Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e77d7b-bc0f-4635-8101-d1eeb29c951b/1/mtjNaA0PnxvbqBNHzkZiSFz_RV8.roa
File: mtjNaA0PnxvbqBNHzkZiSFz_RV8.roa (raw, json)
Hash identifier: SPrEnFEjix5kZZudAqS/Rt+y8N9nFyQbTdfFySnm/io=
Subject key identifier: 9A:D8:CD:68:0D:0F:9F:1B:DB:A8:13:47:CE:46:62:48:5C:FF:45:5F
Certificate issuer: /CN=e5164534979e60a564701232b2e5200889542606
Certificate serial: 018B6B3856B4F9AF17EF6FBA89C4C7270079
Authority key identifier: E5:16:45:34:97:9E:60:A5:64:70:12:32:B2:E5:20:08:89:54:26:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5RZFNJeeYKVkcBIysuUgCIlUJgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e77d7b-bc0f-4635-8101-d1eeb29c951b/1/mtjNaA0PnxvbqBNHzkZiSFz_RV8.roa
Signing time: Thu 26 Oct 2023 09:02:16 +0000
ROA not before: Thu 26 Oct 2023 09:02:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41132
IP address blocks: 217.145.240.0/20 maxlen: 20
212.33.160.0/19 maxlen: 19
85.237.128.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:30:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:6b:38:56:b4:f9:af:17:ef:6f:ba:89:c4:c7:27:00:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5164534979e60a564701232b2e5200889542606
Validity
Not Before: Oct 26 09:02:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ad8cd680d0f9f1bdba81347ce4662485cff455f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:ee:c3:95:81:4c:9c:67:a2:57:0e:cf:37:
ea:39:3d:81:b7:40:c1:2b:41:af:e2:32:21:ba:41:
17:04:27:83:85:59:70:93:3a:56:75:7e:ce:bf:e3:
cf:ff:61:01:94:9f:ac:73:49:c2:ac:23:54:79:d9:
02:10:a4:75:0e:a1:68:2e:44:c9:65:b9:47:9b:2c:
98:a7:67:df:e8:30:cd:3a:3e:56:4e:44:6f:0e:6e:
a5:8a:f6:74:d3:b5:cf:ee:14:08:5c:df:6c:7f:4e:
a4:6e:dc:0a:21:a1:3e:1b:05:94:b5:d2:40:d7:e6:
d3:ea:00:ae:d4:83:84:fd:65:04:1f:58:f0:60:05:
0e:2f:cb:76:bf:bc:08:a1:99:e2:0b:63:db:d6:2b:
05:b7:c5:4f:b1:e8:6d:b1:a1:24:ea:3a:16:3d:a8:
7b:27:3d:33:83:c2:da:23:1c:59:1a:6a:90:0d:e8:
a4:94:43:4c:39:a9:59:3a:9d:6d:df:9e:23:6d:42:
cd:b2:ca:97:ce:ee:b5:7c:ca:96:73:a9:b8:b1:48:
d6:5d:3a:28:59:ce:27:d0:5a:c8:f2:9e:2c:15:58:
5c:c4:3d:96:bd:92:77:73:08:5f:cd:ce:35:4b:38:
e2:0c:3f:da:b5:9e:f4:72:36:08:75:b3:81:7f:04:
2f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D8:CD:68:0D:0F:9F:1B:DB:A8:13:47:CE:46:62:48:5C:FF:45:5F
X509v3 Authority Key Identifier:
keyid:E5:16:45:34:97:9E:60:A5:64:70:12:32:B2:E5:20:08:89:54:26:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5RZFNJeeYKVkcBIysuUgCIlUJgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e77d7b-bc0f-4635-8101-d1eeb29c951b/1/mtjNaA0PnxvbqBNHzkZiSFz_RV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e77d7b-bc0f-4635-8101-d1eeb29c951b/1/5RZFNJeeYKVkcBIysuUgCIlUJgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.128.0/19
