Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/mmbQGQpRLI6mq8tvG7kHDNabruQ.roa
File: mmbQGQpRLI6mq8tvG7kHDNabruQ.roa (raw, json)
Hash identifier: kRwoNtOn8c/EZo4Vuuwvi1M0maj1DAMRJsH6DQgLIyU=
Subject key identifier: 9A:66:D0:19:0A:51:2C:8E:A6:AB:CB:6F:1B:B9:07:0C:D6:9B:AE:E4
Certificate issuer: /CN=d1f987af5adb2304d426f540de5d650545231e50
Certificate serial: 01856F0B74713B3C12CE3910F5BA9A7F4ECB
Authority key identifier: D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/mmbQGQpRLI6mq8tvG7kHDNabruQ.roa
Signing time: Sun 01 Jan 2023 20:34:59 +0000
ROA not before: Sun 01 Jan 2023 20:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202299
IP address blocks: 195.5.162.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:74:71:3b:3c:12:ce:39:10:f5:ba:9a:7f:4e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f987af5adb2304d426f540de5d650545231e50
Validity
Not Before: Jan 1 20:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a66d0190a512c8ea6abcb6f1bb9070cd69baee4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:73:46:ff:e9:ac:6d:df:33:bf:90:31:6a:16:
85:4c:f8:5d:ae:48:25:dd:5d:27:55:fb:4f:8c:80:
bc:42:4c:7e:b0:c8:bc:c0:cd:07:9a:32:50:96:a1:
fa:3e:d7:75:c8:bc:ab:2b:0e:5d:86:ec:e1:a8:61:
38:a9:47:04:fc:40:ee:04:40:02:2b:e6:8c:b7:31:
a6:33:50:7a:a5:6e:9d:31:04:8d:a9:ec:c4:d9:c6:
b1:78:cf:e1:0a:f5:ee:a9:76:a3:c4:e1:68:da:00:
6f:7a:b3:c4:37:4d:df:87:9b:f7:bc:9c:ce:8a:c2:
c7:ef:e5:16:8d:24:9d:87:06:ce:71:6b:ed:a0:96:
02:ba:3f:06:18:4e:e8:98:7c:df:90:b3:2c:e4:06:
68:11:e8:e6:3e:6f:85:38:39:b2:35:61:96:27:9a:
ff:c2:28:df:09:48:95:9e:9d:d2:8f:5b:f7:9a:f2:
93:d9:bd:3e:90:19:bd:b8:be:9e:bb:8b:ce:f3:e9:
c2:9e:37:22:6c:be:05:6d:38:20:d9:ae:92:85:d9:
1b:fa:a2:7c:1f:34:fd:40:88:01:21:ea:c5:ad:5f:
0a:14:9e:a1:42:3a:59:4a:a4:2e:92:b6:91:ad:64:
02:a5:4e:db:a7:fd:c3:11:92:43:c4:06:25:9e:be:
97:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:66:D0:19:0A:51:2C:8E:A6:AB:CB:6F:1B:B9:07:0C:D6:9B:AE:E4
X509v3 Authority Key Identifier:
keyid:D1:F9:87:AF:5A:DB:23:04:D4:26:F5:40:DE:5D:65:05:45:23:1E:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fmHr1rbIwTUJvVA3l1lBUUjHlA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/mmbQGQpRLI6mq8tvG7kHDNabruQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/5ea569-f174-45c5-9db7-2af095ffc9bb/1/0fmHr1rbIwTUJvVA3l1lBUUjHlA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.162.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:45:9f:4f:62:6e:09:47:f6:c1:2d:f3:f7:07:79:72:a4:a5:
7a:3b:05:a9:7a:9a:8b:30:a8:5f:8a:b2:c2:24:cb:25:49:79:
18:90:f2:5b:e0:8f:06:f9:d0:50:f5:9f:87:bf:23:62:7a:2d:
72:6b:52:4e:d4:f0:d5:6b:76:ae:e5:cf:c4:dc:6f:68:85:f2:
25:62:6d:20:4d:e8:52:90:9d:99:21:57:06:23:c8:ec:40:36:
15:17:82:7d:ad:1f:eb:7c:ff:61:80:38:be:65:f8:cb:28:9a:
2f:15:f3:32:39:23:93:60:12:88:e6:2c:41:09:1b:34:78:86:
0e:d7:f5:20:36:ec:61:9b:a5:c7:94:4f:2b:4e:5a:96:55:89:
be:21:4c:f1:34:e3:66:a4:6f:d1:e2:4c:34:68:7b:f5:53:e8:
f4:d9:01:41:2b:eb:d0:da:76:ad:2f:8b:55:1e:3f:ba:7d:12:
52:44:a4:44:dd:fa:14:85:25:3a:74:ec:df:3a:6a:36:7e:bf:
49:fb:b9:92:69:b2:6c:17:84:5f:37:0b:d8:ad:00:7a:ca:eb:
51:ca:28:e7:1a:79:b6:95:a7:22:0a:28:3f:10:ac:1a:07:d4:
8c:72:49:dd:f8:f2:63:5b:97:d3:0e:ea:4c:9f:3d:bb:78:87:
3d:4c:82:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC3RxOzwSzjkQ9bqaf07LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjk4N2FmNWFkYjIzMDRkNDI2ZjU0MGRlNWQ2NTA1NDUy
MzFlNTAwHhcNMjMwMTAxMjAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTY2ZDAxOTBhNTEyYzhlYTZhYmNiNmYxYmI5MDcwY2Q2OWJhZWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXNG/+msbd8zv5AxahaFTPhdrkgl
3V0nVftPjIC8Qkx+sMi8wM0HmjJQlqH6Ptd1yLyrKw5dhuzhqGE4qUcE/EDuBEAC
K+aMtzGmM1B6pW6dMQSNqezE2caxeM/hCvXuqXajxOFo2gBverPEN03fh5v3vJzO
isLH7+UWjSSdhwbOcWvtoJYCuj8GGE7omHzfkLMs5AZoEejmPm+FODmyNWGWJ5r/
wijfCUiVnp3Sj1v3mvKT2b0+kBm9uL6eu4vO8+nCnjcibL4FbTgg2a6Shdkb+qJ8
HzT9QIgBIerFrV8KFJ6hQjpZSqQukraRrWQCpU7bp/3DEZJDxAYlnr6X5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpm0BkKUSyOpqvLbxu5BwzWm67kMB8GA1UdIwQY
MBaAFNH5h69a2yME1Cb1QN5dZQVFIx5QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjct
MmFmMDk1ZmZjOWJiLzEvbW1iUUdRcFJMSTZtcTh0dkc3a0hETmFicnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81ZWE1NjktZjE3NC00NWM1LTlkYjctMmFmMDk1ZmZjOWJi
LzEvMGZtSHIxcmJJd1RVSnZWQTNsMWxCVVVqSGxBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwwWiMA0G
CSqGSIb3DQEBCwUAA4IBAQBdRZ9PYm4JR/bBLfP3B3lypKV6OwWpepqLMKhfirLC
JMslSXkYkPJb4I8G+dBQ9Z+HvyNiei1ya1JO1PDVa3au5c/E3G9ohfIlYm0gTehS
kJ2ZIVcGI8jsQDYVF4J9rR/rfP9hgDi+ZfjLKJovFfMyOSOTYBKI5ixBCRs0eIYO
1/UgNuxhm6XHlE8rTlqWVYm+IUzxNONmpG/R4kw0aHv1U+j02QFBK+vQ2natL4tV
Hj+6fRJSRKRE3foUhSU6dOzfOmo2fr9J+7mSabJsF4RfNwvYrQB6yutRyijnGnm2
laciCig/EKwaB9SMcknd+PJjW5fTDupMnz27eIc9TIJs
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:51 2024 by rpki-client on console-ams.rpki-client.org