Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/67080d-cae0-48c1-a338-38f5d963222c/1/_MpD1s9SadmpaTX78eGEQIXEbSE.roa
File: _MpD1s9SadmpaTX78eGEQIXEbSE.roa (raw, json)
Hash identifier: RzI8l3JziKwgNEviXSS/yPdYRmCOZB1YiufsUkaIuDI=
Subject key identifier: FC:CA:43:D6:CF:52:69:D9:A9:69:35:FB:F1:E1:84:40:85:C4:6D:21
Certificate issuer: /CN=135155cebf9de0cb73e40a0fa0a1ab4dcf1d09ca
Certificate serial: 0185714C3E6F85FDA197611BD57446AC0FA2
Authority key identifier: 13:51:55:CE:BF:9D:E0:CB:73:E4:0A:0F:A0:A1:AB:4D:CF:1D:09:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E1FVzr-d4Mtz5AoPoKGrTc8dCco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/67080d-cae0-48c1-a338-38f5d963222c/1/_MpD1s9SadmpaTX78eGEQIXEbSE.roa
Signing time: Mon 02 Jan 2023 07:05:00 +0000
ROA not before: Mon 02 Jan 2023 07:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137
IP address blocks: 130.251.0.0/16 maxlen: 16
192.148.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:3e:6f:85:fd:a1:97:61:1b:d5:74:46:ac:0f:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=135155cebf9de0cb73e40a0fa0a1ab4dcf1d09ca
Validity
Not Before: Jan 2 07:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcca43d6cf5269d9a96935fbf1e1844085c46d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:2e:a5:3b:a7:e4:51:67:cd:bf:d1:e7:0a:a3:
23:0f:38:47:cf:0a:26:da:dd:49:40:b1:49:f8:1d:
ec:62:4b:51:0a:30:54:4a:27:a9:74:5f:8c:ea:69:
fd:02:0d:90:bc:d1:29:8f:f6:7b:49:36:a5:dd:96:
58:3a:28:a8:a9:df:b7:bc:5d:5c:73:70:2f:71:83:
d9:55:6b:40:93:e8:38:89:e8:b6:f7:d9:ca:f3:c0:
42:18:a5:f3:1a:44:6f:96:de:36:f6:b2:d3:bd:40:
fa:9a:ae:c4:c3:1e:8e:1b:4b:b5:3f:22:7a:1c:29:
c9:b5:71:cb:44:3f:d2:ac:f4:3e:65:da:d6:7b:68:
7a:7e:2b:c9:b9:43:68:d6:55:fe:5c:ce:11:fd:49:
7c:d9:21:6e:eb:ef:60:c4:e9:6e:01:56:fd:6a:7a:
3e:4a:d6:ce:30:21:82:f0:ef:76:b1:04:1c:d9:b7:
5f:bb:5e:db:7e:94:92:c3:ae:a3:2e:1a:4d:24:a8:
d2:59:5a:16:a9:7a:6f:d7:c0:cc:0a:df:1e:73:c5:
1b:c2:36:97:7a:94:cf:49:85:7d:da:79:90:a3:84:
51:a7:00:6e:28:c9:b3:98:1a:e7:a1:e6:b2:a6:fb:
3e:a4:bf:57:ae:ee:f2:57:75:6f:c2:cb:e7:7b:da:
55:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CA:43:D6:CF:52:69:D9:A9:69:35:FB:F1:E1:84:40:85:C4:6D:21
X509v3 Authority Key Identifier:
keyid:13:51:55:CE:BF:9D:E0:CB:73:E4:0A:0F:A0:A1:AB:4D:CF:1D:09:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E1FVzr-d4Mtz5AoPoKGrTc8dCco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/67080d-cae0-48c1-a338-38f5d963222c/1/_MpD1s9SadmpaTX78eGEQIXEbSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/67080d-cae0-48c1-a338-38f5d963222c/1/E1FVzr-d4Mtz5AoPoKGrTc8dCco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.251.0.0/16
