Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/MfRqUaiuYaT24SQpMbnLGffU_Zk.roa
File: MfRqUaiuYaT24SQpMbnLGffU_Zk.roa (raw, json)
Hash identifier: UTR2lOY1qwAQnkWTv1YYW/vKGwR9o325CpIy1+fxoWM=
Subject key identifier: 31:F4:6A:51:A8:AE:61:A4:F6:E1:24:29:31:B9:CB:19:F7:D4:FD:99
Certificate issuer: /CN=40254d4a767ad099606e442e092f91241a363670
Certificate serial: 018AE09696F5477C747758F8FB262CE3FCB5
Authority key identifier: 40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/MfRqUaiuYaT24SQpMbnLGffU_Zk.roa
Signing time: Fri 29 Sep 2023 10:58:00 +0000
ROA not before: Fri 29 Sep 2023 10:58:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207864
IP address blocks: 193.22.168.0/24 maxlen: 24
193.22.170.0/24 maxlen: 24
193.22.108.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e0:96:96:f5:47:7c:74:77:58:f8:fb:26:2c:e3:fc:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40254d4a767ad099606e442e092f91241a363670
Validity
Not Before: Sep 29 10:58:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31f46a51a8ae61a4f6e1242931b9cb19f7d4fd99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:16:8a:39:62:7f:c2:1c:09:f1:9e:65:77:bb:
d5:5d:0d:ee:11:b7:60:09:e5:e6:c7:0f:0d:a0:8b:
69:8a:02:70:0f:b4:3e:a2:ce:48:cd:16:c7:f9:e3:
61:27:fa:19:73:30:2d:b7:0a:9a:fa:d9:87:f4:7c:
b8:68:fe:af:61:51:0a:9e:a7:13:f1:8f:3b:fe:8f:
9f:e9:c5:43:60:86:10:bb:32:65:84:02:4e:be:84:
45:a4:c1:a7:fd:1c:3a:f1:8d:79:39:a4:c0:fd:6f:
ff:40:7a:2a:e0:2c:79:42:9f:51:fe:7a:ef:32:7d:
59:5b:e2:c2:5c:ac:2c:c9:78:90:10:ad:49:8d:ae:
53:ef:2b:61:a2:79:83:86:67:ed:67:02:54:7d:05:
77:0d:1d:e7:d8:c4:a1:c0:30:77:b8:e4:9f:f8:11:
df:8a:fb:43:e0:d7:b7:6b:e2:04:50:9b:c7:bc:81:
38:13:eb:bf:59:bc:a5:f1:bb:34:39:0a:3c:9b:e0:
29:ee:dd:d3:85:8e:1b:c8:d1:67:0b:57:69:6e:e8:
70:3c:f2:61:0d:1a:a6:08:40:8e:6a:14:d7:12:b2:
59:8c:04:8e:ee:04:17:72:bb:fa:51:b6:0b:de:a0:
67:f0:14:d7:25:3b:75:29:c2:d1:24:83:dd:bb:9e:
e0:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F4:6A:51:A8:AE:61:A4:F6:E1:24:29:31:B9:CB:19:F7:D4:FD:99
X509v3 Authority Key Identifier:
keyid:40:25:4D:4A:76:7A:D0:99:60:6E:44:2E:09:2F:91:24:1A:36:36:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCVNSnZ60JlgbkQuCS-RJBo2NnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/MfRqUaiuYaT24SQpMbnLGffU_Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/ef6c8e-3f07-4b3f-a87e-bbe912eec73e/1/QCVNSnZ60JlgbkQuCS-RJBo2NnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.22.108.0/24
193.22.168.0/24
