Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/mviorL65zuOzPDELmrDfS6RsXz4.roa
File: mviorL65zuOzPDELmrDfS6RsXz4.roa (raw, json)
Hash identifier: BfAdw8W1+idW3tFOVyTy0Sm9HfoXb7eHzSIUsL7YWoA=
Subject key identifier: 9A:F8:A8:AC:BE:B9:CE:E3:B3:3C:31:0B:9A:B0:DF:4B:A4:6C:5F:3E
Certificate issuer: /CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Certificate serial: 0185718C37CF1CD2CECE447DEFFE618E677A
Authority key identifier: C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/mviorL65zuOzPDELmrDfS6RsXz4.roa
Signing time: Mon 02 Jan 2023 08:14:52 +0000
ROA not before: Mon 02 Jan 2023 08:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397688
IP address blocks: 2.58.10.0/24 maxlen: 24
2.58.9.0/24 maxlen: 24
2.58.8.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:37:cf:1c:d2:ce:ce:44:7d:ef:fe:61:8e:67:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff23b1c371352f39b73d39a4e07f8ca98ccd67
Validity
Not Before: Jan 2 08:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9af8a8acbeb9cee3b33c310b9ab0df4ba46c5f3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cf:69:d7:49:66:bf:71:05:0f:fe:68:1a:b3:
58:2f:da:ac:f7:4b:6d:54:d3:8e:6b:64:8d:ef:26:
fe:8d:eb:c4:23:d5:3f:07:94:20:ce:fb:e2:27:45:
c7:24:0e:18:89:d9:b5:4b:eb:82:66:e1:22:12:f8:
09:d5:93:07:fc:90:4b:a5:7a:a0:22:96:ad:86:62:
f4:8d:5e:c9:ca:f5:bc:ca:8c:a2:f2:a4:99:71:1e:
37:c9:26:40:96:38:83:cc:e1:c6:75:e8:5a:c2:95:
25:57:e1:75:09:1c:57:20:42:d1:63:9b:fe:cc:7e:
02:34:28:e6:b1:bf:c5:58:65:e4:a8:97:cd:95:25:
89:c7:7e:1d:42:3b:26:93:11:88:fa:23:f9:7b:ef:
81:db:85:f1:1c:57:f1:8c:16:1e:41:d4:3a:ce:68:
34:4e:80:3e:e6:2f:32:93:e1:b9:08:88:00:8e:68:
94:7d:c0:f4:5b:52:f3:cf:7d:87:0b:ee:20:24:52:
fb:92:c0:f6:76:45:a0:60:20:12:a3:c4:c6:f3:18:
c3:28:c6:80:58:3e:15:2e:1a:75:f7:4d:b2:20:77:
c9:bf:27:75:a5:03:9a:e1:da:cc:55:fc:d2:b6:78:
a6:2f:64:c9:e2:c6:2e:a6:40:13:58:09:45:b4:c1:
24:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:F8:A8:AC:BE:B9:CE:E3:B3:3C:31:0B:9A:B0:DF:4B:A4:6C:5F:3E
X509v3 Authority Key Identifier:
keyid:C4:FF:23:B1:C3:71:35:2F:39:B7:3D:39:A4:E0:7F:8C:A9:8C:CD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP8jscNxNS85tz05pOB_jKmMzWc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/mviorL65zuOzPDELmrDfS6RsXz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/c65aab-8a52-476f-9e32-10959aaa8b3e/1/xP8jscNxNS85tz05pOB_jKmMzWc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.8.0-2.58.10.255
