Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/msafrTpr1zeUxTOk1SJjPHgKPPA.roa
File: msafrTpr1zeUxTOk1SJjPHgKPPA.roa (raw, json)
Hash identifier: V8pxo7DBnCpOWMLYpkEVezzX0wb8TzZ9R6+gO3bH8Ds=
Subject key identifier: 9A:C6:9F:AD:3A:6B:D7:37:94:C5:33:A4:D5:22:63:3C:78:0A:3C:F0
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018ADF8A576EBC2B4E7EF09F37D1026DAAFB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/msafrTpr1zeUxTOk1SJjPHgKPPA.roa
Signing time: Fri 29 Sep 2023 06:05:00 +0000
ROA not before: Fri 29 Sep 2023 06:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198652
IP address blocks: 2.57.240.0/24 maxlen: 24
89.37.192.0/24 maxlen: 24
89.47.55.0/24 maxlen: 24
62.192.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 08:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:8a:57:6e:bc:2b:4e:7e:f0:9f:37:d1:02:6d:aa:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 29 06:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ac69fad3a6bd73794c533a4d522633c780a3cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fa:c3:6e:92:30:4b:5e:26:3a:63:fa:87:89:
da:fb:7d:b7:62:ab:c6:75:71:e8:7c:4f:b0:ea:13:
32:39:84:d0:8c:6d:be:c5:af:55:c7:5c:1b:c9:fa:
68:1c:6f:e0:93:8d:50:5b:1c:15:04:16:f0:6b:e7:
b1:4d:d7:b2:37:1a:3d:32:b2:9b:db:b4:9a:d3:44:
29:45:fc:6c:8c:d7:52:ac:b4:5f:8e:6e:8b:f7:10:
22:79:e5:46:70:82:7c:83:af:a1:ab:ad:5d:bf:a1:
e7:68:58:19:01:24:79:a8:2d:3c:48:c3:cb:ee:d8:
dc:83:fd:b9:c0:39:cf:9b:22:2e:d7:fe:19:3b:e3:
6d:48:e2:0f:a5:3c:93:4a:a2:53:1c:bd:d4:75:39:
b4:1c:48:c9:4b:a6:3b:48:4c:8e:c6:23:2c:4f:e7:
4c:8c:b3:47:9a:27:ae:e8:bd:fa:db:bf:cd:41:ce:
c5:f8:3d:b6:87:fa:9b:05:d9:c0:63:8d:e8:a6:ec:
70:a0:89:e3:df:a8:f4:bf:a0:84:d7:34:3a:44:7a:
21:d5:35:a6:b1:41:ac:b0:2a:25:03:8b:36:24:4d:
01:70:4d:50:97:34:9b:31:f5:e5:e3:94:79:e1:2a:
e7:f8:e3:8f:8b:90:44:eb:ef:da:d0:3b:d3:7d:68:
5e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C6:9F:AD:3A:6B:D7:37:94:C5:33:A4:D5:22:63:3C:78:0A:3C:F0
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/msafrTpr1zeUxTOk1SJjPHgKPPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.240.0/24
62.192.152.0/24
89.37.192.0/24
89.47.55.0/24
Signature Algorithm: sha256WithRSAEncryption
13:e1:38:6f:13:56:45:4e:d7:9d:2c:06:d0:37:1b:14:42:8c:
af:38:9b:e3:9a:dd:e8:cd:f9:9f:0c:8e:66:e1:25:67:8a:3b:
ec:81:56:60:2e:95:41:18:8c:28:20:83:af:d3:72:df:bd:97:
cc:e8:81:e7:72:af:d3:f6:27:19:e4:aa:83:0e:20:49:39:af:
5c:94:58:13:c2:fa:4f:15:e8:46:e8:25:91:2c:ce:a7:c7:f9:
85:27:da:a6:df:71:57:a2:fe:db:47:b0:f3:9f:88:50:eb:4c:
ea:48:f3:e9:2d:1f:61:16:07:52:e2:12:29:31:10:82:f7:8b:
35:21:4a:76:ec:06:c7:68:09:f5:31:d7:ec:bd:87:62:49:3e:
a8:7b:35:ac:8a:85:46:d5:48:55:99:72:b4:6a:85:21:28:2b:
78:2a:26:0d:b7:b9:b1:cb:05:0a:41:88:d2:f8:88:76:d7:2a:
70:82:c4:0e:ff:2e:cd:40:e3:07:66:80:2c:d5:30:2d:01:24:
2e:f3:84:c3:f5:4c:1a:de:b2:bf:0a:42:b2:35:40:af:aa:ee:
82:f8:69:5d:d8:95:43:e4:a3:22:9b:b8:fd:36:00:0e:65:3d:
c4:29:f8:5b:9f:1e:fb:09:77:a3:66:37:14:29:86:d8:79:a4:
9c:7f:bb:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYrfilduvCtOfvCfN9ECbar7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTI5MDYwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWM2OWZhZDNhNmJkNzM3OTRjNTMzYTRkNTIyNjMzYzc4MGEzY2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPrDbpIwS14mOmP6h4na+323YqvG
dXHofE+w6hMyOYTQjG2+xa9Vx1wbyfpoHG/gk41QWxwVBBbwa+exTdeyNxo9MrKb
27Sa00QpRfxsjNdSrLRfjm6L9xAieeVGcIJ8g6+hq61dv6HnaFgZASR5qC08SMPL
7tjcg/25wDnPmyIu1/4ZO+NtSOIPpTyTSqJTHL3UdTm0HEjJS6Y7SEyOxiMsT+dM
jLNHmieu6L3627/NQc7F+D22h/qbBdnAY43opuxwoInj36j0v6CE1zQ6RHoh1TWm
sUGssColA4s2JE0BcE1QlzSbMfXl45R54Srn+OOPi5BE6+/a0DvTfWhezwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJrGn606a9c3lMUzpNUiYzx4CjzwMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbXNhZnJUcHIxemVVeFRPazFTSmpQSGdLUFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjnwAwQA
PsCYAwQAWSXAAwQAWS83MA0GCSqGSIb3DQEBCwUAA4IBAQAT4ThvE1ZFTtedLAbQ
NxsUQoyvOJvjmt3ozfmfDI5m4SVnijvsgVZgLpVBGIwoIIOv03LfvZfM6IHncq/T
9icZ5KqDDiBJOa9clFgTwvpPFehG6CWRLM6nx/mFJ9qm33FXov7bR7Dzn4hQ60zq
SPPpLR9hFgdS4hIpMRCC94s1IUp27AbHaAn1MdfsvYdiST6oezWsioVG1UhVmXK0
aoUhKCt4KiYNt7mxywUKQYjS+Ih21ypwgsQO/y7NQOMHZoAs1TAtASQu84TD9Uwa
3rK/CkKyNUCvqu6C+Gld2JVD5KMim7j9NgAOZT3EKfhbnx77CXejZjcUKYbYeaSc
f7td
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:10 2024 by rpki-client on console-fra.rpki-client.org