Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/mK4FmJGN2CLjTEixrQiYury1xkk.roa
File: mK4FmJGN2CLjTEixrQiYury1xkk.roa (raw, json)
Hash identifier: 6tIdKDD1D5tjyeXMaKC+Z7837qFaE+cbH/nJ9BTrOjE=
Subject key identifier: 98:AE:05:98:91:8D:D8:22:E3:4C:48:B1:AD:08:98:BA:BC:B5:C6:49
Certificate issuer: /CN=bbca3f25d54620b50ef8520657634d3b096bac57
Certificate serial: 018570FBD7C75F283335A309E29EB51A4D62
Authority key identifier: BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/mK4FmJGN2CLjTEixrQiYury1xkk.roa
Signing time: Mon 02 Jan 2023 05:37:11 +0000
ROA not before: Mon 02 Jan 2023 05:37:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 193.41.237.0/24 maxlen: 24
94.143.231.0/24 maxlen: 24
193.42.11.0/24 maxlen: 24
193.42.12.0/24 maxlen: 24
176.96.136.0/22 maxlen: 22
2.59.132.0/22 maxlen: 22
193.41.226.0/24 maxlen: 24
2a0d:5940::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Mar 2023 16:16:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d7:c7:5f:28:33:35:a3:09:e2:9e:b5:1a:4d:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbca3f25d54620b50ef8520657634d3b096bac57
Validity
Not Before: Jan 2 05:37:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98ae0598918dd822e34c48b1ad0898babcb5c649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:07:e1:90:cf:30:9a:ca:4c:a7:dc:58:4b:08:
d7:f4:71:c9:62:7b:65:26:00:24:cc:26:19:45:d8:
59:d5:a1:44:a6:50:4c:44:6c:80:cf:fc:7b:d0:c0:
54:4a:69:f7:3d:01:bf:b9:d7:91:9f:cd:52:55:5e:
e8:03:5c:a1:54:31:d9:a7:2f:08:f1:82:6b:7d:50:
a1:23:14:88:5e:c6:51:89:05:27:0e:5a:b7:3f:4d:
6c:6f:95:f6:f7:2f:e5:35:04:ad:d3:07:f3:63:49:
07:13:27:ae:c9:54:45:29:eb:f4:53:ea:bf:5a:e1:
3a:65:a9:51:91:e0:5f:4d:75:67:46:b4:08:bf:34:
7a:40:28:6a:18:fa:e4:b5:66:23:89:53:18:cf:6b:
c9:e5:b7:cf:d3:0c:79:61:33:00:17:af:d2:4a:6f:
02:76:5f:ae:6e:46:c0:f2:6e:5f:f8:31:e9:ec:b6:
10:9c:1e:b2:0c:ba:e4:e8:68:70:ce:f4:56:17:a6:
ae:17:6d:50:99:d0:b3:a6:23:83:a8:e8:99:a1:3b:
85:f6:cd:aa:df:64:90:3c:6c:2e:d1:be:7d:93:bc:
22:08:52:83:cf:3b:93:09:dd:ea:da:d0:66:96:d9:
c0:3c:2d:97:c2:6c:8e:e2:e4:8d:3f:c6:dc:14:f0:
3d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:AE:05:98:91:8D:D8:22:E3:4C:48:B1:AD:08:98:BA:BC:B5:C6:49
X509v3 Authority Key Identifier:
keyid:BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/mK4FmJGN2CLjTEixrQiYury1xkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.132.0/22
94.143.231.0/24
176.96.136.0/22
193.41.226.0/24
193.41.237.0/24
193.42.11.0-193.42.12.255
IPv6:
