Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MsydBx7KVivkHb14Ds1clHjTXmU.roa
File: MsydBx7KVivkHb14Ds1clHjTXmU.roa (raw, json)
Hash identifier: uBPvcX8fdxyBtWoGYbz3jcczb44sko/7QGa2pEedrt4=
Subject key identifier: 32:CC:9D:07:1E:CA:56:2B:E4:1D:BD:78:0E:CD:5C:94:78:D3:5E:65
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 018F3515908CDC397EFA31F5CC49250FD371
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MsydBx7KVivkHb14Ds1clHjTXmU.roa
Signing time: Wed 01 May 2024 16:55:56 +0000
ROA not before: Wed 01 May 2024 16:55:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 176.67.82.0/24 maxlen: 24
176.67.87.0/24 maxlen: 24
2a05:e9c0:1000::/40 maxlen: 40
2a05:e9c0:1400::/40 maxlen: 40
2a05:e9c0:1800::/40 maxlen: 40
2a05:e9c0:3800::/40 maxlen: 40
2a05:e9c0:4400::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 03 Jul 2024 02:21:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:35:15:90:8c:dc:39:7e:fa:31:f5:cc:49:25:0f:d3:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: May 1 16:55:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32cc9d071eca562be41dbd780ecd5c9478d35e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d3:5e:d2:59:cd:fd:ee:c3:44:8e:5a:c1:38:
38:a1:47:f0:3b:6e:69:e4:31:e8:f0:9d:73:f2:06:
23:a7:28:1e:9a:a9:26:e3:43:06:82:7d:6d:95:a1:
f5:c7:45:21:d4:18:ae:7c:63:5b:41:53:1d:51:77:
34:ee:23:66:4f:ca:63:40:24:de:b0:72:e5:0b:17:
2a:ac:2e:ab:a6:16:cb:21:e9:f1:8a:02:b9:e3:00:
ca:14:f5:6c:66:df:f6:f6:8f:29:82:00:d2:f7:e1:
00:2c:82:f1:22:45:92:38:5e:96:37:12:d8:82:83:
b6:06:43:2f:fc:42:ee:a4:ef:5c:1b:44:97:bf:c8:
8e:1e:62:c0:b3:6b:aa:e1:2a:ae:8b:b5:6d:9c:63:
df:77:c0:a5:3d:4b:49:e4:89:42:05:6e:50:a4:a6:
27:f4:52:7b:2b:6b:82:46:27:95:df:f9:bb:35:ea:
4d:29:99:06:7d:41:d5:7f:86:3d:e8:37:90:e5:ad:
76:35:21:8c:43:8b:5f:7b:d4:04:f1:bf:fd:02:86:
7a:78:c3:45:6f:95:5f:d0:e8:c6:16:d7:3a:aa:52:
29:b8:e2:00:3b:1f:05:9f:a7:36:84:bf:18:e7:79:
9d:1b:38:54:9f:45:ae:e8:c3:43:ea:06:af:d7:17:
5a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CC:9D:07:1E:CA:56:2B:E4:1D:BD:78:0E:CD:5C:94:78:D3:5E:65
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/MsydBx7KVivkHb14Ds1clHjTXmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.82.0/24
176.67.87.0/24
IPv6:
2a05:e9c0:1000::/40
2a05:e9c0:1400::/40
2a05:e9c0:1800::/40
2a05:e9c0:3800::/40
2a05:e9c0:4400::/40
Signature Algorithm: sha256WithRSAEncryption
5a:58:ae:89:e6:9a:20:98:8f:44:0c:f0:67:d9:33:fe:af:1b:
62:a5:0d:4d:bb:ed:a9:25:76:0d:43:be:9c:e2:b4:a7:27:85:
8c:b9:fd:15:84:5c:19:cb:1a:73:47:a5:bf:64:5c:c7:d9:00:
48:55:8b:16:98:20:a7:e5:ac:44:d1:ca:36:d7:c6:65:bc:e0:
3a:60:33:94:8f:bd:bf:bb:71:37:d3:7d:1a:cb:6c:50:c4:d1:
02:21:8d:12:c7:32:7e:61:b4:3f:72:13:c8:2d:d7:44:48:e7:
1f:62:a0:15:0a:17:f0:7d:61:8c:3d:d6:c3:47:38:40:d5:b6:
27:b9:fc:19:5e:d2:12:0b:10:d1:75:fb:03:a7:01:f7:dc:db:
c0:96:b9:a1:06:0a:37:27:d8:af:1c:d5:b3:87:7e:ec:ce:38:
27:70:53:81:a2:a5:e4:3e:b2:dd:21:cf:34:b6:48:46:d2:d5:
8f:6b:9b:55:6d:80:c3:ed:32:aa:51:33:f4:bd:bb:ea:80:10:
28:7f:68:18:b6:11:87:8f:ff:cf:bf:6b:c8:fc:b0:40:e4:60:
1e:56:ea:79:cf:95:aa:ef:6f:53:18:ad:10:c2:ae:b8:ac:8f:
e5:cb:60:6d:a0:ca:9f:b4:6c:eb:32:81:47:b7:29:46:08:a9:
c1:96:2f:8d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY81FZCM3Dl++jH1zEklD9NxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwNTAxMTY1NTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNjOWQwNzFlY2E1NjJiZTQxZGJkNzgwZWNkNWM5NDc4ZDM1ZTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodNe0lnN/e7DRI5awTg4oUfwO25p
5DHo8J1z8gYjpygemqkm40MGgn1tlaH1x0Uh1BiufGNbQVMdUXc07iNmT8pjQCTe
sHLlCxcqrC6rphbLIenxigK54wDKFPVsZt/29o8pggDS9+EALILxIkWSOF6WNxLY
goO2BkMv/ELupO9cG0SXv8iOHmLAs2uq4Squi7VtnGPfd8ClPUtJ5IlCBW5QpKYn
9FJ7K2uCRieV3/m7NepNKZkGfUHVf4Y96DeQ5a12NSGMQ4tfe9QE8b/9AoZ6eMNF
b5Vf0OjGFtc6qlIpuOIAOx8Fn6c2hL8Y53mdGzhUn0Wu6MND6gav1xdaBQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDLMnQceylYr5B29eA7NXJR4015lMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvTXN5ZEJ4N0tWaXZrSGIxNERzMWNsSGpUWG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDASBAIAATAMAwQAsENSAwQA
sENXMC4EAgACMCgDBgAqBenAEAMGACoF6cAUAwYAKgXpwBgDBgAqBenAOAMGACoF
6cBEMA0GCSqGSIb3DQEBCwUAA4IBAQBaWK6J5pogmI9EDPBn2TP+rxtipQ1Nu+2p
JXYNQ76c4rSnJ4WMuf0VhFwZyxpzR6W/ZFzH2QBIVYsWmCCn5axE0co218ZlvOA6
YDOUj72/u3E3030ay2xQxNECIY0SxzJ+YbQ/chPILddESOcfYqAVChfwfWGMPdbD
RzhA1bYnufwZXtISCxDRdfsDpwH33NvAlrmhBgo3J9ivHNWzh37szjgncFOBoqXk
PrLdIc80tkhG0tWPa5tVbYDD7TKqUTP0vbvqgBAof2gYthGHj//Pv2vI/LBA5GAe
Vup5z5Wq729TGK0Qwq64rI/ly2BtoMqftGzrMoFHtylGCKnBli+N
-----END CERTIFICATE-----
Generated at Wed Jul 3 03:57:36 2024 by rpki-client on console-ams.rpki-client.org