Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b41a9f-348d-4b24-bba0-27647bcef4b0/1/MKGX274F22Fc3q6dtZnBVivpsV0.roa
File: MKGX274F22Fc3q6dtZnBVivpsV0.roa (raw, json)
Hash identifier: 8A6PHY3bPscKkFkICgld+IrvATjPnLYO9v1qFoLaZsk=
Subject key identifier: 30:A1:97:DB:BE:05:DB:61:5C:DE:AE:9D:B5:99:C1:56:2B:E9:B1:5D
Certificate issuer: /CN=da6e6f392271951b35347facd513f932fe67a0c1
Certificate serial: 018571709F22BA866AC6BE5B6F06525C70E2
Authority key identifier: DA:6E:6F:39:22:71:95:1B:35:34:7F:AC:D5:13:F9:32:FE:67:A0:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2m5vOSJxlRs1NH-s1RP5Mv5noME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b41a9f-348d-4b24-bba0-27647bcef4b0/1/MKGX274F22Fc3q6dtZnBVivpsV0.roa
Signing time: Mon 02 Jan 2023 07:44:44 +0000
ROA not before: Mon 02 Jan 2023 07:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1103
IP address blocks: 131.211.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:70:9f:22:ba:86:6a:c6:be:5b:6f:06:52:5c:70:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da6e6f392271951b35347facd513f932fe67a0c1
Validity
Not Before: Jan 2 07:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a197dbbe05db615cdeae9db599c1562be9b15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ba:b0:d7:cb:64:50:97:6e:bd:05:15:c7:72:
2e:9d:23:52:61:69:b1:09:af:f0:64:fd:a5:d3:e7:
5b:50:b4:e0:ae:60:9b:4a:5a:82:5e:62:9a:ed:45:
e0:5c:ab:85:9e:b2:2c:dc:25:eb:07:77:b8:1c:d8:
f7:b7:dd:87:98:fd:a5:35:d1:e6:d0:eb:7e:4b:ca:
d8:45:4c:5c:b6:7b:6d:d4:10:a8:b6:cc:25:0b:a2:
d9:e3:d8:20:9f:47:10:98:c6:97:60:c5:c0:6e:46:
bf:6a:2a:e6:b4:f8:19:82:7d:ea:86:51:51:7a:4b:
e8:17:1a:d2:6c:72:e0:b8:52:4d:6f:cd:4d:eb:87:
14:b1:6a:71:13:25:c9:8e:80:8e:d9:94:e6:40:51:
5a:d4:d5:54:89:e1:45:85:7f:97:0e:b0:a4:cd:25:
f1:5c:38:a4:c3:10:fd:8b:ae:6e:fd:98:6c:f0:ea:
25:96:17:91:1e:62:3c:c2:65:92:12:fe:43:9e:87:
70:2d:b9:36:be:d3:48:51:41:1b:6d:33:67:d4:24:
64:43:f7:52:94:f4:39:ff:1f:8b:d2:86:c9:1a:4a:
94:d0:99:62:cc:f6:36:84:89:27:5c:c4:9c:a5:8a:
0c:35:5c:c1:48:33:9d:fc:38:7f:52:46:1c:b6:a8:
c5:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A1:97:DB:BE:05:DB:61:5C:DE:AE:9D:B5:99:C1:56:2B:E9:B1:5D
X509v3 Authority Key Identifier:
keyid:DA:6E:6F:39:22:71:95:1B:35:34:7F:AC:D5:13:F9:32:FE:67:A0:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2m5vOSJxlRs1NH-s1RP5Mv5noME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b41a9f-348d-4b24-bba0-27647bcef4b0/1/MKGX274F22Fc3q6dtZnBVivpsV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b41a9f-348d-4b24-bba0-27647bcef4b0/1/2m5vOSJxlRs1NH-s1RP5Mv5noME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.211.0.0/16
