Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/M95d-X3nokiBigZYqRlDXRYsW7M.roa
File: M95d-X3nokiBigZYqRlDXRYsW7M.roa (raw, json)
Hash identifier: tnEYFGZLkowj9xEQ7NIkvBvnBgrlgM+pT1XhdKgQlhc=
Subject key identifier: 33:DE:5D:F9:7D:E7:A2:48:81:8A:06:58:A9:19:43:5D:16:2C:5B:B3
Certificate issuer: /CN=330fe971b3e36b16a92be85f59985be45968b864
Certificate serial: 018572BA7418AFAD657A5FA5207E0C42C557
Authority key identifier: 33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/M95d-X3nokiBigZYqRlDXRYsW7M.roa
Signing time: Mon 02 Jan 2023 13:45:00 +0000
ROA not before: Mon 02 Jan 2023 13:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47886
IP address blocks: 159.255.216.0/21 maxlen: 21
185.170.92.0/22 maxlen: 22
94.103.16.0/20 maxlen: 20
5.175.80.0/21 maxlen: 21
2a03:6980::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:74:18:af:ad:65:7a:5f:a5:20:7e:0c:42:c5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=330fe971b3e36b16a92be85f59985be45968b864
Validity
Not Before: Jan 2 13:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33de5df97de7a248818a0658a919435d162c5bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:06:f1:34:02:d3:4a:bb:54:6b:93:f5:b0:02:
8d:dc:38:e6:1b:ee:90:90:ec:e1:cb:a6:50:f2:66:
4a:31:e2:02:87:f3:de:e6:c0:54:93:bb:e6:6b:dc:
de:07:c2:99:27:97:b0:30:60:68:07:90:04:a6:4f:
5f:bb:81:0c:ea:77:a6:a3:2a:2b:20:17:d5:9f:86:
bc:a1:87:94:c0:58:1d:2d:6f:ef:98:a0:19:61:d0:
54:67:45:f5:09:80:e4:00:92:69:22:9f:9b:0a:7c:
9c:3b:ec:dd:44:e0:6f:62:40:1d:f9:d8:96:68:56:
17:13:dc:f0:6e:1f:1e:0f:27:af:cf:19:9a:14:56:
c9:1e:f3:47:81:18:86:d8:f6:29:14:89:51:5c:46:
b4:3e:c1:87:8d:4e:f4:2b:6b:d1:b6:a2:08:bf:30:
00:c0:7d:54:21:ef:cc:58:7d:3e:9a:de:02:56:59:
9f:ee:28:0f:58:54:44:ad:e4:41:ca:03:ea:d9:4b:
1b:7b:16:48:bb:f6:d2:f1:cf:a7:b1:83:df:a5:66:
f2:49:f0:97:ec:5e:b6:8a:ed:de:64:2c:b6:db:eb:
0d:f2:2b:94:bb:ec:b1:03:7e:e8:35:47:5e:a0:37:
82:4c:0f:59:77:d6:9c:a1:83:b2:36:0f:e3:93:f0:
42:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:DE:5D:F9:7D:E7:A2:48:81:8A:06:58:A9:19:43:5D:16:2C:5B:B3
X509v3 Authority Key Identifier:
keyid:33:0F:E9:71:B3:E3:6B:16:A9:2B:E8:5F:59:98:5B:E4:59:68:B8:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mw_pcbPjaxapK-hfWZhb5FlouGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/M95d-X3nokiBigZYqRlDXRYsW7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/a38693-cfa0-43e8-a51b-11e9e9f01343/1/Mw_pcbPjaxapK-hfWZhb5FlouGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.80.0/21
94.103.16.0/20
159.255.216.0/21
185.170.92.0/22
