Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/MBO6EwRrdfVeN7b5jqOt-wmupkk.roa
File: MBO6EwRrdfVeN7b5jqOt-wmupkk.roa (raw, json)
Hash identifier: NxTkiWVT7d2R3r91TJQnsZ3zzCnPA1nGc7n1ECJu7EM=
Subject key identifier: 30:13:BA:13:04:6B:75:F5:5E:37:B6:F9:8E:A3:AD:FB:09:AE:A6:49
Certificate issuer: /CN=2e2f84f555a666aa0c04a8fbe7dc1910075f5658
Certificate serial: 01856C65D48EFB13AEA749CA328585083F05
Authority key identifier: 2E:2F:84:F5:55:A6:66:AA:0C:04:A8:FB:E7:DC:19:10:07:5F:56:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Li-E9VWmZqoMBKj759wZEAdfVlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/MBO6EwRrdfVeN7b5jqOt-wmupkk.roa
Signing time: Sun 01 Jan 2023 08:14:50 +0000
ROA not before: Sun 01 Jan 2023 08:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41090
IP address blocks: 93.95.232.0/21 maxlen: 21
185.14.0.0/22 maxlen: 22
195.189.64.0/22 maxlen: 22
2a00:c000::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:d4:8e:fb:13:ae:a7:49:ca:32:85:85:08:3f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e2f84f555a666aa0c04a8fbe7dc1910075f5658
Validity
Not Before: Jan 1 08:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3013ba13046b75f55e37b6f98ea3adfb09aea649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:bf:53:4e:8e:03:d8:13:ec:11:e0:bc:1a:11:
94:52:d0:16:39:97:31:7c:c3:63:56:f3:64:56:0d:
c8:33:8a:77:89:03:8f:67:8d:46:e7:f7:b3:fa:31:
f9:fc:20:ff:f4:06:06:b9:c7:99:1e:a1:33:2b:68:
00:ae:a9:9c:c2:dd:7c:1e:73:00:e5:5d:a8:93:89:
13:a4:d2:3b:79:ea:3e:f8:09:0d:45:0c:47:e0:ac:
c1:b8:24:7b:82:d5:87:18:ac:25:8e:d5:97:1b:28:
95:b1:e6:12:5b:53:ee:15:f2:ab:9e:fa:86:6c:a1:
9c:81:6f:48:c3:c9:ba:35:d3:c5:8d:9e:ad:59:59:
5e:40:77:4a:98:a1:15:a5:a8:39:15:ba:3e:b5:35:
61:d6:53:9d:07:2c:8b:40:70:34:84:bb:ea:90:2a:
7d:4f:25:4e:58:c5:36:16:59:6e:49:d8:89:3a:9c:
f0:d5:05:67:47:7e:6f:5a:60:67:7e:fb:5c:31:6d:
8e:0d:00:c6:a8:0c:ca:4a:8c:36:33:07:d3:16:b4:
8a:37:ba:e8:cd:52:79:b0:15:fa:e5:78:84:3d:d2:
30:5d:49:5e:d9:81:06:a6:b2:94:4a:1f:1a:50:9a:
fa:ee:c9:b2:c3:c1:9d:9c:c9:b8:ba:c9:b7:f7:8d:
27:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:13:BA:13:04:6B:75:F5:5E:37:B6:F9:8E:A3:AD:FB:09:AE:A6:49
X509v3 Authority Key Identifier:
keyid:2E:2F:84:F5:55:A6:66:AA:0C:04:A8:FB:E7:DC:19:10:07:5F:56:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Li-E9VWmZqoMBKj759wZEAdfVlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/MBO6EwRrdfVeN7b5jqOt-wmupkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/248e6f-b1fb-4da7-97dd-954372965c5e/1/Li-E9VWmZqoMBKj759wZEAdfVlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.232.0/21
185.14.0.0/22
