f:32:eb:a0:df:4a:e9:62:8f:b9:9a:
68:22:b8:45:f5:01:78:77:a3:ab:6a:01:2c:bf:75:33:80:10:
87:f1:0d:40:94:e1:a5:66:40:58:27:e7:82:6b:0c:17:f5:72:
5e:e5:c7:81:ff:a5:c9:4f:31:07:e5:2c:ff:38:79:af:f5:f7:
35:64:d1:5a:62:dc:8f:d5:6e:f5:75:a5:05:c4:f3:fb:fa:91:
e7:df:f7:bc:74:88:ac:8e:d4:75:00:cb:63:4c:41:03:e2:d9:
4b:30:f1:ad:b7:03:df:a9:cd:dd:9f:ba:e7:11:1a:01:1e:99:
94:cd:e8:a4:09:dd:3b:38:d5:2e:0b:b0:43:ec:3a:88:d1:1e:
91:33:30:08:4e:4d:eb:f3:dc:0f:58:44:d3:b7:ec:34:80:32:
8a:22:d1:fd:56:79:74:5c:4e:d2:19:2d:65:8d:9c:65:95:02:
95:6e:ea:f0:c8:75:85:26:b6:5e:66:6f:ac:57:f5:df:5c:a4:
5d:38:08:ab:67:80:8e:29:59:0b:f5:ed:9b:25:64:41:89:2b:
b8:0d:6d:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYeQ+wNFOO2ngUQ3fZsJ2Y1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNzRmNzM0YzM2OTVlNjc5MDZhNzAzMmViMmU1OWZiM2Vi
NDFiMjIwHhcNMjMwNDE3MjA0OTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRhNGMyZjFmY2NlNDgyYjg1YWY5ZmM1NTUzNjVlN2FiYWNjYzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RxFZF9dHK7ie2qDQ5N/ZJHhTcIA
YJeeOlDdA1bFjHxPag19UML2C5YMrvaSiqAG3WWblXh64jkds4ibB6yHfrGKzQ1m
lZsxee7C8+7e1eMK2dROKDdPf99TjPp718jyO0fQx+JIdlo/wXIkxu/Z2nX7h0U5
q5BtqNhKcC0vsCyqyBSk3fTorXLzIoT9J4xiFSgFpUnA+Cg00nqKN/C3Xr1NMQm3
J7VXl19wcnzG/r9KPotZCzHf617sP+Gwc2+vn1+VkP3mSoDkyFuw+Oi+zITcv2AE
csYX6AVyOd2fsaqdzUGhG8c8J33gbSo9w5pdwodduTohh7GXA0wwAi75bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGraTC8fzOSCuFr5/FVTZeerrMxaMB8GA1UdIwQY
MBaAFPN09zTDaV5nkGpwMusuWfs+tBsiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTIt
NGJlZjgzMjhhYWFiLzEvYXRwTUx4X001SUs0V3ZuOFZWTmw1NnVzekZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNzQ5MTQtZGRhOC00ZDQ1LTk5OTItNGJlZjgzMjhhYWFi
LzEvODNUM05NTnBYbWVRYW5BeTZ5NVotejYwR3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKLbMA0G
CSqGSIb3DQEBCwUAA4IBAQAoDZ6ajK/6bVDj0npVvb3it9i4dr843Hl4S+0vFYFw
ZctxK9d/pCMJSPWqXzLroN9K6WKPuZpoIrhF9QF4d6OragEsv3UzgBCH8Q1AlOGl
ZkBYJ+eCawwX9XJe5ceB/6XJTzEH5Sz/OHmv9fc1ZNFaYtyP1W71daUFxPP7+pHn
3/e8dIisjtR1AMtjTEED4tlLMPGttwPfqc3dn7rnERoBHpmUzeikCd07ONUuC7BD
7DqI0R6RMzAITk3r89wPWETTt+w0gDKKItH9Vnl0XE7SGS1ljZxllQKVburwyHWF
JrZeZm+sV/XfXKRdOAirZ4COKVkL9e2bJWRBiSu4DW3x
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:25:44 2024 by rpki-client on console-fra.rpki-client.org