Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/mKl3XMrcmP8J8J7j2uyE5I6fppw.roa
File: mKl3XMrcmP8J8J7j2uyE5I6fppw.roa (raw, json)
Hash identifier: hEpcAnh69T7601lhRfmPDL1EnNZ1hKkVmalWs/oOH/E=
Subject key identifier: 98:A9:77:5C:CA:DC:98:FF:09:F0:9E:E3:DA:EC:84:E4:8E:9F:A6:9C
Certificate issuer: /CN=abc45b658b1ec0fdeb459e6ff2577db8ca6a9330
Certificate serial: 01856C6F2C5C4846C3E034D0A72FC6E75FC0
Authority key identifier: AB:C4:5B:65:8B:1E:C0:FD:EB:45:9E:6F:F2:57:7D:B8:CA:6A:93:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8RbZYsewP3rRZ5v8ld9uMpqkzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/mKl3XMrcmP8J8J7j2uyE5I6fppw.roa
Signing time: Sun 01 Jan 2023 08:25:03 +0000
ROA not before: Sun 01 Jan 2023 08:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12303
IP address blocks: 193.41.47.0/24 maxlen: 24
2a0f:7ec0:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:2c:5c:48:46:c3:e0:34:d0:a7:2f:c6:e7:5f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc45b658b1ec0fdeb459e6ff2577db8ca6a9330
Validity
Not Before: Jan 1 08:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98a9775ccadc98ff09f09ee3daec84e48e9fa69c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a4:6e:c7:b4:ee:92:d3:fe:a9:55:0f:84:b8:
40:01:ef:3e:9e:c0:bd:e9:6b:24:46:84:a2:ac:81:
cf:e7:3b:94:82:f1:48:6c:2a:d6:5e:a9:d9:f7:25:
ba:dc:de:d3:99:ab:2b:fd:f2:6b:fd:7e:b9:5a:d9:
3b:f4:0c:b2:be:9e:c8:98:75:2d:a0:8c:f3:5b:87:
d4:06:25:79:07:cb:99:7f:c0:7c:f1:8b:7e:ab:ef:
35:8c:2c:f1:9c:5d:0b:72:e4:a8:30:63:7c:2a:9a:
f1:de:66:7e:5c:04:12:e9:23:52:4c:ba:67:e6:7d:
f9:07:cf:d4:c6:db:a7:ee:3b:a3:3e:06:5b:0c:bf:
ac:45:b1:65:1d:58:ca:1f:3a:9f:f5:91:f0:1e:a3:
d3:33:dd:bc:89:e6:f7:8f:a6:95:d4:72:83:b3:94:
e6:f7:c3:6e:79:b8:e1:98:33:24:f1:50:19:45:78:
c7:7e:95:17:6d:d3:f2:71:02:c3:16:1b:9d:6b:45:
50:85:07:8f:93:71:b1:48:41:26:3c:7d:90:64:30:
e1:77:22:1b:31:38:71:49:97:c6:1e:de:a1:46:53:
c2:40:83:5c:8a:89:c8:4f:2d:e1:2c:70:6c:d2:15:
85:cf:61:98:13:76:51:3d:72:b8:bf:97:cb:7e:56:
5e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:A9:77:5C:CA:DC:98:FF:09:F0:9E:E3:DA:EC:84:E4:8E:9F:A6:9C
X509v3 Authority Key Identifier:
keyid:AB:C4:5B:65:8B:1E:C0:FD:EB:45:9E:6F:F2:57:7D:B8:CA:6A:93:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8RbZYsewP3rRZ5v8ld9uMpqkzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/mKl3XMrcmP8J8J7j2uyE5I6fppw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/c5c1b3-e5ca-4a83-8390-917933b1502e/1/q8RbZYsewP3rRZ5v8ld9uMpqkzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.41.47.0/24
IPv6:
2a0f:7ec0:100::/48
