Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/MKfxsfq4SDYnp3L5APiSt2mHeu4.roa
File: MKfxsfq4SDYnp3L5APiSt2mHeu4.roa (raw, json)
Hash identifier: c0zoOuV8AtSVV927JodWVZtgHavAqc330UZ5NYa6+vQ=
Subject key identifier: 30:A7:F1:B1:FA:B8:48:36:27:A7:72:F9:00:F8:92:B7:69:87:7A:EE
Certificate issuer: /CN=6b0ecdbf51360cecae617abe1a3ac6a6ff0a5b6c
Certificate serial: 018AB7F7AED7BD416ECB97BC050922A4A96B
Authority key identifier: 6B:0E:CD:BF:51:36:0C:EC:AE:61:7A:BE:1A:3A:C6:A6:FF:0A:5B:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/MKfxsfq4SDYnp3L5APiSt2mHeu4.roa
Signing time: Thu 21 Sep 2023 13:39:37 +0000
ROA not before: Thu 21 Sep 2023 13:39:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50464
IP address blocks: 195.191.77.78/32 maxlen: 32
195.191.77.77/32 maxlen: 32
195.191.76.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Sep 2023 13:57:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:f7:ae:d7:bd:41:6e:cb:97:bc:05:09:22:a4:a9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b0ecdbf51360cecae617abe1a3ac6a6ff0a5b6c
Validity
Not Before: Sep 21 13:39:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a7f1b1fab8483627a772f900f892b769877aee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3a:94:6a:84:46:f6:6f:92:23:49:a0:11:48:
01:62:b5:cd:ff:05:64:d9:cc:68:eb:b7:85:57:ba:
c6:8f:4d:3b:c9:1d:65:68:38:1b:f2:68:2c:15:41:
10:23:be:2e:8b:56:15:8c:a9:f4:76:b4:32:fd:bc:
10:3b:bb:3d:f7:67:97:5c:74:1f:66:ce:fb:29:1d:
e5:2e:2d:33:6d:4e:78:c3:6a:81:74:6c:3d:d2:c7:
1c:97:5e:0b:a1:f8:65:07:d8:bf:c6:44:ac:86:b8:
bb:a4:37:07:78:94:96:a6:95:65:5f:c2:9f:c5:78:
5c:58:85:9d:ae:71:9f:df:bc:9c:00:17:03:be:95:
db:88:f3:6c:90:f3:e4:08:fc:a8:bd:38:18:fa:a0:
c8:73:d5:06:ab:fc:4a:64:b7:e2:04:9a:13:01:5c:
fe:a7:b8:cf:83:31:ba:8c:36:a9:48:b8:2d:bf:9f:
ac:72:07:1f:96:18:9a:6e:32:62:55:98:a3:42:c1:
0d:9f:25:b8:65:80:4d:06:d5:15:25:51:ad:59:1f:
87:6b:be:f8:5b:76:8b:b9:22:ba:d3:ef:24:a2:f5:
6e:0f:29:c5:30:e0:dd:ab:70:89:74:ec:28:01:b8:
ff:57:f2:4e:17:6c:60:96:d0:a8:84:ee:f7:61:99:
52:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A7:F1:B1:FA:B8:48:36:27:A7:72:F9:00:F8:92:B7:69:87:7A:EE
X509v3 Authority Key Identifier:
keyid:6B:0E:CD:BF:51:36:0C:EC:AE:61:7A:BE:1A:3A:C6:A6:FF:0A:5B:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/MKfxsfq4SDYnp3L5APiSt2mHeu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1acb0c-31a3-4718-993d-11dffe108147/1/aw7Nv1E2DOyuYXq-GjrGpv8KW2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.76.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:9f:e0:b4:6f:77:91:66:f5:e9:69:88:48:18:7b:b7:13:a3:
6e:96:36:7c:09:ff:8a:0e:fb:82:8c:dd:e1:0c:a1:8f:d5:ba:
a1:5c:a2:eb:6a:14:16:8e:91:eb:a7:91:91:27:04:5e:4f:13:
bf:bc:74:35:82:d9:a4:e7:6b:8c:68:0e:18:74:04:28:94:d5:
40:7f:3d:26:fa:39:1f:4a:0e:d8:a2:37:ec:d5:48:95:2f:c3:
d6:ab:7b:bb:99:e6:f1:bf:2f:84:88:69:3f:64:f3:b3:a9:fa:
70:bf:61:fd:da:3c:7f:64:14:da:6a:db:a2:08:6e:7f:28:38:
75:a2:7d:39:a0:42:a4:f2:61:a2:a7:b3:4d:35:7f:09:d3:20:
5b:14:a8:9b:8c:59:dc:44:1f:01:ed:27:0e:14:04:d0:85:9b:
2f:7f:1c:55:09:da:5d:a2:9b:08:43:7d:1d:07:d5:93:8d:de:
1a:4f:26:a9:70:f5:e9:44:62:b5:4d:22:28:65:7b:0a:de:f6:
4b:66:04:9a:ec:3a:12:ec:c4:ad:1e:94:c4:33:7c:4f:bd:2a:
13:2f:bb:0b:7b:46:7d:31:d1:8e:74:0b:12:61:ae:6d:30:87:
e6:f6:d5:14:ee:20:18:7c:63:31:53:a3:47:82:57:64:5d:14:
83:19:99:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq3967XvUFuy5e8BQkipKlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMGVjZGJmNTEzNjBjZWNhZTYxN2FiZTFhM2FjNmE2ZmYw
YTViNmMwHhcNMjMwOTIxMTMzOTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE3ZjFiMWZhYjg0ODM2MjdhNzcyZjkwMGY4OTJiNzY5ODc3YWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTqUaoRG9m+SI0mgEUgBYrXN/wVk
2cxo67eFV7rGj007yR1laDgb8mgsFUEQI74ui1YVjKn0drQy/bwQO7s992eXXHQf
Zs77KR3lLi0zbU54w2qBdGw90sccl14LofhlB9i/xkSshri7pDcHeJSWppVlX8Kf
xXhcWIWdrnGf37ycABcDvpXbiPNskPPkCPyovTgY+qDIc9UGq/xKZLfiBJoTAVz+
p7jPgzG6jDapSLgtv5+scgcflhiabjJiVZijQsENnyW4ZYBNBtUVJVGtWR+Ha774
W3aLuSK60+8kovVuDynFMODdq3CJdOwoAbj/V/JOF2xgltCohO73YZlSwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCn8bH6uEg2J6dy+QD4krdph3ruMB8GA1UdIwQY
MBaAFGsOzb9RNgzsrmF6vho6xqb/CltsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXc3TnYxRTJET3l1WVhxLUdqckdwdjhLVzJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xYWNiMGMtMzFhMy00NzE4LTk5M2Qt
MTFkZmZlMTA4MTQ3LzEvTUtmeHNmcTRTRFlucDNMNUFQaVN0Mm1IZXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xYWNiMGMtMzFhMy00NzE4LTk5M2QtMTFkZmZlMTA4MTQ3
LzEvYXc3TnYxRTJET3l1WVhxLUdqckdwdjhLVzJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw79MMA0G
CSqGSIb3DQEBCwUAA4IBAQBOn+C0b3eRZvXpaYhIGHu3E6NuljZ8Cf+KDvuCjN3h
DKGP1bqhXKLrahQWjpHrp5GRJwReTxO/vHQ1gtmk52uMaA4YdAQolNVAfz0m+jkf
Sg7Yojfs1UiVL8PWq3u7mebxvy+EiGk/ZPOzqfpwv2H92jx/ZBTaatuiCG5/KDh1
on05oEKk8mGip7NNNX8J0yBbFKibjFncRB8B7ScOFATQhZsvfxxVCdpdopsIQ30d
B9WTjd4aTyapcPXpRGK1TSIoZXsK3vZLZgSa7DoS7MStHpTEM3xPvSoTL7sLe0Z9
MdGOdAsSYa5tMIfm9tUU7iAYfGMxU6NHgldkXRSDGZmR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:47 2024 by rpki-client on console-ams.rpki-client.org