Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/mVSDsFZKjc2g9-VwuIzRSoMtGTo.roa
File: mVSDsFZKjc2g9-VwuIzRSoMtGTo.roa (raw, json)
Hash identifier: VPHoOR5UbDdZrt1aGHDFTAHs2oEd3klENMuy6DlD+ok=
Subject key identifier: 99:54:83:B0:56:4A:8D:CD:A0:F7:E5:70:B8:8C:D1:4A:83:2D:19:3A
Certificate issuer: /CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008
Certificate serial: 01856F66CC6A5EBBEF37375047D11481C529
Authority key identifier: 5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/mVSDsFZKjc2g9-VwuIzRSoMtGTo.roa
Signing time: Sun 01 Jan 2023 22:14:46 +0000
ROA not before: Sun 01 Jan 2023 22:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13004
IP address blocks: 193.105.163.0/24 maxlen: 24
91.245.214.0/24 maxlen: 24
2001:7f8:1e::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:cc:6a:5e:bb:ef:37:37:50:47:d1:14:81:c5:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c3a1d973f9b3391e8adacaa664d1b23d778f008
Validity
Not Before: Jan 1 22:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=995483b0564a8dcda0f7e570b88cd14a832d193a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ed:64:ed:8c:ff:84:1b:60:65:c8:2b:c3:7d:
1b:cd:76:61:d5:51:2f:c3:f6:33:2e:da:bc:d2:6d:
ba:02:98:01:fd:51:c0:de:68:66:8e:b4:78:46:25:
38:2f:f2:97:9f:cb:c6:7e:b1:3f:bc:f6:39:ca:64:
06:0e:1b:f1:28:6a:d6:2d:da:f2:00:d1:63:b8:9e:
f1:61:52:63:8b:13:dd:cb:71:6e:0f:96:09:29:2d:
03:3c:92:88:39:bc:d7:d0:f1:29:b3:9a:c7:a5:fd:
f8:0e:a2:8a:c0:7b:7f:0b:a1:ca:eb:5e:f0:a1:19:
8d:20:13:aa:ae:e1:5f:1b:b1:95:29:57:70:44:33:
29:06:9b:00:cf:49:e6:5e:5e:65:37:30:34:70:88:
d7:bb:5c:18:5c:9d:65:f0:05:90:93:e7:f7:28:6c:
ca:48:c3:e7:cb:84:e2:16:43:7b:f5:59:5d:f5:9a:
0a:87:6e:6a:e0:3f:85:c8:59:97:0c:e8:30:17:a6:
1e:36:92:81:1e:98:89:ad:65:1a:91:e2:9a:10:cd:
46:44:45:76:6f:fd:49:64:0f:ad:37:7a:b7:34:32:
d8:52:fd:32:37:04:59:28:e1:a3:f5:a3:37:56:a1:
ff:c7:b8:ce:d6:ee:d3:a1:2a:b7:0c:4a:d6:d2:bf:
66:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:54:83:B0:56:4A:8D:CD:A0:F7:E5:70:B8:8C:D1:4A:83:2D:19:3A
X509v3 Authority Key Identifier:
keyid:5C:3A:1D:97:3F:9B:33:91:E8:AD:AC:AA:66:4D:1B:23:D7:78:F0:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XDodlz-bM5HorayqZk0bI9d48Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/mVSDsFZKjc2g9-VwuIzRSoMtGTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a5fcf5-7863-43c1-a1c1-194cc9902abf/1/XDodlz-bM5HorayqZk0bI9d48Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.214.0/24
193.105.163.0/24
IPv6:
2001:7f8:1e::/48