212.33.160.0/19
217.145.240.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:8d:26:c1:8a:4a:1b:4a:c7:ac:cc:50:c4:42:24:e9:4c:d6:
91:54:b2:c3:af:55:98:42:08:f5:d3:21:9c:11:0a:5e:f5:7e:
90:eb:09:b4:71:c9:04:44:ac:06:8a:8f:80:0b:26:4f:77:64:
9f:08:4d:bc:c4:3a:44:b6:8e:4e:ba:09:8c:d5:c0:fb:e7:4f:
53:bf:e4:a6:c6:0c:20:b1:00:f5:e5:70:9d:85:ee:f6:e6:81:
71:05:bc:d2:cb:7c:8a:11:25:2e:96:21:90:02:de:10:6f:99:
2a:95:02:36:7f:33:8f:0f:e0:12:13:5b:c7:cb:7d:c5:a2:4f:
fe:6a:a9:49:3e:79:a4:c7:57:d3:2b:e0:8c:0a:69:f6:79:c8:
68:67:f4:44:7f:70:77:e4:2a:9f:65:a6:40:43:1b:79:22:7b:
42:3f:6d:bc:b1:1f:05:66:e4:ef:e6:cb:90:0c:a7:ea:41:c5:
2d:3a:0d:6e:90:07:17:2e:fa:46:40:f7:b3:fd:e5:9c:fd:aa:
10:28:8c:45:b3:b5:f4:f4:1c:d2:7e:7f:03:df:4a:bc:fb:85:
b2:62:7a:25:85:4c:3c:eb:12:3e:3c:2f:79:04:3c:2c:01:a3:
af:54:43:17:42:a8:a2:77:b1:1e:68:3e:8d:cf:8a:47:f8:c8:
9a:34:39:bc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYtrOFa0+a8X72+6icTHJwB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MTY0NTM0OTc5ZTYwYTU2NDcwMTIzMmIyZTUyMDA4ODk1
NDI2MDYwHhcNMjMxMDI2MDkwMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWQ4Y2Q2ODBkMGY5ZjFiZGJhODEzNDdjZTQ2NjI0ODVjZmY0NTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiXuw5WBTJxnolcOzzfqOT2Bt0DB
K0Gv4jIhukEXBCeDhVlwkzpWdX7Ov+PP/2EBlJ+sc0nCrCNUedkCEKR1DqFoLkTJ
ZblHmyyYp2ff6DDNOj5WTkRvDm6livZ007XP7hQIXN9sf06kbtwKIaE+GwWUtdJA
1+bT6gCu1IOE/WUEH1jwYAUOL8t2v7wIoZniC2Pb1isFt8VPsehtsaEk6joWPah7
Jz0zg8LaIxxZGmqQDeiklENMOalZOp1t354jbULNssqXzu61fMqWc6m4sUjWXToo
Wc4n0FrI8p4sFVhcxD2WvZJ3cwhfzc41SzjiDD/atZ70cjYIdbOBfwQvqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJrYzWgND58b26gTR85GYkhc/0VfMB8GA1UdIwQY
MBaAFOUWRTSXnmClZHASMrLlIAiJVCYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVJaRk5KZWVZS1ZrY0JJeXN1VWdDSWxVSmdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lNzdkN2ItYmMwZi00NjM1LTgxMDEt
ZDFlZWIyOWM5NTFiLzEvbXRqTmFBMFBueHZicUJOSHprWmlTRnpfUlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lNzdkN2ItYmMwZi00NjM1LTgxMDEtZDFlZWIyOWM5NTFi
LzEvNVJaRk5KZWVZS1ZrY0JJeXN1VWdDSWxVSmdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFVe2AAwQF
1CGgAwQE2ZHwMA0GCSqGSIb3DQEBCwUAA4IBAQAtjSbBikobSseszFDEQiTpTNaR
VLLDr1WYQgj10yGcEQpe9X6Q6wm0cckERKwGio+ACyZPd2SfCE28xDpEto5OugmM
1cD7509Tv+SmxgwgsQD15XCdhe725oFxBbzSy3yKESUuliGQAt4Qb5kqlQI2fzOP
D+ASE1vHy33Fok/+aqlJPnmkx1fTK+CMCmn2echoZ/REf3B35CqfZaZAQxt5IntC
P228sR8FZuTv5suQDKfqQcUtOg1ukAcXLvpGQPez/eWc/aoQKIxFs7X09BzSfn8D
30q8+4WyYnolhUw86xI+PC95BDwsAaOvVEMXQqiid7EeaD6Nz4pH+MiaNDm8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:02 2024 by rpki-client on console-fra.rpki-client.org