Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M0KKvsrBU-70DeJ9doT1IMfRhwg.roa
File: M0KKvsrBU-70DeJ9doT1IMfRhwg.roa (raw, json)
Hash identifier: 0Z1FrQEUdakfCVCm3i0aCt/J6IEhqdltXqCN3qP8oK0=
Subject key identifier: 33:42:8A:BE:CA:C1:53:EE:F4:0D:E2:7D:76:84:F5:20:C7:D1:87:08
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018BD8142893AB9ACF668E70F1F934A58F8A
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M0KKvsrBU-70DeJ9doT1IMfRhwg.roa
Signing time: Thu 16 Nov 2023 12:21:21 +0000
ROA not before: Thu 16 Nov 2023 12:21:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 11426
IP address blocks: 130.255.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:14:28:93:ab:9a:cf:66:8e:70:f1:f9:34:a5:8f:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 16 12:21:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33428abecac153eef40de27d7684f520c7d18708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e5:c2:2d:99:fb:f4:21:77:6a:6f:13:08:bc:
77:07:8d:02:00:c7:37:cf:38:cf:0e:6e:36:02:d3:
78:58:89:a9:dd:63:68:4a:cb:ae:41:10:2a:de:b1:
9e:4d:96:a6:58:db:5e:c4:4f:36:81:f5:84:af:aa:
79:f1:f8:d8:83:2b:d8:60:16:0f:0b:72:07:f3:21:
e9:03:9d:44:fb:3e:4f:69:8c:60:08:a7:5e:e8:0d:
1e:fd:62:67:13:30:ab:2d:d4:fe:fe:e0:be:fd:8b:
74:0e:9d:82:5b:7a:33:9a:48:2a:cf:dc:1c:59:79:
6a:6a:cd:68:13:66:67:9c:28:01:1b:f3:e3:a0:d6:
6d:44:34:de:ac:d7:fd:53:2e:88:27:f8:84:b3:da:
b8:a1:bf:0d:f4:20:81:8a:dd:96:a4:22:e8:ca:92:
9d:7b:59:fb:e1:d0:7a:2d:01:12:78:2a:53:fe:a2:
42:44:28:81:a7:83:cc:a4:77:40:46:84:5e:49:ce:
e3:6c:96:dc:5c:88:7f:ef:17:f6:93:67:ea:4e:19:
a5:b5:78:29:bc:ca:f8:a9:7c:0a:ae:9f:f2:44:80:
3e:6d:3d:f2:b1:40:90:47:69:4c:f5:de:3d:fc:02:
bb:9e:75:1c:67:bb:5a:53:b9:5f:f9:70:bf:60:5a:
bc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:42:8A:BE:CA:C1:53:EE:F4:0D:E2:7D:76:84:F5:20:C7:D1:87:08
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/M0KKvsrBU-70DeJ9doT1IMfRhwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.64.0/22
Signature Algorithm: sha256WithRSAEncryption
17:a6:55:91:43:6a:df:2e:6c:2a:4d:c3:ef:46:ab:ef:ee:89:
1c:73:16:f6:67:34:a9:5f:2d:09:aa:7e:70:45:39:16:5a:8c:
0d:9c:6e:b7:83:d5:39:97:b8:44:8f:3d:02:36:6d:b2:27:8a:
11:2a:86:6e:51:4f:9d:47:fc:80:21:ea:4d:f6:75:23:9d:56:
0a:15:ee:0d:a2:7e:8a:06:64:37:fd:60:f8:e4:cd:fa:6e:df:
50:70:33:0c:f4:3f:5a:3d:11:2d:8d:f2:e3:32:e4:fa:af:fa:
ad:4f:e1:76:38:87:0b:7a:f4:ee:86:54:6e:7e:ff:5d:a4:a6:
ad:78:26:24:0a:9c:7e:ea:55:84:61:76:48:af:d3:6e:e8:2a:
d5:8e:de:88:c9:cb:f6:40:40:9e:5c:65:c0:9e:46:37:be:f7:
83:c5:36:08:db:98:9b:c4:e1:90:3d:0b:d5:6f:fc:51:fb:78:
11:38:f0:a0:2f:3f:2d:40:81:4a:b4:cb:79:17:b1:9f:2d:ad:
9f:f6:75:b3:32:de:c1:8b:db:17:6c:d5:b1:a6:ab:ce:ff:52:
d5:c3:57:4e:40:ad:59:df:4d:ef:1c:b6:39:96:3a:35:a3:b2:
9b:8e:48:e9:23:86:e6:d5:69:ee:5f:4b:c4:dd:62:50:7d:53:
fc:41:3a:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvYFCiTq5rPZo5w8fk0pY+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjMxMTE2MTIyMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQyOGFiZWNhYzE1M2VlZjQwZGUyN2Q3Njg0ZjUyMGM3ZDE4NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeXCLZn79CF3am8TCLx3B40CAMc3
zzjPDm42AtN4WImp3WNoSsuuQRAq3rGeTZamWNtexE82gfWEr6p58fjYgyvYYBYP
C3IH8yHpA51E+z5PaYxgCKde6A0e/WJnEzCrLdT+/uC+/Yt0Dp2CW3ozmkgqz9wc
WXlqas1oE2ZnnCgBG/PjoNZtRDTerNf9Uy6IJ/iEs9q4ob8N9CCBit2WpCLoypKd
e1n74dB6LQESeCpT/qJCRCiBp4PMpHdARoReSc7jbJbcXIh/7xf2k2fqThmltXgp
vMr4qXwKrp/yRIA+bT3ysUCQR2lM9d49/AK7nnUcZ7taU7lf+XC/YFq8UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDNCir7KwVPu9A3ifXaE9SDH0YcIMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvTTBLS3ZzckJVLTcwRGVKOWRvVDFJTWZSaHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCgv9AMA0G
CSqGSIb3DQEBCwUAA4IBAQAXplWRQ2rfLmwqTcPvRqvv7okccxb2ZzSpXy0Jqn5w
RTkWWowNnG63g9U5l7hEjz0CNm2yJ4oRKoZuUU+dR/yAIepN9nUjnVYKFe4Non6K
BmQ3/WD45M36bt9QcDMM9D9aPREtjfLjMuT6r/qtT+F2OIcLevTuhlRufv9dpKat
eCYkCpx+6lWEYXZIr9Nu6CrVjt6Iycv2QECeXGXAnkY3vveDxTYI25ibxOGQPQvV
b/xR+3gROPCgLz8tQIFKtMt5F7GfLa2f9nWzMt7Bi9sXbNWxpqvO/1LVw1dOQK1Z
303vHLY5ljo1o7KbjkjpI4bm1WnuX0vE3WJQfVP8QToU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org