Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/mFApPvsm2Jqwfqueufx2_aJaGbM.roa
File: mFApPvsm2Jqwfqueufx2_aJaGbM.roa (raw, json)
Hash identifier: kgdefiIS1DjIDH6/z/MapTf++Ymo7C4ITGZJ1D6xXPs=
Subject key identifier: 98:50:29:3E:FB:26:D8:9A:B0:7E:AB:9E:B9:FC:76:FD:A2:5A:19:B3
Certificate issuer: /CN=6d7ea43a1c4755787d491fba563b88811dccc5f8
Certificate serial: 018CC649DDDC9B6EEF28D53B535898377E35
Authority key identifier: 6D:7E:A4:3A:1C:47:55:78:7D:49:1F:BA:56:3B:88:81:1D:CC:C5:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/mFApPvsm2Jqwfqueufx2_aJaGbM.roa
Signing time: Mon 01 Jan 2024 18:29:38 +0000
ROA not before: Mon 01 Jan 2024 18:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31400
IP address blocks: 195.28.12.0/23 maxlen: 23
91.199.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 13:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:dd:dc:9b:6e:ef:28:d5:3b:53:58:98:37:7e:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d7ea43a1c4755787d491fba563b88811dccc5f8
Validity
Not Before: Jan 1 18:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9850293efb26d89ab07eab9eb9fc76fda25a19b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:28:31:10:4b:96:10:e5:2a:f9:d3:f3:c5:82:
12:01:95:d5:37:53:b0:92:43:c3:2c:23:93:8c:f0:
ae:c9:32:ff:ce:dc:17:3b:00:0f:b9:67:9e:42:e4:
80:5b:fb:a0:62:af:6e:37:3f:88:72:a9:11:8a:82:
f3:b1:87:2c:33:7a:8f:30:07:31:ad:e8:18:34:f4:
be:dd:73:47:2f:6d:52:04:fc:3c:01:4b:8c:65:81:
f7:43:01:17:7b:9c:fe:94:de:ae:97:4e:40:de:6a:
4d:6a:0e:c7:43:39:71:39:8a:64:7e:1d:5b:4b:38:
e8:76:a1:fe:fb:af:f0:4b:b9:1c:9e:6e:7f:2e:eb:
b5:ca:18:d9:90:82:99:b0:c5:e8:21:5d:af:d8:41:
2a:87:15:0a:29:ea:f8:03:8c:d3:fe:34:ba:a9:26:
d9:26:8a:a1:44:5b:98:75:b8:03:e5:1b:1d:af:aa:
c1:af:09:d8:4e:c2:70:88:f6:5e:b8:2d:7b:39:50:
6f:68:ef:fb:35:7f:3a:1e:8c:54:d0:a0:d0:ad:02:
ba:97:df:fe:3f:29:f7:09:4e:25:c6:3f:08:97:d1:
b9:25:23:df:3f:8e:38:9f:81:31:1f:5c:36:99:77:
67:f8:45:4f:fd:8e:be:4f:e3:b3:e7:61:b6:d9:7a:
fe:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:50:29:3E:FB:26:D8:9A:B0:7E:AB:9E:B9:FC:76:FD:A2:5A:19:B3
X509v3 Authority Key Identifier:
keyid:6D:7E:A4:3A:1C:47:55:78:7D:49:1F:BA:56:3B:88:81:1D:CC:C5:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/mFApPvsm2Jqwfqueufx2_aJaGbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/5c9996-6f6b-4c31-863e-589d30ffaa8c/1/bX6kOhxHVXh9SR-6VjuIgR3Mxfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.225.0/24
195.28.12.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:28:45:66:35:63:cd:a7:24:6f:69:bc:cb:e6:1c:09:03:45:
62:21:f5:cf:16:a2:df:53:4b:49:45:ac:4c:11:03:89:56:94:
eb:8c:06:2b:16:98:ed:76:c5:f3:0d:6d:b7:ff:a5:d4:fe:93:
0c:28:42:c9:ff:6e:8d:d4:95:12:87:b9:da:d4:fe:8f:aa:4a:
8f:32:0f:cc:18:f5:d4:ac:5c:e6:14:14:42:24:0b:b6:aa:c7:
78:93:d7:52:bd:1c:45:b6:16:c3:05:6d:a1:a4:4f:87:4c:42:
c3:b6:1e:33:89:32:02:91:55:d6:6a:76:da:2f:04:01:97:21:
f0:c7:68:64:1f:89:21:ac:5c:34:be:44:c3:09:f6:a7:48:81:
ce:c6:7b:ed:c3:36:36:f7:f6:2c:76:bd:78:57:fb:d1:59:f5:
2f:6d:f3:08:0c:3b:02:45:f7:f0:d0:11:dd:08:53:dd:dd:cf:
4d:07:e8:65:ac:73:7a:71:40:2b:d4:2f:50:e9:43:08:d4:a2:
6b:cd:e8:12:19:3f:99:dd:a4:63:f1:bc:f7:1a:ac:9c:51:d9:
f0:66:eb:19:b1:12:75:64:36:49:3e:a2:64:b4:bf:e4:30:8a:
06:2a:79:6b:f1:d8:87:e2:c0:a2:74:c3:db:d4:4f:d8:e3:8f:
24:0e:10:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSd3cm27vKNU7U1iYN341MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkN2VhNDNhMWM0NzU1Nzg3ZDQ5MWZiYTU2M2I4ODgxMWRj
Y2M1ZjgwHhcNMjQwMTAxMTgyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODUwMjkzZWZiMjZkODlhYjA3ZWFiOWViOWZjNzZmZGEyNWExOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSgxEEuWEOUq+dPzxYISAZXVN1Ow
kkPDLCOTjPCuyTL/ztwXOwAPuWeeQuSAW/ugYq9uNz+IcqkRioLzsYcsM3qPMAcx
regYNPS+3XNHL21SBPw8AUuMZYH3QwEXe5z+lN6ul05A3mpNag7HQzlxOYpkfh1b
SzjodqH++6/wS7kcnm5/Luu1yhjZkIKZsMXoIV2v2EEqhxUKKer4A4zT/jS6qSbZ
JoqhRFuYdbgD5Rsdr6rBrwnYTsJwiPZeuC17OVBvaO/7NX86HoxU0KDQrQK6l9/+
Pyn3CU4lxj8Il9G5JSPfP444n4ExH1w2mXdn+EVP/Y6+T+Oz52G22Xr+0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhQKT77JtiasH6rnrn8dv2iWhmzMB8GA1UdIwQY
MBaAFG1+pDocR1V4fUkfulY7iIEdzMX4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlg2a09oeEhWWGg5U1ItNlZqdUlnUjNNeGZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81Yzk5OTYtNmY2Yi00YzMxLTg2M2Ut
NTg5ZDMwZmZhYThjLzEvbUZBcFB2c20ySnF3ZnF1ZXVmeDJfYUphR2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81Yzk5OTYtNmY2Yi00YzMxLTg2M2UtNTg5ZDMwZmZhYThj
LzEvYlg2a09oeEhWWGg5U1ItNlZqdUlnUjNNeGZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8fhAwQB
wxwMMA0GCSqGSIb3DQEBCwUAA4IBAQA/KEVmNWPNpyRvabzL5hwJA0ViIfXPFqLf
U0tJRaxMEQOJVpTrjAYrFpjtdsXzDW23/6XU/pMMKELJ/26N1JUSh7na1P6PqkqP
Mg/MGPXUrFzmFBRCJAu2qsd4k9dSvRxFthbDBW2hpE+HTELDth4ziTICkVXWanba
LwQBlyHwx2hkH4khrFw0vkTDCfanSIHOxnvtwzY29/Ysdr14V/vRWfUvbfMIDDsC
Rffw0BHdCFPd3c9NB+hlrHN6cUAr1C9Q6UMI1KJrzegSGT+Z3aRj8bz3GqycUdnw
ZusZsRJ1ZDZJPqJktL/kMIoGKnlr8diH4sCidMPb1E/Y448kDhCK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:20 2024 by rpki-client on console-fra.rpki-client.org