Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4-MouN1Wr44ECTd1E4vGckA8BD8.roa
File: 4-MouN1Wr44ECTd1E4vGckA8BD8.roa (raw, json)
Hash identifier: KZeVF0uFPSHlg39LpJisfDJlZJmu3ZI5emB5QTP7Scs=
Subject key identifier: E3:E3:28:B8:DD:56:AF:8E:04:09:37:75:13:8B:C6:72:40:3C:04:3F
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018A5F9796DD8A5099EB817684A8C3152896
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4-MouN1Wr44ECTd1E4vGckA8BD8.roa
Signing time: Mon 04 Sep 2023 09:48:04 +0000
ROA not before: Mon 04 Sep 2023 09:48:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6057
IP address blocks: 2.22.26.0/23 maxlen: 23
2.22.28.0/24 maxlen: 24
2.18.64.0/24 maxlen: 24
2.22.24.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 28 Sep 2023 09:52:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:97:96:dd:8a:50:99:eb:81:76:84:a8:c3:15:28:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Sep 4 09:48:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3e328b8dd56af8e04093775138bc672403c043f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0c:8b:24:54:39:8b:86:de:a1:2b:5f:c4:e4:
8f:42:fb:ca:9c:11:1b:3e:f6:b0:3a:9b:c7:b0:29:
d1:d5:31:6c:e5:55:09:a9:8e:98:cf:da:73:e2:82:
4e:97:df:43:fe:46:74:9c:17:59:d7:16:ad:1e:5e:
8c:e5:58:6b:2c:35:78:16:6f:98:b6:2a:d7:13:50:
af:ff:5f:1c:42:7b:96:0e:7a:e0:c3:e9:04:8b:fd:
06:9a:68:bc:ba:e3:78:e5:cf:dc:4a:dc:f1:19:0d:
d5:75:a6:13:30:02:a1:ce:94:c0:06:c2:f2:14:cf:
48:74:04:5d:24:14:2d:e6:c7:0e:fe:43:45:64:cd:
40:cb:3b:af:b1:8d:6b:a4:a9:16:37:d2:33:c7:3d:
42:ff:03:08:1a:1e:eb:21:35:6e:9a:dc:04:b5:6f:
d7:ab:d8:32:f3:ae:47:6b:06:50:ac:bf:79:7f:b8:
7f:d9:7e:bb:cb:b7:cc:f9:81:34:7d:10:c8:cc:35:
92:43:84:98:b9:47:91:a9:c5:c3:c9:a6:21:76:87:
45:3e:ff:ea:89:d4:20:e4:2c:52:9c:48:f3:62:27:
ff:0c:19:be:16:88:30:89:f4:29:61:cc:d0:01:a9:
55:89:34:64:fc:d1:1e:cd:85:9a:71:86:82:6b:44:
7f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E3:28:B8:DD:56:AF:8E:04:09:37:75:13:8B:C6:72:40:3C:04:3F
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4-MouN1Wr44ECTd1E4vGckA8BD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.18.64.0/24
2.22.24.0-2.22.28.255
Signature Algorithm: sha256WithRSAEncryption
41:80:b5:ed:f5:8c:de:30:3a:47:ad:88:40:d2:69:dd:0f:51:
15:77:49:62:ab:19:1f:54:27:3f:c0:5f:8c:a9:e9:7c:c8:74:
c2:3e:a2:33:49:6a:7a:b1:97:3a:0e:e0:ba:66:50:39:d0:f1:
7b:d5:7f:be:95:6c:c0:c3:0b:b2:d1:fc:b4:e6:94:f5:da:24:
e9:37:d2:6c:72:c3:67:cd:b6:ef:36:65:ba:1b:ec:df:5c:98:
aa:05:58:d1:8b:39:66:da:0a:03:d9:ee:4e:5f:08:24:22:74:
e0:ae:d5:a4:b4:09:fb:0f:97:32:cd:52:fd:7d:80:80:cf:82:
95:b9:13:15:ee:18:a8:eb:08:ce:03:2f:59:37:f9:8f:ca:3b:
31:39:c2:09:75:51:bf:5b:cd:a4:ca:d0:8b:3b:0a:79:15:c1:
92:67:81:94:5a:7e:77:37:5e:0d:e7:51:7e:76:f5:df:75:31:
57:aa:77:91:c4:86:d5:02:57:46:c0:73:a0:62:c8:0c:76:db:
60:6e:aa:e1:d3:d3:63:4a:00:4b:c9:3d:e2:06:36:4c:81:92:
e1:a5:8e:b3:38:00:4e:89:fb:29:59:c5:95:48:a8:f3:b8:e2:
4d:76:3b:f9:1f:16:57:74:a6:d5:5d:4c:34:f3:e1:ea:08:1d:
32:56:43:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYpfl5bdilCZ64F2hKjDFSiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjMwOTA0MDk0ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2UzMjhiOGRkNTZhZjhlMDQwOTM3NzUxMzhiYzY3MjQwM2MwNDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAyLJFQ5i4beoStfxOSPQvvKnBEb
PvawOpvHsCnR1TFs5VUJqY6Yz9pz4oJOl99D/kZ0nBdZ1xatHl6M5VhrLDV4Fm+Y
tirXE1Cv/18cQnuWDnrgw+kEi/0Gmmi8uuN45c/cStzxGQ3VdaYTMAKhzpTABsLy
FM9IdARdJBQt5scO/kNFZM1AyzuvsY1rpKkWN9Izxz1C/wMIGh7rITVumtwEtW/X
q9gy865HawZQrL95f7h/2X67y7fM+YE0fRDIzDWSQ4SYuUeRqcXDyaYhdodFPv/q
idQg5CxSnEjzYif/DBm+FogwifQpYczQAalViTRk/NEezYWacYaCa0R/YwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOPjKLjdVq+OBAk3dROLxnJAPAQ/MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNC1Nb3VOMVdyNDRFQ1RkMUU0dkdja0E4QkQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAAhJAMAwD
BAMCFhgDBAACFhwwDQYJKoZIhvcNAQELBQADggEBAEGAte31jN4wOketiEDSad0P
URV3SWKrGR9UJz/AX4yp6XzIdMI+ojNJanqxlzoO4LpmUDnQ8XvVf76VbMDDC7LR
/LTmlPXaJOk30mxyw2fNtu82Zbob7N9cmKoFWNGLOWbaCgPZ7k5fCCQidOCu1aS0
CfsPlzLNUv19gIDPgpW5ExXuGKjrCM4DL1k3+Y/KOzE5wgl1Ub9bzaTK0Is7CnkV
wZJngZRafnc3Xg3nUX529d91MVeqd5HEhtUCV0bAc6BiyAx222BuquHT02NKAEvJ
PeIGNkyBkuGljrM4AE6J+ylZxZVIqPO44k12O/kfFld0ptVdTDTz4eoIHTJWQ/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:29 2024 by rpki-client on console-fra.rpki-client.org