Signature Algorithm: sha256WithRSAEncryption
a3:fa:63:6a:17:b6:1b:aa:c4:68:73:df:3d:5a:5d:c9:87:22:
9f:72:fd:fa:61:ab:ab:d5:d4:1a:49:45:15:c0:c2:86:04:8d:
51:2e:d4:32:d7:85:68:3c:15:d6:9b:a7:eb:84:68:83:86:cd:
a1:8c:bb:38:1a:f6:ef:db:53:6a:da:60:30:0e:e4:ff:5a:f5:
b6:2c:de:49:b3:00:34:6e:d2:d3:10:7b:ca:45:32:ca:30:8b:
a8:bd:f6:c4:d7:88:79:b5:e8:fc:61:61:4e:58:0a:27:aa:61:
7c:0f:32:ed:ee:e8:2a:69:4c:b9:b5:27:3a:19:e9:1c:69:e1:
81:12:9b:4c:2f:a9:0c:fc:17:5a:93:5f:ea:c1:f3:95:ac:69:
e6:5f:89:f4:40:47:54:8f:fc:cf:bf:e0:60:9e:cb:42:cc:02:
25:8f:a8:9b:b1:16:0f:d2:d4:b5:75:1e:d2:b8:ad:d9:8b:29:
0c:5e:a8:d3:22:cf:e7:3b:4a:f8:b3:68:0c:88:1e:86:c3:a4:
ae:a4:0b:1e:d5:21:f1:7f:47:ff:33:9a:a3:13:20:fe:6a:d5:
be:33:47:35:2a:4c:fa:47:ab:7d:2d:e4:cf:0d:e6:6c:44:89:
1c:7e:ee:7d:5b:c2:5f:05:c0:18:bf:e0:10:d8:2e:7f:49:8c:
c6:de:82:0f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxjDfPHNLOzkR97/5hjmd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZmYyM2IxYzM3MTM1MmYzOWI3M2QzOWE0ZTA3ZjhjYTk4
Y2NkNjcwHhcNMjMwMTAyMDgxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWY4YThhY2JlYjljZWUzYjMzYzMxMGI5YWIwZGY0YmE0NmM1ZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs9p10lmv3EFD/5oGrNYL9qs90tt
VNOOa2SN7yb+jevEI9U/B5QgzvviJ0XHJA4Yidm1S+uCZuEiEvgJ1ZMH/JBLpXqg
IpathmL0jV7JyvW8yoyi8qSZcR43ySZAljiDzOHGdehawpUlV+F1CRxXIELRY5v+
zH4CNCjmsb/FWGXkqJfNlSWJx34dQjsmkxGI+iP5e++B24XxHFfxjBYeQdQ6zmg0
ToA+5i8yk+G5CIgAjmiUfcD0W1Lzz32HC+4gJFL7ksD2dkWgYCASo8TG8xjDKMaA
WD4VLhp1902yIHfJvyd1pQOa4drMVfzStnimL2TJ4sYupkATWAlFtMEkAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJr4qKy+uc7jszwxC5qw30ukbF8+MB8GA1UdIwQY
MBaAFMT/I7HDcTUvObc9OaTgf4ypjM1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzIt
MTA5NTlhYWE4YjNlLzEvbXZpb3JMNjV6dU96UERFTG1yRGZTNlJzWHo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9jNjVhYWItOGE1Mi00NzZmLTllMzItMTA5NTlhYWE4YjNl
LzEveFA4anNjTnhOUzg1dHowNXBPQl9qS21NeldjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAMCOggD
BAACOgowDQYJKoZIhvcNAQELBQADggEBAKP6Y2oXthuqxGhz3z1aXcmHIp9y/fph
q6vV1BpJRRXAwoYEjVEu1DLXhWg8Fdabp+uEaIOGzaGMuzga9u/bU2raYDAO5P9a
9bYs3kmzADRu0tMQe8pFMsowi6i99sTXiHm16PxhYU5YCieqYXwPMu3u6CppTLm1
JzoZ6Rxp4YESm0wvqQz8F1qTX+rB85WsaeZfifRAR1SP/M+/4GCey0LMAiWPqJux
Fg/S1LV1HtK4rdmLKQxeqNMiz+c7SvizaAyIHobDpK6kCx7VIfF/R/8zmqMTIP5q
1b4zRzUqTPpHq30t5M8N5mxEiRx+7n1bwl8FwBi/4BDYLn9JjMbegg8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:03 2024 by rpki-client on console-ams.rpki-client.org