2a0d:5940::/29
Signature Algorithm: sha256WithRSAEncryption
c3:ed:f5:2f:11:4b:bc:54:8c:10:13:23:51:40:8a:a5:0e:e0:
40:9a:c5:35:b5:2a:9d:08:62:68:e0:7f:e1:18:af:db:04:c5:
5f:ce:de:33:6a:2a:45:02:ce:f7:bb:f5:d6:85:05:df:f5:a9:
dd:29:6f:48:36:6d:dc:e4:2b:44:a8:95:b6:40:66:46:60:09:
18:e4:f6:8c:00:54:1b:a4:ed:d9:83:91:b6:10:c8:3f:0b:94:
b4:03:15:c5:86:b0:56:7e:ed:71:dd:6e:52:e5:f5:5f:56:89:
8f:5c:f0:7a:5c:6e:f3:61:ca:8e:d6:b1:0f:dd:fa:7e:ea:b9:
a0:85:c2:ac:41:c7:f8:bb:cb:a6:22:80:c0:60:2e:08:b7:49:
67:25:d1:41:8c:c2:33:2d:02:cb:72:20:5b:22:1b:33:dc:63:
c2:dc:81:77:c6:4c:a7:f5:57:36:c3:20:3a:be:4c:82:3b:41:
06:1b:60:f9:39:32:01:bb:dd:32:b7:b6:2a:16:f3:a2:0d:c0:
d6:ac:12:ed:81:d9:a1:7e:58:fd:e3:5b:af:6d:c7:a4:f5:7f:
07:cd:f0:76:bc:72:39:e4:40:c4:48:c1:f3:6f:76:11:fd:1f:
4f:b4:c6:9f:7f:49:a1:5e:53:8c:7a:7a:ac:2e:ac:b4:8a:2b:
c7:4e:ef:2a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYVw+9fHXygzNaMJ4p61Gk1iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2EzZjI1ZDU0NjIwYjUwZWY4NTIwNjU3NjM0ZDNiMDk2
YmFjNTcwHhcNMjMwMTAyMDUzNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGFlMDU5ODkxOGRkODIyZTM0YzQ4YjFhZDA4OThiYWJjYjVjNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgfhkM8wmspMp9xYSwjX9HHJYntl
JgAkzCYZRdhZ1aFEplBMRGyAz/x70MBUSmn3PQG/udeRn81SVV7oA1yhVDHZpy8I
8YJrfVChIxSIXsZRiQUnDlq3P01sb5X29y/lNQSt0wfzY0kHEyeuyVRFKev0U+q/
WuE6ZalRkeBfTXVnRrQIvzR6QChqGPrktWYjiVMYz2vJ5bfP0wx5YTMAF6/SSm8C
dl+ubkbA8m5f+DHp7LYQnB6yDLrk6GhwzvRWF6auF21QmdCzpiODqOiZoTuF9s2q
32SQPGwu0b59k7wiCFKDzzuTCd3q2tBmltnAPC2XwmyO4uSNP8bcFPA9pQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJiuBZiRjdgi40xIsa0ImLq8tcZJMB8GA1UdIwQY
MBaAFLvKPyXVRiC1DvhSBldjTTsJa6xXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEt
NGRjMjBjNWI2MjY4LzEvbUs0Rm1KR04yQ0xqVEVpeHJRaVl1cnkxeGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEtNGRjMjBjNWI2MjY4
LzEvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCAjuEAwQA
Xo/nAwQCsGCIAwQAwSniAwQAwSntMAwDBADBKgsDBADBKgwwDQQCAAIwBwMFAyoN
WUAwDQYJKoZIhvcNAQELBQADggEBAMPt9S8RS7xUjBATI1FAiqUO4ECaxTW1Kp0I
Ymjgf+EYr9sExV/O3jNqKkUCzve79daFBd/1qd0pb0g2bdzkK0SolbZAZkZgCRjk
9owAVBuk7dmDkbYQyD8LlLQDFcWGsFZ+7XHdblLl9V9WiY9c8HpcbvNhyo7WsQ/d
+n7quaCFwqxBx/i7y6YigMBgLgi3SWcl0UGMwjMtAstyIFsiGzPcY8LcgXfGTKf1
VzbDIDq+TII7QQYbYPk5MgG73TK3tioW86INwNasEu2B2aF+WP3jW69tx6T1fwfN
8Ha8cjnkQMRIwfNvdhH9H0+0xp9/SaFeU4x6eqwurLSKK8dO7yo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:26 2024 by rpki-client on console-fra.rpki-client.org