195.189.64.0/22
IPv6:
2a00:c000::/32
Signature Algorithm: sha256WithRSAEncryption
ba:5e:5a:7f:28:1f:35:68:cf:8b:79:22:9d:b0:51:91:c1:be:
1e:13:b3:39:f3:7a:f6:91:6e:07:cf:fc:83:e9:06:0a:88:49:
eb:5d:e8:df:e3:53:61:34:a7:a2:11:fd:44:a4:63:64:71:54:
a5:d8:52:4c:ee:7f:8d:64:3c:59:73:cd:53:da:d8:55:8a:c3:
1d:db:2b:aa:ff:76:4f:02:f7:06:2d:4c:4b:46:e0:be:0c:ca:
dc:ed:fc:e7:60:3c:66:f4:29:22:9a:5b:94:0c:ef:60:62:a0:
d6:be:07:7a:9d:ea:4c:1f:8d:3a:18:27:9f:e8:6e:4f:d0:10:
d9:a5:49:02:6e:3d:76:2b:ca:1b:51:80:58:9d:cd:c0:d3:97:
3f:7b:1e:f3:44:2b:79:fb:a2:1c:e3:ba:53:a6:f2:e8:e1:1c:
d6:3c:f6:69:45:b0:ba:48:2a:10:e0:fc:24:68:cc:aa:81:fc:
5b:fb:ca:bc:fb:48:d6:f6:40:ab:20:34:a4:80:25:f3:29:65:
10:d5:86:07:66:16:08:4a:75:fa:af:24:eb:1b:ce:16:6c:cb:
a8:d0:09:b2:e2:c0:66:57:80:aa:3a:5b:44:09:94:d6:90:4e:
ec:d6:34:af:13:f0:9e:f7:ae:29:c1:55:9e:c1:fe:34:6f:db:
3a:20:f5:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsZdSO+xOup0nKMoWFCD8FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMmY4NGY1NTVhNjY2YWEwYzA0YThmYmU3ZGMxOTEwMDc1
ZjU2NTgwHhcNMjMwMTAxMDgxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDEzYmExMzA0NmI3NWY1NWUzN2I2Zjk4ZWEzYWRmYjA5YWVhNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb9TTo4D2BPsEeC8GhGUUtAWOZcx
fMNjVvNkVg3IM4p3iQOPZ41G5/ez+jH5/CD/9AYGuceZHqEzK2gArqmcwt18HnMA
5V2ok4kTpNI7eeo++AkNRQxH4KzBuCR7gtWHGKwljtWXGyiVseYSW1PuFfKrnvqG
bKGcgW9Iw8m6NdPFjZ6tWVleQHdKmKEVpag5Fbo+tTVh1lOdByyLQHA0hLvqkCp9
TyVOWMU2FlluSdiJOpzw1QVnR35vWmBnfvtcMW2ODQDGqAzKSow2MwfTFrSKN7ro
zVJ5sBX65XiEPdIwXUle2YEGprKUSh8aUJr67smyw8GdnMm4usm3940nHwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDATuhMEa3X1Xje2+Y6jrfsJrqZJMB8GA1UdIwQY
MBaAFC4vhPVVpmaqDASo++fcGRAHX1ZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGktRTlWV21acW9NQktqNzU5d1pFQWRmVmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yNDhlNmYtYjFmYi00ZGE3LTk3ZGQt
OTU0MzcyOTY1YzVlLzEvTUJPNkV3UnJkZlZlTjdiNWpxT3Qtd211cGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yNDhlNmYtYjFmYi00ZGE3LTk3ZGQtOTU0MzcyOTY1YzVl
LzEvTGktRTlWV21acW9NQktqNzU5d1pFQWRmVmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXV/oAwQC
uQ4AAwQCw71AMA0EAgACMAcDBQAqAMAAMA0GCSqGSIb3DQEBCwUAA4IBAQC6Xlp/
KB81aM+LeSKdsFGRwb4eE7M583r2kW4Hz/yD6QYKiEnrXejf41NhNKeiEf1EpGNk
cVSl2FJM7n+NZDxZc81T2thVisMd2yuq/3ZPAvcGLUxLRuC+DMrc7fznYDxm9Cki
mluUDO9gYqDWvgd6nepMH406GCef6G5P0BDZpUkCbj12K8obUYBYnc3A05c/ex7z
RCt5+6Ic47pTpvLo4RzWPPZpRbC6SCoQ4PwkaMyqgfxb+8q8+0jW9kCrIDSkgCXz
KWUQ1YYHZhYISnX6ryTrG84WbMuo0Amy4sBmV4CqOltECZTWkE7s1jSvE/Ce964p
wVWewf40b9s6IPUK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:40 2024 by rpki-client on console-fra.rpki-client.org