Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M-nTWchOz3tiAacrTw0rGm8o2Ac.roa
File: M-nTWchOz3tiAacrTw0rGm8o2Ac.roa (raw, json)
Hash identifier: 4+X3QeCJwFepjovasSno/s/qW9mGk3kIgH606+ZE950=
Subject key identifier: 33:E9:D3:59:C8:4E:CF:7B:62:01:A7:2B:4F:0D:2B:1A:6F:28:D8:07
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 01856E7904BBB87FF35CE4A938F02D679C39
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M-nTWchOz3tiAacrTw0rGm8o2Ac.roa
Signing time: Sun 01 Jan 2023 17:55:02 +0000
ROA not before: Sun 01 Jan 2023 17:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 18779
IP address blocks: 176.111.223.0/24 maxlen: 24
147.189.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:30:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:04:bb:b8:7f:f3:5c:e4:a9:38:f0:2d:67:9c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 17:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33e9d359c84ecf7b6201a72b4f0d2b1a6f28d807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:43:8e:50:d3:79:c9:59:e7:11:cc:3b:17:54:
d0:fb:45:bd:70:ca:e8:8e:e2:e8:b3:0f:f7:5d:7b:
3e:6e:bb:bd:5d:21:e2:e5:6f:f8:4c:5e:2a:81:4b:
49:46:b2:37:3d:1d:a1:f0:45:0b:d5:66:52:57:59:
a6:3b:32:88:bc:d9:71:58:eb:5c:6d:29:d6:19:7e:
2e:da:b0:b2:32:1d:1c:7a:25:ee:2a:42:26:cb:0c:
f4:68:75:bd:c0:97:d6:77:d9:56:8e:57:e6:40:49:
65:dc:a6:90:b4:c1:0f:24:d4:97:69:35:a8:05:79:
ac:1e:98:82:c9:b5:df:9a:a0:c6:fa:82:0c:24:9f:
15:38:d9:35:04:49:6a:9c:e5:b8:93:63:c5:af:a3:
6a:9b:d9:db:1b:e5:ce:29:7c:b6:93:c7:ad:95:92:
3b:87:53:73:23:e6:21:36:05:a3:a2:49:76:77:44:
32:39:d7:e0:24:1b:31:63:86:11:5d:fc:7a:43:7e:
65:d3:25:91:f2:fc:0d:a2:f6:11:de:4a:9d:fe:70:
78:36:38:aa:08:c1:11:83:39:54:0e:a2:a7:64:57:
ab:20:18:40:0c:48:6f:9f:c1:d5:76:d1:bc:c7:0a:
cf:21:e7:57:f6:a2:58:fa:16:b2:c1:74:31:b1:af:
11:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:E9:D3:59:C8:4E:CF:7B:62:01:A7:2B:4F:0D:2B:1A:6F:28:D8:07
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/M-nTWchOz3tiAacrTw0rGm8o2Ac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.130.0/24
176.111.223.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c3:c2:7d:7f:bf:85:46:44:4c:57:3b:72:34:5d:9b:b8:e5:
4d:0d:3b:b5:70:86:c2:1b:8d:df:a1:4c:7d:4d:3f:bd:1f:a8:
3f:2f:78:c8:54:5b:0b:7e:0d:72:06:c6:fa:b2:6b:54:53:b0:
5c:07:b4:c1:87:89:51:b1:23:74:14:45:b9:df:0e:b3:f0:e0:
e0:9f:39:e9:da:4f:a3:45:84:c4:db:08:11:a1:85:7c:3a:fa:
73:73:06:44:37:1b:df:31:ed:22:c7:4c:47:93:9c:30:44:2a:
d1:36:22:34:a5:6f:ce:00:71:bd:47:c7:f2:f1:46:46:5b:7f:
58:dd:aa:19:22:4e:b1:de:0f:71:76:b1:aa:ed:c0:2b:94:ad:
8d:ef:11:12:77:38:d8:8c:87:80:90:1b:71:90:ab:6f:2d:d8:
97:df:b5:32:42:ab:10:f6:7f:c3:30:ec:d6:0a:40:05:27:0e:
57:10:e5:1f:2a:1a:57:ed:49:d8:7e:22:81:1c:fe:af:bf:88:
bd:f1:ab:a4:06:39:6d:c2:e0:22:00:c5:f1:9e:a8:d8:13:c4:
48:8c:7d:82:7e:d3:73:ec:73:dc:d2:28:6f:e5:bb:b3:55:f3:
a2:54:1f:05:e6:32:0d:80:ed:00:c4:d6:1a:05:16:03:11:b1:
9a:14:44:40
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVueQS7uH/zXOSpOPAtZ5w5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjMwMTAxMTc1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2U5ZDM1OWM4NGVjZjdiNjIwMWE3MmI0ZjBkMmIxYTZmMjhkODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkOOUNN5yVnnEcw7F1TQ+0W9cMro
juLosw/3XXs+bru9XSHi5W/4TF4qgUtJRrI3PR2h8EUL1WZSV1mmOzKIvNlxWOtc
bSnWGX4u2rCyMh0ceiXuKkImywz0aHW9wJfWd9lWjlfmQEll3KaQtMEPJNSXaTWo
BXmsHpiCybXfmqDG+oIMJJ8VONk1BElqnOW4k2PFr6Nqm9nbG+XOKXy2k8etlZI7
h1NzI+YhNgWjokl2d0QyOdfgJBsxY4YRXfx6Q35l0yWR8vwNovYR3kqd/nB4Njiq
CMERgzlUDqKnZFerIBhADEhvn8HVdtG8xwrPIedX9qJY+haywXQxsa8R0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDPp01nITs97YgGnK08NKxpvKNgHMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL00tblRXY2hPejN0aUFhY3JUdzByR204bzJBYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACTvYID
BACwb98wDQYJKoZIhvcNAQELBQADggEBAIXDwn1/v4VGRExXO3I0XZu45U0NO7Vw
hsIbjd+hTH1NP70fqD8veMhUWwt+DXIGxvqya1RTsFwHtMGHiVGxI3QURbnfDrPw
4OCfOenaT6NFhMTbCBGhhXw6+nNzBkQ3G98x7SLHTEeTnDBEKtE2IjSlb84Acb1H
x/LxRkZbf1jdqhkiTrHeD3F2sartwCuUrY3vERJ3ONiMh4CQG3GQq28t2JfftTJC
qxD2f8Mw7NYKQAUnDlcQ5R8qGlftSdh+IoEc/q+/iL3xq6QGOW3C4CIAxfGeqNgT
xEiMfYJ+03Psc9zSKG/lu7NV86JUHwXmMg2A7QDE1hoFFgMRsZoUREA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:08 2024 by rpki-client on console-ams.rpki-client.org