Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/rMWk9mZG95IKXnExMRlIitthBUs.roa
File: rMWk9mZG95IKXnExMRlIitthBUs.roa (raw, json)
Hash identifier: IWma6UILwG5Q8ZEhr/CjMS3Uigo4lUqJt/9CoTJEGXI=
Subject key identifier: AC:C5:A4:F6:66:46:F7:92:0A:5E:71:31:31:19:48:8A:DB:61:05:4B
Certificate issuer: /CN=50a06a453fcd5f26faf4822c4b459098dcaff039
Certificate serial: 01856C65C9410D0741C6D7A0363265556BC4
Authority key identifier: 50:A0:6A:45:3F:CD:5F:26:FA:F4:82:2C:4B:45:90:98:DC:AF:F0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UKBqRT_NXyb69IIsS0WQmNyv8Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/rMWk9mZG95IKXnExMRlIitthBUs.roa
Signing time: Sun 01 Jan 2023 08:14:48 +0000
ROA not before: Sun 01 Jan 2023 08:14:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43958
IP address blocks: 193.143.8.0/21 maxlen: 24
193.143.240.0/21 maxlen: 24
91.195.246.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:65:c9:41:0d:07:41:c6:d7:a0:36:32:65:55:6b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50a06a453fcd5f26faf4822c4b459098dcaff039
Validity
Not Before: Jan 1 08:14:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acc5a4f66646f7920a5e71313119488adb61054b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d7:27:e5:c7:ef:88:c3:ca:71:af:ce:6f:91:
18:40:4f:0a:d5:46:03:4b:ed:3e:b2:f9:13:77:6a:
af:47:ff:93:72:27:33:4f:37:3d:d3:3e:2c:2d:92:
75:f3:7b:cf:98:f2:5b:16:82:1c:b5:59:94:2b:e7:
2f:be:ee:af:ad:52:38:53:c3:55:69:69:98:a3:39:
8b:6c:95:23:ec:d9:f5:46:58:47:f5:ab:3d:60:5f:
f0:cc:47:b5:1c:e4:77:6b:7c:b2:9c:9c:64:6c:02:
f2:2d:5e:30:60:58:c3:e7:94:08:c8:1e:20:8f:45:
fa:80:36:7e:10:3a:e6:bf:93:75:88:83:6e:df:5a:
61:cc:e6:ce:f6:d3:91:1f:55:39:71:f8:3e:0b:ca:
26:04:72:a4:b7:e4:ac:f7:52:d8:16:27:3d:f7:30:
4d:99:66:db:56:ed:39:8a:64:0b:7c:79:8b:d9:dd:
d1:91:9a:c2:09:d2:e5:b2:4d:6a:59:03:22:01:be:
b5:da:2d:65:e0:ef:62:6a:6a:1c:62:e3:e9:a7:8e:
bf:0d:f2:33:81:0a:e3:c1:16:20:ac:27:07:ee:a7:
66:a3:81:4d:84:61:c5:7f:5b:f5:c3:70:0b:d8:01:
0e:b9:ee:66:46:01:f2:60:ec:07:8c:a0:e7:c8:79:
40:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C5:A4:F6:66:46:F7:92:0A:5E:71:31:31:19:48:8A:DB:61:05:4B
X509v3 Authority Key Identifier:
keyid:50:A0:6A:45:3F:CD:5F:26:FA:F4:82:2C:4B:45:90:98:DC:AF:F0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UKBqRT_NXyb69IIsS0WQmNyv8Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/rMWk9mZG95IKXnExMRlIitthBUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d348b5-151c-4aa5-bd09-ef5d5011ca77/1/UKBqRT_NXyb69IIsS0WQmNyv8Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.246.0/23
193.143.8.0/21