192.148.193.0/24
Signature Algorithm: sha256WithRSAEncryption
50:54:56:2b:0f:f7:72:18:5b:07:bf:4d:ed:87:03:5f:8d:b9:
4e:26:9f:53:2f:71:cb:72:e5:a9:d8:4e:be:f3:0d:f3:b1:5c:
29:a3:82:e3:e5:5a:fc:1e:4e:11:10:e7:a5:fb:b9:e5:90:30:
22:37:1a:e5:8d:de:61:d3:0a:6d:a8:27:d4:f0:72:4b:43:79:
8e:3d:31:1a:27:6e:5c:35:0b:93:7f:08:62:bf:f8:b9:47:71:
28:cc:f7:6d:5b:53:f8:47:7a:f7:be:c8:41:39:38:b3:a0:a8:
73:e5:79:8e:f8:43:c0:78:60:3b:cb:07:72:5d:c5:b8:fd:7c:
1b:3f:26:7b:80:ad:49:f5:cd:5f:d9:41:ce:b9:65:6d:ff:2f:
53:ab:ba:05:d9:91:ea:60:9f:26:2c:e0:73:a4:7f:90:a9:89:
75:4b:46:bc:24:03:11:68:7f:b0:9b:ea:43:84:0a:46:5a:6a:
18:30:00:ad:79:ed:cd:6a:a4:8c:ea:a5:6d:d4:03:5f:d7:a2:
f9:d8:40:0e:5b:1c:c3:82:c3:73:42:a0:71:52:6c:7c:b7:24:
c8:06:fa:62:17:c9:f4:d2:ca:6b:48:91:a8:cb:b4:3d:23:ed:
5c:cd:78:33:36:0b:7a:ff:a5:a1:7d:42:25:5f:c4:89:ea:49:
23:2c:cc:cf
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAYVxTD5vhf2hl2Eb1XRGrA+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNTE1NWNlYmY5ZGUwY2I3M2U0MGEwZmEwYTFhYjRkY2Yx
ZDA5Y2EwHhcNMjMwMTAyMDcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2NhNDNkNmNmNTI2OWQ5YTk2OTM1ZmJmMWUxODQ0MDg1YzQ2ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkC6lO6fkUWfNv9HnCqMjDzhHzwom
2t1JQLFJ+B3sYktRCjBUSiepdF+M6mn9Ag2QvNEpj/Z7STal3ZZYOiioqd+3vF1c
c3AvcYPZVWtAk+g4iei299nK88BCGKXzGkRvlt429rLTvUD6mq7Ewx6OG0u1PyJ6
HCnJtXHLRD/SrPQ+ZdrWe2h6fivJuUNo1lX+XM4R/Ul82SFu6+9gxOluAVb9ano+
StbOMCGC8O92sQQc2bdfu17bfpSSw66jLhpNJKjSWVoWqXpv18DMCt8ec8UbwjaX
epTPSYV92nmQo4RRpwBuKMmzmBrnoeaypvs+pL9Xru7yV3Vvwsvne9pV8wIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFPzKQ9bPUmnZqWk1+/HhhECFxG0hMB8GA1UdIwQY
MBaAFBNRVc6/neDLc+QKD6Chq03PHQnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTFGVnpyLWQ0TXR6NUFvUG9LR3JUYzhkQ2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy82NzA4MGQtY2FlMC00OGMxLWEzMzgt
MzhmNWQ5NjMyMjJjLzEvX01wRDFzOVNhZG1wYVRYNzhlR0VRSVhFYlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy82NzA4MGQtY2FlMC00OGMxLWEzMzgtMzhmNWQ5NjMyMjJj
LzEvRTFGVnpyLWQ0TXR6NUFvUG9LR3JUYzhkQ2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAgvsDBADA
lMEwDQYJKoZIhvcNAQELBQADggEBAFBUVisP93IYWwe/Te2HA1+NuU4mn1Mvccty
5anYTr7zDfOxXCmjguPlWvweThEQ56X7ueWQMCI3GuWN3mHTCm2oJ9TwcktDeY49
MRonblw1C5N/CGK/+LlHcSjM921bU/hHeve+yEE5OLOgqHPleY74Q8B4YDvLB3Jd
xbj9fBs/JnuArUn1zV/ZQc65ZW3/L1OrugXZkepgnyYs4HOkf5CpiXVLRrwkAxFo
f7Cb6kOECkZaahgwAK157c1qpIzqpW3UA1/XovnYQA5bHMOCw3NCoHFSbHy3JMgG
+mIXyfTSymtIkajLtD0j7VzNeDM2C3r/paF9QiVfxInqSSMszM8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:36 2024 by rpki-client on console-ams.rpki-client.org