Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/MsrP4cZPYGy4KQ5c_ob-O-QEB4A.roa
File: MsrP4cZPYGy4KQ5c_ob-O-QEB4A.roa (raw, json)
Hash identifier: Z6gK9BhtU2ju3/JDSkjKUXp1gFJ3crlx812+HF9NEYU=
Subject key identifier: 32:CA:CF:E1:C6:4F:60:6C:B8:29:0E:5C:FE:86:FE:3B:E4:04:07:80
Certificate issuer: /CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Certificate serial: 01856F54A57EB207EBE3C681DB7A5819EC47
Authority key identifier: FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/MsrP4cZPYGy4KQ5c_ob-O-QEB4A.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211360
IP address blocks: 193.84.108.0/24 maxlen: 24
2a10:ba80::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 07 Jul 2023 10:58:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a5:7e:b2:07:eb:e3:c6:81:db:7a:58:19:ec:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd21cb4baa15862d1b5773bf2be60ca5f4fc24d4
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32cacfe1c64f606cb8290e5cfe86fe3be4040780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:39:40:3f:4f:34:e2:33:9d:a5:55:96:ff:aa:
ec:23:d6:6c:e0:40:3a:ce:73:d0:16:86:76:7c:b2:
b5:b9:e4:90:e0:77:66:4c:b7:93:b8:09:d4:42:b8:
db:8b:24:50:75:9a:eb:ec:77:b3:5a:23:f2:ed:9d:
fc:fd:4b:ec:b8:c1:a5:fd:d8:be:c9:11:b3:c7:77:
6c:17:5f:28:fd:3b:a7:2b:c9:c6:58:c1:68:b5:35:
df:17:7c:3b:c4:a5:54:4f:b2:4f:83:89:0d:dd:bb:
e2:7e:fa:49:31:b2:50:2f:c7:c5:bd:ad:49:0f:85:
8b:77:74:f0:59:80:d1:13:f6:0e:b3:9f:b2:e2:05:
a9:d8:3d:90:a8:b6:6a:ab:6f:a4:36:bc:2e:7d:1f:
d1:5f:ea:8b:26:3b:6f:1d:fb:12:91:1c:01:9b:55:
06:d6:ae:c3:2c:02:86:53:af:d5:36:92:0e:1d:72:
57:9f:73:b4:a3:7f:35:af:d3:01:8c:00:7b:f2:1f:
0a:64:55:3d:d9:02:2c:d3:db:f6:8c:2b:53:c4:8a:
8e:22:8a:cd:aa:05:4e:a2:4b:7b:3b:e0:ad:7f:de:
1f:79:77:18:1d:12:c2:41:6b:42:26:b7:d6:f5:c1:
b3:a5:e1:31:e6:a4:c3:a0:6e:41:10:55:bb:35:80:
97:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CA:CF:E1:C6:4F:60:6C:B8:29:0E:5C:FE:86:FE:3B:E4:04:07:80
X509v3 Authority Key Identifier:
keyid:FD:21:CB:4B:AA:15:86:2D:1B:57:73:BF:2B:E6:0C:A5:F4:FC:24:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/MsrP4cZPYGy4KQ5c_ob-O-QEB4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/326606-14ba-4436-9985-be5520a5c821/1/_SHLS6oVhi0bV3O_K-YMpfT8JNQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.108.0/24
IPv6:
2a10:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