193.143.240.0/21
Signature Algorithm: sha256WithRSAEncryption
97:2e:74:4f:51:8a:ec:1a:d8:42:74:f1:c7:2b:a1:6e:6c:58:
27:93:e4:e2:ac:fd:81:c2:55:d3:be:55:c3:9e:a3:ba:3d:38:
57:3a:fa:75:82:2b:78:fe:ec:bd:0b:c5:1b:7d:73:1c:0e:c2:
c4:08:3e:5c:e2:ff:8c:d1:e7:0c:97:e8:78:a0:66:a9:f5:75:
66:26:a5:ef:57:d8:95:77:0c:3a:88:95:d7:1b:00:ff:a7:90:
ef:71:bc:cc:7d:6f:e1:40:9c:af:68:ae:89:22:08:88:40:b3:
57:06:22:dc:d9:27:67:48:89:70:21:d4:88:ec:6c:c7:31:3d:
b6:ff:4a:f2:0a:47:3a:21:10:d8:05:9a:d8:c3:15:a9:fe:cb:
79:04:36:91:9a:32:43:3c:f1:cc:4f:ca:94:f6:4c:7c:01:ec:
ff:05:53:a7:f3:cf:05:da:d7:e1:22:63:32:2e:08:98:c3:32:
b6:58:97:4a:f6:fd:b7:83:6f:97:67:b4:1a:d2:9f:ff:c0:26:
e7:f1:86:18:70:89:b3:ca:1a:5f:20:04:c8:84:87:5e:50:cf:
6f:d6:08:cc:69:cb:4d:85:1d:63:98:15:90:fe:0b:11:cd:48:
88:20:42:3e:ea:50:d3:55:4c:74:44:62:54:10:73:a8:a3:a6:
c4:1e:30:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsZclBDQdBxtegNjJlVWvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYTA2YTQ1M2ZjZDVmMjZmYWY0ODIyYzRiNDU5MDk4ZGNh
ZmYwMzkwHhcNMjMwMTAxMDgxNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2M1YTRmNjY2NDZmNzkyMGE1ZTcxMzEzMTE5NDg4YWRiNjEwNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstcn5cfviMPKca/Ob5EYQE8K1UYD
S+0+svkTd2qvR/+TciczTzc90z4sLZJ183vPmPJbFoIctVmUK+cvvu6vrVI4U8NV
aWmYozmLbJUj7Nn1RlhH9as9YF/wzEe1HOR3a3yynJxkbALyLV4wYFjD55QIyB4g
j0X6gDZ+EDrmv5N1iINu31phzObO9tORH1U5cfg+C8omBHKkt+Ss91LYFic99zBN
mWbbVu05imQLfHmL2d3RkZrCCdLlsk1qWQMiAb612i1l4O9iamocYuPpp46/DfIz
gQrjwRYgrCcH7qdmo4FNhGHFf1v1w3AL2AEOue5mRgHyYOwHjKDnyHlA4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKzFpPZmRveSCl5xMTEZSIrbYQVLMB8GA1UdIwQY
MBaAFFCgakU/zV8m+vSCLEtFkJjcr/A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUtCcVJUX05YeWI2OUlJc1MwV1FtTnl2OERrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMzQ4YjUtMTUxYy00YWE1LWJkMDkt
ZWY1ZDUwMTFjYTc3LzEvck1XazltWkc5NUlLWG5FeE1SbElpdHRoQlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9kMzQ4YjUtMTUxYy00YWE1LWJkMDktZWY1ZDUwMTFjYTc3
LzEvVUtCcVJUX05YeWI2OUlJc1MwV1FtTnl2OERrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8P2AwQD
wY8IAwQDwY/wMA0GCSqGSIb3DQEBCwUAA4IBAQCXLnRPUYrsGthCdPHHK6FubFgn
k+TirP2BwlXTvlXDnqO6PThXOvp1git4/uy9C8UbfXMcDsLECD5c4v+M0ecMl+h4
oGap9XVmJqXvV9iVdww6iJXXGwD/p5DvcbzMfW/hQJyvaK6JIgiIQLNXBiLc2Sdn
SIlwIdSI7GzHMT22/0ryCkc6IRDYBZrYwxWp/st5BDaRmjJDPPHMT8qU9kx8Aez/
BVOn888F2tfhImMyLgiYwzK2WJdK9v23g2+XZ7Qa0p//wCbn8YYYcImzyhpfIATI
hIdeUM9v1gjMactNhR1jmBWQ/gsRzUiIIEI+6lDTVUx0RGJUEHOoo6bEHjAO
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:39 2024 by rpki-client on console-ams.rpki-client.org