Signature Algorithm: sha256WithRSAEncryption
67:f1:af:a8:1b:f6:c7:8f:c5:0f:28:96:cd:3e:af:41:45:4d:
d2:91:6b:93:64:39:67:81:a7:05:84:3f:23:d6:37:3c:e4:a3:
57:6f:1d:c8:78:f9:56:e3:cb:33:14:fe:e1:2c:0a:0f:ff:e4:
d0:25:60:1a:c0:44:f0:08:24:c7:42:75:0c:7d:8a:89:e2:cc:
4d:82:3e:0b:6e:c0:58:ba:08:44:7e:ae:72:c0:b5:d4:23:34:
20:2c:57:57:7c:bf:54:5f:e1:e9:e5:f2:89:4b:38:8a:a8:24:
38:cf:31:31:99:bc:71:3b:cc:60:9f:f7:fa:1a:16:91:32:3a:
1c:5a:99:28:44:09:53:51:97:d0:d0:e3:72:a6:43:c3:fb:1d:
d8:c9:21:fa:8c:79:fd:b9:24:9e:64:cb:dc:2a:68:17:c7:53:
a1:09:12:16:b9:37:94:31:47:9b:d6:20:33:2c:cb:13:10:c3:
c3:50:b2:38:6e:b6:34:93:d7:8e:64:e0:17:a7:b0:4f:92:59:
9e:7b:2f:75:56:8a:80:79:5d:c1:12:ad:be:34:31:ed:2d:cc:
16:ad:1a:72:d2:40:50:6a:84:66:85:f7:8a:00:ee:49:92:d8:
32:b7:34:cd:f2:a3:b2:64:f9:e6:fa:b0:d2:2d:0c:31:c0:91:
2d:57:d6:0d
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVxcJ8iuoZqxr5bbwZSXHDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNmU2ZjM5MjI3MTk1MWIzNTM0N2ZhY2Q1MTNmOTMyZmU2
N2EwYzEwHhcNMjMwMTAyMDc0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGExOTdkYmJlMDVkYjYxNWNkZWFlOWRiNTk5YzE1NjJiZTliMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLqw18tkUJduvQUVx3IunSNSYWmx
Ca/wZP2l0+dbULTgrmCbSlqCXmKa7UXgXKuFnrIs3CXrB3e4HNj3t92HmP2lNdHm
0Ot+S8rYRUxctntt1BCotswlC6LZ49ggn0cQmMaXYMXAbka/airmtPgZgn3qhlFR
ekvoFxrSbHLguFJNb81N64cUsWpxEyXJjoCO2ZTmQFFa1NVUieFFhX+XDrCkzSXx
XDikwxD9i65u/Zhs8OollheRHmI8wmWSEv5DnodwLbk2vtNIUUEbbTNn1CRkQ/dS
lPQ5/x+L0obJGkqU0JlizPY2hIknXMScpYoMNVzBSDOd/Dh/UkYctqjFAQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDChl9u+BdthXN6unbWZwVYr6bFdMB8GA1UdIwQY
MBaAFNpubzkicZUbNTR/rNUT+TL+Z6DBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm01dk9TSnhsUnMxTkgtczFSUDVNdjVub01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNDFhOWYtMzQ4ZC00YjI0LWJiYTAt
Mjc2NDdiY2VmNGIwLzEvTUtHWDI3NEYyMkZjM3E2ZHRabkJWaXZwc1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNDFhOWYtMzQ4ZC00YjI0LWJiYTAtMjc2NDdiY2VmNGIw
LzEvMm01dk9TSnhsUnMxTkgtczFSUDVNdjVub01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAg9MwDQYJ
KoZIhvcNAQELBQADggEBAGfxr6gb9sePxQ8ols0+r0FFTdKRa5NkOWeBpwWEPyPW
Nzzko1dvHch4+VbjyzMU/uEsCg//5NAlYBrARPAIJMdCdQx9ionizE2CPgtuwFi6
CER+rnLAtdQjNCAsV1d8v1Rf4enl8olLOIqoJDjPMTGZvHE7zGCf9/oaFpEyOhxa
mShECVNRl9DQ43KmQ8P7HdjJIfqMef25JJ5ky9wqaBfHU6EJEha5N5QxR5vWIDMs
yxMQw8NQsjhutjST145k4BensE+SWZ57L3VWioB5XcESrb40Me0tzBatGnLSQFBq
hGaF94oA7kmS2DK3NM3yo7Jk+eb6sNItDDHAkS1X1g0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:07 2024 by rpki-client on console-fra.rpki-client.org