Signature Algorithm: sha256WithRSAEncryption
52:47:6e:53:6d:8d:c9:34:bb:d9:80:a4:f2:2b:8e:04:a6:3b:
09:6f:6f:6d:3d:6c:bd:c9:4b:26:02:01:f4:5a:f2:e0:96:7b:
a9:2b:b1:85:bc:c1:f7:68:80:0a:72:74:5e:eb:d5:c3:1b:70:
bf:41:93:9b:cb:08:fb:9f:76:7c:6e:42:04:51:c9:5b:e8:9f:
41:d2:aa:0a:e4:f5:d7:66:ab:50:2e:f6:bc:3c:c8:eb:49:c5:
41:54:fd:d0:86:0e:98:c7:27:0c:53:ad:97:53:57:33:bc:ba:
38:ec:31:11:3e:38:8a:b0:59:cf:85:ee:d3:63:d7:4d:0b:cc:
6e:7f:c0:aa:72:bb:6c:98:15:77:80:0d:cd:c2:f1:3b:ea:a1:
c7:1b:1f:7c:d1:a9:d4:c0:80:f6:32:b0:47:ed:77:9a:bf:ed:
49:4d:55:80:3f:55:10:6e:69:94:10:35:95:e9:6e:1f:9a:49:
94:4a:62:7a:d3:b2:b5:ef:39:54:4d:24:75:59:92:4a:ed:bb:
a4:2e:49:5b:46:19:f0:a6:88:0b:73:03:ad:28:eb:8b:94:b5:
68:3a:b7:c3:b8:91:4a:f5:d8:88:4c:a3:53:97:bc:a7:95:50:
4b:28:56:be:0c:cf:91:b3:8d:cf:e4:a5:44:da:44:36:13:4d:
e4:02:90:1a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVvZsxqXrvvNzdQR9EUgcUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjM2ExZDk3M2Y5YjMzOTFlOGFkYWNhYTY2NGQxYjIzZDc3
OGYwMDgwHhcNMjMwMTAxMjIxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU0ODNiMDU2NGE4ZGNkYTBmN2U1NzBiODhjZDE0YTgzMmQxOTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqu1k7Yz/hBtgZcgrw30bzXZh1VEv
w/YzLtq80m26ApgB/VHA3mhmjrR4RiU4L/KXn8vGfrE/vPY5ymQGDhvxKGrWLdry
ANFjuJ7xYVJjixPdy3FuD5YJKS0DPJKIObzX0PEps5rHpf34DqKKwHt/C6HK617w
oRmNIBOqruFfG7GVKVdwRDMpBpsAz0nmXl5lNzA0cIjXu1wYXJ1l8AWQk+f3KGzK
SMPny4TiFkN79Vld9ZoKh25q4D+FyFmXDOgwF6YeNpKBHpiJrWUakeKaEM1GREV2
b/1JZA+tN3q3NDLYUv0yNwRZKOGj9aM3VqH/x7jO1u7ToSq3DErW0r9m+QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFJlUg7BWSo3NoPflcLiM0UqDLRk6MB8GA1UdIwQY
MBaAFFw6HZc/mzOR6K2sqmZNGyPXePAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEt
MTk0Y2M5OTAyYWJmLzEvbVZTRHNGWktqYzJnOS1Wd3VJelJTb010R1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9hNWZjZjUtNzg2My00M2MxLWExYzEtMTk0Y2M5OTAyYWJm
LzEvWERvZGx6LWJNNUhvcmF5cVprMGJJOWQ0OEFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW/XWAwQA
wWmjMA8EAgACMAkDBwAgAQf4AB4wDQYJKoZIhvcNAQELBQADggEBAFJHblNtjck0
u9mApPIrjgSmOwlvb209bL3JSyYCAfRa8uCWe6krsYW8wfdogApydF7r1cMbcL9B
k5vLCPufdnxuQgRRyVvon0HSqgrk9ddmq1Au9rw8yOtJxUFU/dCGDpjHJwxTrZdT
VzO8ujjsMRE+OIqwWc+F7tNj100LzG5/wKpyu2yYFXeADc3C8TvqoccbH3zRqdTA
gPYysEftd5q/7UlNVYA/VRBuaZQQNZXpbh+aSZRKYnrTsrXvOVRNJHVZkkrtu6Qu
SVtGGfCmiAtzA60o64uUtWg6t8O4kUr12IhMo1OXvKeVUEsoVr4Mz5Gzjc/kpUTa
RDYTTeQCkBo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:32 2024 by rpki-client on console-ams.rpki-client.org