IPv6:
2a03:6980::/32
Signature Algorithm: sha256WithRSAEncryption
53:96:de:90:e9:d5:8b:13:aa:cd:8d:3b:2f:1c:98:7b:f5:91:
ca:cb:5c:63:9f:fd:4e:8a:61:ba:ab:7c:d0:d9:2f:aa:ed:9c:
93:8a:07:fc:d0:81:38:4d:8e:04:55:6a:77:2d:80:d8:9e:11:
d7:42:3d:e2:d9:3b:aa:88:41:ce:ce:b3:ad:37:36:31:eb:99:
fa:0d:7c:5a:4f:b6:c7:25:b9:43:54:6d:da:04:e7:af:b5:e8:
f1:fa:f9:e8:b3:df:93:4e:01:be:9a:b3:42:2c:68:f4:4e:c1:
61:b3:58:59:d7:a4:67:6d:e6:2c:74:23:24:df:d7:c7:64:4b:
5a:07:1c:6f:43:7e:e6:a7:b8:dc:35:a2:7f:a9:5f:75:7b:6d:
42:ad:0b:a5:49:00:14:cd:a0:7c:34:56:49:3b:2e:23:3c:d7:
d1:42:40:69:16:3e:e5:31:48:4c:7a:74:88:33:41:e2:97:bd:
04:4b:fd:44:4d:67:e5:43:26:32:40:2c:8b:b8:74:89:13:2d:
6a:5c:c6:14:89:36:fa:4d:80:c8:0f:60:80:4d:93:57:46:a8:
4b:e7:2c:a7:a6:c1:78:7d:3a:2c:11:47:36:b0:e9:18:fb:ed:
30:29:03:63:47:d0:48:2b:f0:dc:f0:b7:c1:e3:1a:4f:92:48:
e6:ae:cc:a8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVyunQYr61lel+lIH4MQsVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMGZlOTcxYjNlMzZiMTZhOTJiZTg1ZjU5OTg1YmU0NTk2
OGI4NjQwHhcNMjMwMTAyMTM0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2RlNWRmOTdkZTdhMjQ4ODE4YTA2NThhOTE5NDM1ZDE2MmM1YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwbxNALTSrtUa5P1sAKN3DjmG+6Q
kOzhy6ZQ8mZKMeICh/Pe5sBUk7vma9zeB8KZJ5ewMGBoB5AEpk9fu4EM6nemoyor
IBfVn4a8oYeUwFgdLW/vmKAZYdBUZ0X1CYDkAJJpIp+bCnycO+zdROBvYkAd+diW
aFYXE9zwbh8eDyevzxmaFFbJHvNHgRiG2PYpFIlRXEa0PsGHjU70K2vRtqIIvzAA
wH1UIe/MWH0+mt4CVlmf7igPWFREreRBygPq2UsbexZIu/bS8c+nsYPfpWbySfCX
7F62iu3eZCy22+sN8iuUu+yxA37oNUdeoDeCTA9Zd9acoYOyNg/jk/BC6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDPeXfl956JIgYoGWKkZQ10WLFuzMB8GA1UdIwQY
MBaAFDMP6XGz42sWqSvoX1mYW+RZaLhkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWIt
MTFlOWU5ZjAxMzQzLzEvTTk1ZC1YM25va2lCaWdaWXFSbERYUllzVzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9hMzg2OTMtY2ZhMC00M2U4LWE1MWItMTFlOWU5ZjAxMzQz
LzEvTXdfcGNiUGpheGFwSy1oZldaaGI1RmxvdUdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBa9QAwQE
XmcQAwQDn//YAwQCuapcMA0EAgACMAcDBQAqA2mAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTlt6Q6dWLE6rNjTsvHJh79ZHKy1xjn/1OimG6q3zQ2S+q7ZyTigf80IE4TY4E
VWp3LYDYnhHXQj3i2TuqiEHOzrOtNzYx65n6DXxaT7bHJblDVG3aBOevtejx+vno
s9+TTgG+mrNCLGj0TsFhs1hZ16RnbeYsdCMk39fHZEtaBxxvQ37mp7jcNaJ/qV91
e21CrQulSQAUzaB8NFZJOy4jPNfRQkBpFj7lMUhMenSIM0Hil70ES/1ETWflQyYy
QCyLuHSJEy1qXMYUiTb6TYDID2CATZNXRqhL5yynpsF4fTosEUc2sOkY++0wKQNj
R9BIK/Dc8LfB4xpPkkjmrsyo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:29 2024 by rpki-client on console-fra.rpki-client.org