Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MTBVRn7t6rqLaoQYytS5GlirDlc.roa
File: MTBVRn7t6rqLaoQYytS5GlirDlc.roa (raw, json)
Hash identifier: i6QIZ+X1gsrgpF1TYQbpVf1zUz5r4D3IQQaAHmZ43ag=
Subject key identifier: 31:30:55:46:7E:ED:EA:BA:8B:6A:84:18:CA:D4:B9:1A:58:AB:0E:57
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 018BF35F76D56E5A9C8D3258061B2BA390FE
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MTBVRn7t6rqLaoQYytS5GlirDlc.roa
Signing time: Tue 21 Nov 2023 19:33:21 +0000
ROA not before: Tue 21 Nov 2023 19:33:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19762
IP address blocks: 193.243.190.0/24 maxlen: 24
91.229.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:31:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f3:5f:76:d5:6e:5a:9c:8d:32:58:06:1b:2b:a3:90:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Nov 21 19:33:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=313055467eedeaba8b6a8418cad4b91a58ab0e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:91:cf:e0:3c:bf:0c:bc:5d:fd:b2:ab:d3:93:
df:99:29:ab:23:88:7a:34:63:9e:12:33:06:67:a1:
12:53:db:71:6d:a5:64:94:2a:1d:fb:d4:39:a0:c6:
e4:91:13:c2:02:d7:a2:53:0a:89:59:0c:8b:59:5f:
ca:da:30:8b:e6:06:6f:3b:84:0e:5f:bf:3f:ae:b0:
61:8b:ca:c0:d6:80:b6:87:a4:85:45:e1:84:0a:6e:
34:ae:3d:49:1e:12:7c:b1:ab:5a:b5:f8:81:66:3d:
69:05:26:7a:d6:0c:f2:59:ab:8b:1d:7e:a2:24:01:
8e:1d:63:3c:58:1f:b9:32:51:73:e3:81:1e:76:cd:
51:63:5e:73:10:51:62:e1:e6:04:e3:f1:d3:e8:c6:
f0:8f:e3:dd:67:eb:8b:15:5c:02:6e:ec:46:75:69:
e4:03:b1:c8:c3:51:a8:d1:a0:9e:50:61:40:e5:4e:
13:d2:8c:67:00:70:0d:4e:47:e1:bd:2f:3b:6d:b2:
b8:a7:06:3e:57:f8:7e:dc:19:a6:be:90:61:34:c6:
97:9d:32:21:75:1f:af:d2:65:1b:af:b0:7b:f7:2e:
e5:21:f2:73:bf:53:08:2d:d3:fc:8c:24:ce:ba:01:
dc:aa:35:51:2d:0b:1c:fa:ea:bc:01:cc:7d:11:7a:
b3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:30:55:46:7E:ED:EA:BA:8B:6A:84:18:CA:D4:B9:1A:58:AB:0E:57
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/MTBVRn7t6rqLaoQYytS5GlirDlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.114.0/24
193.243.190.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d4:4f:22:56:17:27:38:b9:8d:20:16:8a:fa:75:75:66:d9:
ad:37:54:41:90:dc:19:14:cc:ba:e9:a0:37:31:36:f1:6e:77:
29:2e:df:ee:f7:7c:71:ba:4a:7f:ac:f2:42:16:cf:ac:e0:02:
99:be:f4:d6:96:1e:56:f5:84:fb:83:22:d3:6f:42:b7:1b:f9:
a0:d3:41:46:fb:a1:c2:35:bf:f0:31:01:53:b7:fc:b6:0a:76:
15:c3:8e:95:13:bf:5d:39:94:0c:08:8f:2a:08:c6:10:f2:70:
a2:8e:4e:73:54:a1:be:62:61:27:a7:f8:e8:39:11:b7:8e:19:
c5:cc:76:ce:5f:ea:a2:0b:e6:fd:75:cd:a0:1c:c3:0e:ca:d5:
3a:53:24:84:6c:64:c8:2c:2e:fd:5a:6e:2a:57:c8:cc:f8:ae:
86:15:bb:35:f6:0b:31:d1:bf:c9:f8:c6:57:be:25:61:b7:d0:
54:4f:31:1d:bd:ad:7b:3f:dc:2d:f1:89:56:93:ea:1d:df:45:
9e:bb:32:91:de:76:62:9d:e2:83:bf:85:d1:42:6a:9f:ad:a5:
7b:e8:9c:66:58:01:0f:91:d8:2f:db:a7:6c:90:0c:59:56:ec:
a5:4a:13:b1:99:7e:d0:b6:cf:e2:80:8d:f1:c4:c5:bc:50:2d:
d6:89:2f:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvzX3bVblqcjTJYBhsro5D+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjMxMTIxMTkzMzIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMwNTU0NjdlZWRlYWJhOGI2YTg0MThjYWQ0YjkxYTU4YWIwZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJHP4Dy/DLxd/bKr05PfmSmrI4h6
NGOeEjMGZ6ESU9txbaVklCod+9Q5oMbkkRPCAteiUwqJWQyLWV/K2jCL5gZvO4QO
X78/rrBhi8rA1oC2h6SFReGECm40rj1JHhJ8satatfiBZj1pBSZ61gzyWauLHX6i
JAGOHWM8WB+5MlFz44Eeds1RY15zEFFi4eYE4/HT6Mbwj+PdZ+uLFVwCbuxGdWnk
A7HIw1Go0aCeUGFA5U4T0oxnAHANTkfhvS87bbK4pwY+V/h+3BmmvpBhNMaXnTIh
dR+v0mUbr7B79y7lIfJzv1MILdP8jCTOugHcqjVRLQsc+uq8Acx9EXqz2QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDEwVUZ+7eq6i2qEGMrUuRpYqw5XMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvTVRCVlJuN3Q2cnFMYW9RWXl0UzVHbGlyRGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+VyAwQA
wfO+MA0GCSqGSIb3DQEBCwUAA4IBAQCc1E8iVhcnOLmNIBaK+nV1ZtmtN1RBkNwZ
FMy66aA3MTbxbncpLt/u93xxukp/rPJCFs+s4AKZvvTWlh5W9YT7gyLTb0K3G/mg
00FG+6HCNb/wMQFTt/y2CnYVw46VE79dOZQMCI8qCMYQ8nCijk5zVKG+YmEnp/jo
ORG3jhnFzHbOX+qiC+b9dc2gHMMOytU6UySEbGTILC79Wm4qV8jM+K6GFbs19gsx
0b/J+MZXviVht9BUTzEdva17P9wt8YlWk+od30WeuzKR3nZineKDv4XRQmqfraV7
6JxmWAEPkdgv26dskAxZVuylShOxmX7Qts/igI3xxMW8UC3WiS84
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:43 2024 by rpki-client on console-fra.rpki-client.org