Signature Algorithm: sha256WithRSAEncryption
b3:96:87:db:02:99:9c:d4:4a:50:30:2c:14:b4:fa:55:9c:3b:
bf:7d:2a:48:c1:44:c3:cf:96:12:09:cb:64:ed:97:7e:fc:b3:
17:cd:98:ea:c3:40:e7:a1:dc:fa:af:ac:26:bb:81:8c:b8:32:
ec:b7:7e:e8:d9:54:61:bc:ac:89:75:c7:35:84:25:17:ff:da:
fb:e3:61:9e:bb:fd:81:f7:23:ee:74:ba:38:3c:9d:27:c4:d1:
45:09:a2:e5:90:bc:43:6f:47:8a:17:21:04:db:cd:0e:89:c0:
3c:ae:3d:f4:27:b3:3a:90:9d:81:9f:7d:68:d7:f9:53:15:50:
d9:10:d7:01:df:f0:6e:ed:b0:fb:00:63:25:3b:15:a7:65:97:
09:04:9b:04:37:b8:9e:0a:d2:42:90:c9:4a:ba:1b:be:07:d3:
6e:a7:ab:01:4b:5e:92:ab:28:6a:14:9c:1f:1a:52:0c:40:06:
7c:25:34:85:c7:6c:51:68:ff:3d:b5:1b:3c:d2:87:7a:4f:34:
e2:b7:5f:f3:de:9a:57:ab:83:5b:69:c4:16:2f:b8:07:a2:ae:
44:0b:fd:41:15:4a:d2:82:bb:03:94:2c:10:a9:db:59:dc:ce:
16:be:cb:8d:a4:ff:84:b4:6e:24:2f:de:c1:fe:7b:67:b1:5f:
7b:d6:67:d0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsbyxcSEbD4DTQpy/G51/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiYzQ1YjY1OGIxZWMwZmRlYjQ1OWU2ZmYyNTc3ZGI4Y2E2
YTkzMzAwHhcNMjMwMTAxMDgyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGE5Nzc1Y2NhZGM5OGZmMDlmMDllZTNkYWVjODRlNDhlOWZhNjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKRux7TuktP+qVUPhLhAAe8+nsC9
6WskRoSirIHP5zuUgvFIbCrWXqnZ9yW63N7Tmasr/fJr/X65Wtk79Ayyvp7ImHUt
oIzzW4fUBiV5B8uZf8B88Yt+q+81jCzxnF0LcuSoMGN8Kprx3mZ+XAQS6SNSTLpn
5n35B8/Uxtun7jujPgZbDL+sRbFlHVjKHzqf9ZHwHqPTM928ieb3j6aV1HKDs5Tm
98NuebjhmDMk8VAZRXjHfpUXbdPycQLDFhuda0VQhQePk3GxSEEmPH2QZDDhdyIb
MThxSZfGHt6hRlPCQINcionITy3hLHBs0hWFz2GYE3ZRPXK4v5fLflZeswIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJipd1zK3Jj/CfCe49rshOSOn6acMB8GA1UdIwQY
MBaAFKvEW2WLHsD960Web/JXfbjKapMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcThSYlpZc2V3UDNyUlo1djhsZDl1TXBxa3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9jNWMxYjMtZTVjYS00YTgzLTgzOTAt
OTE3OTMzYjE1MDJlLzEvbUtsM1hNcmNtUDhKOEo3ajJ1eUU1STZmcHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9jNWMxYjMtZTVjYS00YTgzLTgzOTAtOTE3OTMzYjE1MDJl
LzEvcThSYlpZc2V3UDNyUlo1djhsZDl1TXBxa3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwSkvMA8E
AgACMAkDBwAqD37AAQAwDQYJKoZIhvcNAQELBQADggEBALOWh9sCmZzUSlAwLBS0
+lWcO799KkjBRMPPlhIJy2Ttl378sxfNmOrDQOeh3PqvrCa7gYy4Muy3fujZVGG8
rIl1xzWEJRf/2vvjYZ67/YH3I+50ujg8nSfE0UUJouWQvENvR4oXIQTbzQ6JwDyu
PfQnszqQnYGffWjX+VMVUNkQ1wHf8G7tsPsAYyU7FadllwkEmwQ3uJ4K0kKQyUq6
G74H026nqwFLXpKrKGoUnB8aUgxABnwlNIXHbFFo/z21GzzSh3pPNOK3X/Pemler
g1tpxBYvuAeirkQL/UEVStKCuwOULBCp21nczha+y42k/4S0biQv3sH+e2exX3vW
Z9A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:34 2024 by rpki-client on console-ams.rpki-client.org