Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/mknvXt3AeizXUC5a1DjY-jrKs_A.roa
File: mknvXt3AeizXUC5a1DjY-jrKs_A.roa (raw, json)
Hash identifier: UHVpQM2c1WSYWFW+ESEjIVPQeyQkoU0LpxHjVkKm8Z4=
Subject key identifier: 9A:49:EF:5E:DD:C0:7A:2C:D7:50:2E:5A:D4:38:D8:FA:3A:CA:B3:F0
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F646C64936689A18CBEEC3BFDAAF
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/mknvXt3AeizXUC5a1DjY-jrKs_A.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44718
IP address blocks: 89.252.245.0/24 maxlen: 24
89.252.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f6:46:c6:49:36:68:9a:18:cb:ee:c3:bf:da:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9a49ef5eddc07a2cd7502e5ad438d8fa3acab3f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:90:09:59:51:ef:23:b4:fe:60:c7:c1:72:80:
6b:70:45:81:1e:56:cf:e0:9b:3e:d4:5f:e7:c2:41:
ca:02:6b:63:a1:db:af:90:75:1c:2e:2f:a3:5c:52:
2d:f3:9b:e7:4e:ad:30:5f:01:6f:4f:d1:c2:18:62:
6b:78:a4:90:ec:56:ca:e2:22:84:2f:82:2b:33:fc:
ed:a1:de:5a:a1:d7:59:68:a0:ae:57:69:e1:d5:89:
96:31:5f:e0:0b:e5:f1:10:9a:67:9d:e5:c0:f5:cc:
f5:f1:33:aa:28:67:a4:94:37:47:4c:6a:3d:6d:0f:
73:25:03:d4:c3:3e:8a:82:9d:29:a7:51:30:6c:06:
57:fa:4c:39:12:b7:94:bb:a8:a0:4a:54:b0:d8:b1:
5a:05:a0:c0:1c:a6:97:d2:d3:27:7b:c5:ea:c3:4a:
3d:dc:1e:fd:c1:45:65:53:74:22:87:ed:16:d2:b6:
25:0d:6f:3c:73:62:9e:e4:2f:55:3b:11:32:e7:cd:
41:32:10:69:b2:43:56:d5:0b:bc:04:ef:b7:f1:ae:
ec:a2:3f:84:11:fb:50:28:8f:a0:01:fb:a4:df:26:
b3:41:1c:47:ad:d5:55:f6:bc:aa:e6:82:2b:14:ea:
5f:5b:c3:67:d7:a2:b8:ef:cf:b4:e6:3e:5e:f6:09:
4b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:49:EF:5E:DD:C0:7A:2C:D7:50:2E:5A:D4:38:D8:FA:3A:CA:B3:F0
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/mknvXt3AeizXUC5a1DjY-jrKs_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.244.0/23
Signature Algorithm: sha256WithRSAEncryption
64:7e:53:f7:11:31:17:39:d4:6a:32:d8:ec:03:56:3e:e4:62:
04:c7:80:2e:b5:70:42:f1:6d:5b:1c:03:a8:e3:51:bb:21:40:
82:e6:2b:6f:9e:c4:34:10:4c:76:98:1a:56:8d:b6:44:de:68:
26:d9:31:65:81:e0:5e:5d:42:20:b2:01:f9:11:a6:e3:86:f9:
a0:b9:e0:cc:22:b5:f6:d8:54:ef:84:3d:da:7c:fc:1f:70:22:
82:07:4c:aa:f9:ad:34:9e:e2:1c:c7:8c:59:40:71:24:30:c3:
e8:62:72:f0:73:46:d9:67:09:4d:9c:de:c3:66:f8:30:74:5e:
0c:df:9a:2a:68:67:00:3c:d9:3c:ad:74:a3:b4:71:0b:ca:c4:
9a:d6:3c:5d:1e:98:8e:65:70:ea:bb:6d:25:1b:b0:97:32:d8:
c2:dc:0b:ac:14:de:11:42:c7:ba:9f:24:89:c5:75:68:bd:4b:
37:78:55:76:8e:50:c3:02:5d:9a:b5:8b:3e:d1:9b:7f:be:3f:
d0:ea:34:80:6b:98:c1:16:c3:5b:28:16:e1:ef:f9:00:10:3e:
d9:16:ad:48:0f:f7:ef:2d:73:06:d1:65:82:1e:04:fc:c6:70:
53:9d:e8:38:f8:49:c5:5d:99:e4:d4:be:86:f8:ad:ba:f2:83:
c1:83:8f:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfZGxkk2aJoYy+7Dv9qvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTQ5ZWY1ZWRkYzA3YTJjZDc1MDJlNWFkNDM4ZDhmYTNhY2FiM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JAJWVHvI7T+YMfBcoBrcEWBHlbP
4Js+1F/nwkHKAmtjoduvkHUcLi+jXFIt85vnTq0wXwFvT9HCGGJreKSQ7FbK4iKE
L4IrM/ztod5aoddZaKCuV2nh1YmWMV/gC+XxEJpnneXA9cz18TOqKGeklDdHTGo9
bQ9zJQPUwz6Kgp0pp1EwbAZX+kw5EreUu6igSlSw2LFaBaDAHKaX0tMne8Xqw0o9
3B79wUVlU3Qih+0W0rYlDW88c2Ke5C9VOxEy581BMhBpskNW1Qu8BO+38a7soj+E
EftQKI+gAfuk3yazQRxHrdVV9ryq5oIrFOpfW8Nn16K478+05j5e9glLyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpJ717dwHos11AuWtQ42Po6yrPwMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvbWtudlh0M0FlaXpYVUM1YTFEalktanJLc19BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfz0MA0G
CSqGSIb3DQEBCwUAA4IBAQBkflP3ETEXOdRqMtjsA1Y+5GIEx4AutXBC8W1bHAOo
41G7IUCC5itvnsQ0EEx2mBpWjbZE3mgm2TFlgeBeXUIgsgH5EabjhvmgueDMIrX2
2FTvhD3afPwfcCKCB0yq+a00nuIcx4xZQHEkMMPoYnLwc0bZZwlNnN7DZvgwdF4M
35oqaGcAPNk8rXSjtHELysSa1jxdHpiOZXDqu20lG7CXMtjC3AusFN4RQse6nySJ
xXVovUs3eFV2jlDDAl2atYs+0Zt/vj/Q6jSAa5jBFsNbKBbh7/kAED7ZFq1ID/fv
LXMG0WWCHgT8xnBTneg4+EnFXZnk1L6G+K268oPBg4/0
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org