193.22.170.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:35:b1:e3:9c:7f:a9:bc:7b:90:d3:16:85:0b:b8:94:02:8a:
d9:0f:e7:89:65:e1:d4:fe:9c:91:03:ae:11:a8:78:a0:27:7f:
a3:9d:54:34:6e:c4:b4:3b:17:40:a1:de:60:33:ab:b5:20:00:
e8:be:d6:09:03:28:36:6d:83:48:c9:3d:a0:f6:cb:de:83:8d:
c2:02:28:94:29:e6:3b:94:5e:49:f5:d5:ae:95:52:fd:11:26:
48:c8:06:bb:af:e2:ca:70:4b:88:0b:ab:02:33:c2:91:31:f0:
02:60:f9:f8:f8:67:92:88:16:59:f6:f0:cd:b5:c6:62:11:0c:
58:81:49:1d:37:14:91:e3:b1:44:17:a6:5e:00:4a:7c:da:9b:
e1:34:2b:55:c3:91:04:dd:83:1a:dc:df:ba:ea:94:46:76:45:
93:38:da:6c:b3:ef:70:ce:18:06:83:2b:66:6b:6f:44:26:ad:
28:b2:87:9a:de:30:cd:7e:dc:b9:2d:ac:8b:63:1f:cd:41:b2:
50:64:0f:ca:2f:09:c9:f0:04:1a:60:66:fa:e4:37:bf:0d:b9:
69:a3:e3:58:8b:81:7f:34:db:64:e3:3d:8e:cd:a7:83:eb:10:
67:19:0c:7e:df:29:c3:60:05:19:ac:1f:7a:98:47:d5:35:47:
59:96:48:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYrglpb1R3x0d1j4+yYs4/y1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjU0ZDRhNzY3YWQwOTk2MDZlNDQyZTA5MmY5MTI0MWEz
NjM2NzAwHhcNMjMwOTI5MTA1ODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWY0NmE1MWE4YWU2MWE0ZjZlMTI0MjkzMWI5Y2IxOWY3ZDRmZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRaKOWJ/whwJ8Z5ld7vVXQ3uEbdg
CeXmxw8NoItpigJwD7Q+os5IzRbH+eNhJ/oZczAttwqa+tmH9Hy4aP6vYVEKnqcT
8Y87/o+f6cVDYIYQuzJlhAJOvoRFpMGn/Rw68Y15OaTA/W//QHoq4Cx5Qp9R/nrv
Mn1ZW+LCXKwsyXiQEK1Jja5T7ythonmDhmftZwJUfQV3DR3n2MShwDB3uOSf+BHf
ivtD4Ne3a+IEUJvHvIE4E+u/Wbyl8bs0OQo8m+Ap7t3ThY4byNFnC1dpbuhwPPJh
DRqmCECOahTXErJZjASO7gQXcrv6UbYL3qBn8BTXJTt1KcLRJIPdu57gjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDH0alGormGk9uEkKTG5yxn31P2ZMB8GA1UdIwQY
MBaAFEAlTUp2etCZYG5ELgkvkSQaNjZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2Ut
YmJlOTEyZWVjNzNlLzEvTWZScVVhaXVZYVQyNFNRcE1ibkxHZmZVX1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lZjZjOGUtM2YwNy00YjNmLWE4N2UtYmJlOTEyZWVjNzNl
LzEvUUNWTlNuWjYwSmxnYmtRdUNTLVJKQm8yTm5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwRZsAwQA
wRaoAwQAwRaqMA0GCSqGSIb3DQEBCwUAA4IBAQAvNbHjnH+pvHuQ0xaFC7iUAorZ
D+eJZeHU/pyRA64RqHigJ3+jnVQ0bsS0OxdAod5gM6u1IADovtYJAyg2bYNIyT2g
9sveg43CAiiUKeY7lF5J9dWulVL9ESZIyAa7r+LKcEuIC6sCM8KRMfACYPn4+GeS
iBZZ9vDNtcZiEQxYgUkdNxSR47FEF6ZeAEp82pvhNCtVw5EE3YMa3N+66pRGdkWT
ONpss+9wzhgGgytma29EJq0osoea3jDNfty5LayLYx/NQbJQZA/KLwnJ8AQaYGb6
5De/Dblpo+NYi4F/NNtk4z2OzaeD6xBnGQx+3ynDYAUZrB96mEfVNUdZlkij
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:26 2024 by rpki-client on console-ams.rpki-client.org