Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/Mell6YSQLtnJJmDHujRNi9Vb1sI.roa
File: Mell6YSQLtnJJmDHujRNi9Vb1sI.roa (raw, json)
Hash identifier: 8Kw3Z5ON6aAvlYOiGC3qH4uetSbIG2ISoHLzqgWE3EE=
Subject key identifier: 31:E9:65:E9:84:90:2E:D9:C9:26:60:C7:BA:34:4D:8B:D5:5B:D6:C2
Certificate issuer: /CN=40254d4a767ad099606e442e092f91241a363670
Certificate serial: 018AE096968DE975F94A44CC177D31F3A9AB
Authority key identifier: 40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/Mell6YSQLtnJJmDHujRNi9Vb1sI.roa
Signing time: Fri 29 Sep 2023 10:57:59 +0000
ROA not before: Fri 29 Sep 2023 10:57:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21227
IP address blocks: 193.22.108.0/24 maxlen: 24
2a0f:7b40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:96:96:8d:e9:75:f9:4a:44:cc:17:7d:31:f3:a9:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40254d4a767ad099606e442e092f91241a363670
Validity
Not Before: Sep 29 10:57:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31e965e984902ed9c92660c7ba344d8bd55bd6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e1:61:5f:39:4a:da:28:3e:38:e0:6c:50:ff:
90:4e:06:f7:63:c9:66:ac:7e:cf:fd:2a:df:8a:1f:
13:7b:25:80:17:27:bc:d6:85:f2:86:c0:c9:b9:17:
82:45:3b:36:ee:3e:cc:f3:86:3c:83:f7:cf:11:1f:
26:02:d2:d4:89:37:7b:c2:27:01:f5:21:c6:0d:aa:
a9:16:9f:a1:39:fb:47:f4:9c:32:eb:fc:22:fc:51:
6c:76:cc:d5:18:c1:8f:94:6a:b0:e0:8f:1d:44:99:
32:c5:7b:ff:36:87:be:29:99:45:92:68:0f:ab:2e:
6b:79:f6:08:bd:28:c0:2e:0c:d0:a1:c6:61:b3:a2:
2b:de:5c:80:98:a0:9d:63:f2:af:98:33:2e:06:a1:
48:93:ff:c5:b5:a6:24:0f:fc:70:cf:45:0a:04:78:
08:de:ee:d5:ac:c4:65:d0:72:2a:2d:7c:19:80:81:
48:53:3a:b0:d5:2d:ad:c9:4d:32:3e:02:fb:9a:d0:
70:81:7e:48:07:6e:8d:c8:ff:81:08:39:c2:98:b4:
56:f6:1b:db:46:cc:52:7d:48:84:ea:58:c9:4a:58:
7f:ed:a4:44:69:aa:da:e1:85:78:09:16:84:8b:a0:
54:75:2e:b6:55:57:ba:c8:6d:8e:c4:32:a3:39:41:
d4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E9:65:E9:84:90:2E:D9:C9:26:60:C7:BA:34:4D:8B:D5:5B:D6:C2
X509v3 Authority Key Identifier:
keyid:40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/Mell6YSQLtnJJmDHujRNi9Vb1sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/QCVNSnZ60JlgbkQuCS-RJBo2NnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.108.0/24
IPv6:
2a0f:7b40::/29
Signature Algorithm: sha256WithRSAEncryption
0e:86:1d:90:b5:75:72:9e:96:a6:a1:d4:0c:b1:ed:8a:78:13:
00:38:25:db:01:05:9f:e9:21:c4:b5:ee:32:3f:f8:af:07:f8:
dc:b7:27:7b:d8:f6:ae:2b:00:f2:5a:8c:d8:9b:ad:69:36:ed:
47:dd:14:86:03:90:d0:22:6e:69:6e:73:2d:43:01:87:d8:01:
8a:77:41:f3:40:55:72:85:8a:f2:49:49:dd:09:f0:b8:81:fe:
a2:5f:cd:c4:5c:be:c3:d1:7d:e0:31:f7:b1:ad:e6:9c:a2:c9:
46:a7:9d:ca:55:5d:71:4c:94:76:6d:b0:e6:ed:11:f4:e3:e4:
b5:fa:72:ff:24:e3:35:31:e3:45:fe:ab:3f:9e:c8:2d:82:5e:
e1:54:63:0a:13:1b:4c:c9:12:0d:6b:fe:b5:ee:24:97:0e:90:
b6:3d:04:2f:a3:c8:91:41:1d:7b:0e:c7:06:6a:b2:89:0e:be:
cc:4e:b8:df:f4:e9:98:58:cb:f0:40:03:76:42:33:f7:28:23:
9b:2c:3c:28:6f:c9:5b:08:69:fb:4f:b5:6c:df:db:51:ea:65:
20:f8:7c:e7:8b:b9:a3:78:b6:c1:6c:4f:c0:b5:32:cb:bf:96:
48:85:c6:e4:fc:c7:42:c6:f8:64:1b:23:72:2e:01:8f:b9:48:
1d:61:8e:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrglpaN6XX5SkTMF30x86mrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjU0ZDRhNzY3YWQwOTk2MDZlNDQyZTA5MmY5MTI0MWEz
NjM2NzAwHhcNMjMwOTI5MTA1NzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU5NjVlOTg0OTAyZWQ5YzkyNjYwYzdiYTM0NGQ4YmQ1NWJkNmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+FhXzlK2ig+OOBsUP+QTgb3Y8lm
rH7P/Srfih8TeyWAFye81oXyhsDJuReCRTs27j7M84Y8g/fPER8mAtLUiTd7wicB
9SHGDaqpFp+hOftH9Jwy6/wi/FFsdszVGMGPlGqw4I8dRJkyxXv/Noe+KZlFkmgP
qy5refYIvSjALgzQocZhs6Ir3lyAmKCdY/KvmDMuBqFIk//FtaYkD/xwz0UKBHgI
3u7VrMRl0HIqLXwZgIFIUzqw1S2tyU0yPgL7mtBwgX5IB26NyP+BCDnCmLRW9hvb
RsxSfUiE6ljJSlh/7aREaara4YV4CRaEi6BUdS62VVe6yG2OxDKjOUHUBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDHpZemEkC7ZySZgx7o0TYvVW9bCMB8GA1UdIwQY
MBaAFEAlTUp2etCZYG5ELgkvkSQaNjZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2Ut
YmJlOTEyZWVjNzNlLzEvTWVsbDZZU1FMdG5KSm1ESHVqUk5pOVZiMXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2UtYmJlOTEyZWVjNzNl
LzEvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwRZsMA0E
AgACMAcDBQMqD3tAMA0GCSqGSIb3DQEBCwUAA4IBAQAOhh2QtXVynpamodQMse2K
eBMAOCXbAQWf6SHEte4yP/ivB/jctyd72PauKwDyWozYm61pNu1H3RSGA5DQIm5p
bnMtQwGH2AGKd0HzQFVyhYrySUndCfC4gf6iX83EXL7D0X3gMfexreacoslGp53K
VV1xTJR2bbDm7RH04+S1+nL/JOM1MeNF/qs/nsgtgl7hVGMKExtMyRINa/617iSX
DpC2PQQvo8iRQR17DscGarKJDr7MTrjf9OmYWMvwQAN2QjP3KCObLDwob8lbCGn7
T7Vs39tR6mUg+Hzni7mjeLbBbE/AtTLLv5ZIhcbk/MdCxvhkGyNyLgGPuUgdYY4C
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:38:13 2024 by rpki-client on console-fra.rpki-client.org