7c:0a:15:12:34:6a:11:3d:0e:9e:91:07:0a:7d:1f:81:57:63:
bb:b8:b1:1b:1e:5f:2f:53:34:36:88:e1:e3:14:83:1c:9c:aa:
43:00:64:17:a8:e2:74:cc:17:fb:62:db:0d:f8:85:26:94:d7:
71:23:1f:4f:cc:ba:5f:eb:b9:79:3f:07:47:62:13:98:a7:3d:
03:a3:2a:33:c7:76:62:70:9b:8d:ae:18:7a:d9:c2:a2:cd:35:
b0:d5:25:cf:15:48:fc:c5:3d:51:c2:77:9c:c3:3f:a0:32:6b:
03:2a:0e:f5:d4:ea:47:e9:21:22:fd:22:5a:d8:b5:2f:93:ea:
85:1a:90:a8:47:cc:15:e6:0a:c4:21:3c:18:66:d8:eb:89:ca:
97:d7:07:29:27:01:be:e1:75:3b:85:91:89:66:a8:49:e1:8e:
30:e5:e2:70:97:4d:01:ae:0b:a1:2c:96:55:e7:ae:d2:16:9b:
b9:19:c9:dc:20:74:b4:24:cb:cc:9b:e0:d4:99:81:ee:da:32:
08:1b:ec:f7:4d:f3:2c:28:07:b8:0a:c6:16:ea:53:fb:92:3a:
87:d1:d8:4f:04:50:16:a1:a7:d8:2e:4b:a2:f1:2c:f4:61:64:
52:54:4c:f2:22:7d:87:13:7a:9f:37:97:b6:76:73:3b:ab:70:
23:9c:a4:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvVKV+sgfr48aB23pYGexHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMjFjYjRiYWExNTg2MmQxYjU3NzNiZjJiZTYwY2E1ZjRm
YzI0ZDQwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNhY2ZlMWM2NGY2MDZjYjgyOTBlNWNmZTg2ZmUzYmU0MDQwNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjlAP0804jOdpVWW/6rsI9Zs4EA6
znPQFoZ2fLK1ueSQ4HdmTLeTuAnUQrjbiyRQdZrr7HezWiPy7Z38/UvsuMGl/di+
yRGzx3dsF18o/TunK8nGWMFotTXfF3w7xKVUT7JPg4kN3bvifvpJMbJQL8fFva1J
D4WLd3TwWYDRE/YOs5+y4gWp2D2QqLZqq2+kNrwufR/RX+qLJjtvHfsSkRwBm1UG
1q7DLAKGU6/VNpIOHXJXn3O0o381r9MBjAB78h8KZFU92QIs09v2jCtTxIqOIorN
qgVOokt7O+Ctf94feXcYHRLCQWtCJrfW9cGzpeEx5qTDoG5BEFW7NYCX+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDLKz+HGT2BsuCkOXP6G/jvkBAeAMB8GA1UdIwQY
MBaAFP0hy0uqFYYtG1dzvyvmDKX0/CTUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUt
YmU1NTIwYTVjODIxLzEvTXNyUDRjWlBZR3k0S1E1Y19vYi1PLVFFQjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zMjY2MDYtMTRiYS00NDM2LTk5ODUtYmU1NTIwYTVjODIx
LzEvX1NITFM2b1ZoaTBiVjNPX0stWU1wZlQ4Sk5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwVRsMA0E
AgACMAcDBQMqELqAMA0GCSqGSIb3DQEBCwUAA4IBAQB8ChUSNGoRPQ6ekQcKfR+B
V2O7uLEbHl8vUzQ2iOHjFIMcnKpDAGQXqOJ0zBf7YtsN+IUmlNdxIx9PzLpf67l5
PwdHYhOYpz0Doyozx3ZicJuNrhh62cKizTWw1SXPFUj8xT1Rwnecwz+gMmsDKg71
1OpH6SEi/SJa2LUvk+qFGpCoR8wV5grEITwYZtjricqX1wcpJwG+4XU7hZGJZqhJ
4Y4w5eJwl00BrguhLJZV567SFpu5GcncIHS0JMvMm+DUmYHu2jIIG+z3TfMsKAe4
CsYW6lP7kjqH0dhPBFAWoafYLkui8Sz0YWRSVEzyIn2HE3qfN5e2dnM7q3AjnKQP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:59 2024 by rpki-client on console-fra.rpki-client.org