Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/MnQ83vC0W2TjnMC5p-RP62HoTgM.roa
File: MnQ83vC0W2TjnMC5p-RP62HoTgM.roa (raw, json)
Hash identifier: 4c2tVUQuTdR44uDLEtTx/ixtVuvv6x5WV/Su2IutSxU=
Subject key identifier: 32:74:3C:DE:F0:B4:5B:64:E3:9C:C0:B9:A7:E4:4F:EB:61:E8:4E:03
Certificate issuer: /CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Certificate serial: 018BAF5F41350848FB1A5A1A33A27119003B
Authority key identifier: 90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/MnQ83vC0W2TjnMC5p-RP62HoTgM.roa
Signing time: Wed 08 Nov 2023 14:38:57 +0000
ROA not before: Wed 08 Nov 2023 14:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29396
IP address blocks: 185.128.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:35:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:af:5f:41:35:08:48:fb:1a:5a:1a:33:a2:71:19:00:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90ae538e2a91346f0402598b0ff2fb9a95c07c39
Validity
Not Before: Nov 8 14:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32743cdef0b45b64e39cc0b9a7e44feb61e84e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5c:83:85:b2:b0:ad:52:5b:01:a3:b3:9a:de:
2f:a8:e0:db:bb:66:c9:2a:85:96:14:e5:3c:c8:45:
83:89:8c:52:58:d0:37:ab:16:a7:a4:c6:bc:d6:e5:
01:22:8b:84:3d:e2:24:cb:33:5f:4d:18:6b:34:b9:
e5:63:b1:96:73:b5:03:6a:3c:9d:bb:01:2a:fa:b0:
a0:2d:54:12:d6:0c:59:18:4a:92:5c:36:28:fe:4a:
d7:14:c9:2b:5f:4c:16:1d:16:11:b9:3d:57:21:42:
0f:5c:f2:5b:43:83:2f:31:48:b7:0f:5a:03:f3:3c:
1f:75:fd:f9:32:f9:66:02:f4:14:c6:88:93:37:6d:
c6:06:2b:e7:bd:3c:f6:c9:7b:5b:60:7c:e5:a5:ce:
4e:6d:20:4c:5e:0a:c5:ad:39:3a:40:64:b4:a9:dc:
0a:b4:dc:c4:2f:a0:e8:00:9a:4f:04:24:82:f7:b2:
62:d4:06:80:d3:0a:ae:92:7a:aa:9d:e9:fa:0f:8b:
fa:e7:48:dd:1a:ab:bc:70:66:ff:f3:3c:eb:52:24:
c8:7d:af:c7:93:b0:47:57:7f:13:32:84:71:3f:2a:
a6:ed:42:40:3b:70:21:c6:49:43:ce:da:4e:84:41:
2a:11:8d:94:2c:2f:16:da:e7:9c:15:d5:fd:5f:87:
a4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:74:3C:DE:F0:B4:5B:64:E3:9C:C0:B9:A7:E4:4F:EB:61:E8:4E:03
X509v3 Authority Key Identifier:
keyid:90:AE:53:8E:2A:91:34:6F:04:02:59:8B:0F:F2:FB:9A:95:C0:7C:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kK5TjiqRNG8EAlmLD_L7mpXAfDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/MnQ83vC0W2TjnMC5p-RP62HoTgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d47909-a560-409c-b839-c5e7821579f1/1/kK5TjiqRNG8EAlmLD_L7mpXAfDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:ec:51:56:fc:2f:29:c0:d3:de:d7:5e:fc:e3:be:db:67:36:
4e:2c:3c:14:da:08:40:ef:a2:89:ac:9f:d7:a0:f2:b5:f3:e9:
e0:95:10:aa:69:98:81:6a:8e:61:a5:08:70:db:cd:aa:20:8b:
3a:20:7c:b0:f2:cb:96:17:cd:29:b6:7f:af:6e:bf:59:dc:14:
de:2f:97:fa:fb:78:f5:23:83:67:7e:8e:4b:78:e5:b6:ff:e0:
82:6c:eb:4f:0e:d0:61:62:0a:db:c9:0f:55:ed:a1:21:31:d8:
98:d5:74:a4:e2:a3:74:8b:cc:a2:33:87:af:ab:f6:80:59:e0:
df:6d:83:2f:8f:bf:8a:eb:4b:5d:a6:af:07:f4:5b:6b:40:b6:
46:04:c3:37:68:97:b1:51:ce:f8:4c:c5:c8:6e:d6:9d:03:82:
66:56:59:85:47:f3:09:1a:70:b3:3d:ee:cd:bd:cf:d8:f2:79:
0d:c1:fa:3e:64:4e:1c:2c:3d:16:05:bc:9c:52:90:1c:20:2f:
53:97:3c:e8:81:57:b0:28:13:ca:12:d7:92:00:59:04:c5:92:
8f:dd:1d:1b:90:65:5a:bb:8e:65:10:a1:5a:07:78:bc:d1:85:
7f:9a:fe:4d:6f:14:49:d7:f9:5d:d8:5f:d3:85:99:6b:f2:eb:
26:26:6e:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuvX0E1CEj7GloaM6JxGQA7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYWU1MzhlMmE5MTM0NmYwNDAyNTk4YjBmZjJmYjlhOTVj
MDdjMzkwHhcNMjMxMTA4MTQzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjc0M2NkZWYwYjQ1YjY0ZTM5Y2MwYjlhN2U0NGZlYjYxZTg0ZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFyDhbKwrVJbAaOzmt4vqODbu2bJ
KoWWFOU8yEWDiYxSWNA3qxanpMa81uUBIouEPeIkyzNfTRhrNLnlY7GWc7UDajyd
uwEq+rCgLVQS1gxZGEqSXDYo/krXFMkrX0wWHRYRuT1XIUIPXPJbQ4MvMUi3D1oD
8zwfdf35MvlmAvQUxoiTN23GBivnvTz2yXtbYHzlpc5ObSBMXgrFrTk6QGS0qdwK
tNzEL6DoAJpPBCSC97Ji1AaA0wquknqqnen6D4v650jdGqu8cGb/8zzrUiTIfa/H
k7BHV38TMoRxPyqm7UJAO3AhxklDztpOhEEqEY2ULC8W2uecFdX9X4ekbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJ0PN7wtFtk45zAuafkT+th6E4DMB8GA1UdIwQY
MBaAFJCuU44qkTRvBAJZiw/y+5qVwHw5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4Mzkt
YzVlNzgyMTU3OWYxLzEvTW5RODN2QzBXMlRqbk1DNXAtUlA2MkhvVGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kNDc5MDktYTU2MC00MDljLWI4MzktYzVlNzgyMTU3OWYx
LzEva0s1VGppcVJORzhFQWxtTERfTDdtcFhBZkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYAgMA0G
CSqGSIb3DQEBCwUAA4IBAQAb7FFW/C8pwNPe1178477bZzZOLDwU2ghA76KJrJ/X
oPK18+nglRCqaZiBao5hpQhw282qIIs6IHyw8suWF80ptn+vbr9Z3BTeL5f6+3j1
I4Nnfo5LeOW2/+CCbOtPDtBhYgrbyQ9V7aEhMdiY1XSk4qN0i8yiM4evq/aAWeDf
bYMvj7+K60tdpq8H9FtrQLZGBMM3aJexUc74TMXIbtadA4JmVlmFR/MJGnCzPe7N
vc/Y8nkNwfo+ZE4cLD0WBbycUpAcIC9TlzzogVewKBPKEteSAFkExZKP3R0bkGVa
u45lEKFaB3i80YV/mv5NbxRJ1/ld2F/ThZlr8usmJm6g
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:13 2024 by rpki-client on console-ams.rpki-client.org