Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/MlOsAQkFzK3oNJ_NrvY_ypeOVK8.roa
File: MlOsAQkFzK3oNJ_NrvY_ypeOVK8.roa (raw, json)
Hash identifier: 7vDDQcdN1qzrdPlSNN/EDU/PYKDQIC4pN9XGjnrOavE=
Subject key identifier: 32:53:AC:01:09:05:CC:AD:E8:34:9F:CD:AE:F6:3F:CA:97:8E:54:AF
Certificate issuer: /CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Certificate serial: 018C6C5D821977697A0C995035FD25F3F1ED
Authority key identifier: F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/MlOsAQkFzK3oNJ_NrvY_ypeOVK8.roa
Signing time: Fri 15 Dec 2023 07:25:16 +0000
ROA not before: Fri 15 Dec 2023 07:25:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199743
IP address blocks: 185.48.68.0/22 maxlen: 28
91.217.210.0/24 maxlen: 24
2a01:9660:19::/48 maxlen: 48
2a01:9660::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6c:5d:82:19:77:69:7a:0c:99:50:35:fd:25:f3:f1:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f50b6b425600a25a6dc132de514797e2aa4b0247
Validity
Not Before: Dec 15 07:25:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3253ac010905ccade8349fcdaef63fca978e54af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:19:d3:e1:a3:68:11:b4:88:f9:69:cb:96:0e:
06:10:b8:48:41:ec:44:7d:de:19:22:fb:49:6b:d1:
d1:7f:2a:94:38:10:c3:2f:87:63:f6:0e:e4:12:ae:
d5:20:69:76:33:02:a9:8b:2c:4e:34:94:06:e3:4c:
eb:2b:5e:ad:0c:11:69:cf:75:c5:ec:52:e4:14:99:
24:16:76:88:dd:6f:18:0f:93:c6:66:62:dc:49:fe:
2d:b4:36:5a:a5:38:db:4f:89:51:49:69:01:8a:eb:
75:10:b1:71:40:81:c7:98:a2:f1:80:3e:5c:68:78:
75:06:1f:44:4b:af:97:57:77:f9:5d:46:e8:89:24:
1e:8a:2c:cf:4f:d3:97:d9:d2:d0:26:a1:d1:0b:06:
d7:40:79:c8:d6:e1:11:12:47:c9:50:28:19:3d:bc:
6b:f5:a5:33:7e:5f:23:e1:a1:b6:bd:79:d0:87:9b:
8f:83:5f:b0:21:ea:cb:ac:e3:c9:71:77:31:2e:15:
02:49:62:41:a7:01:18:c6:2f:35:07:38:68:e9:b2:
6d:31:49:d1:ae:4a:4d:a1:11:3d:11:fb:76:7c:74:
d9:ca:89:81:01:8a:07:16:1a:f5:7b:2c:e3:57:3f:
31:62:e4:6e:e0:6a:7f:d0:ae:07:d6:9c:dd:b5:9e:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:53:AC:01:09:05:CC:AD:E8:34:9F:CD:AE:F6:3F:CA:97:8E:54:AF
X509v3 Authority Key Identifier:
keyid:F5:0B:6B:42:56:00:A2:5A:6D:C1:32:DE:51:47:97:E2:AA:4B:02:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QtrQlYAolptwTLeUUeX4qpLAkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/MlOsAQkFzK3oNJ_NrvY_ypeOVK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a9fcc9-67b2-44d6-b566-100f84fe950c/1/9QtrQlYAolptwTLeUUeX4qpLAkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.210.0/24
185.48.68.0/22
IPv6:
2a01:9660::/32
Signature Algorithm: sha256WithRSAEncryption
36:48:e3:5f:8c:6d:a9:23:34:c1:18:98:a9:7e:e7:19:0d:f7:
f8:56:a9:0c:0c:67:8e:b1:7f:99:68:22:a4:1e:6c:a7:4e:33:
e6:d3:37:bf:59:be:11:05:fc:0f:7e:07:b1:b6:a3:78:0e:ec:
12:4c:ad:85:a1:d5:87:f4:e6:d9:21:ca:95:aa:68:0b:f2:d1:
5b:56:a1:d7:cc:5d:2a:39:05:58:a8:9b:1d:fa:1b:6d:e2:57:
a1:f1:cd:f6:15:6d:24:5c:65:6e:c6:75:e9:e3:f9:de:fc:f7:
90:15:fc:03:40:0e:5f:9b:b2:86:78:c4:8a:c3:62:ec:d6:00:
5b:72:60:e4:e3:98:cb:c5:11:5b:f3:fd:96:86:10:3d:64:40:
83:2a:0a:d9:ef:6d:40:93:f1:b3:f6:63:94:0a:fb:55:d8:3e:
01:ab:6b:00:01:fd:46:fa:87:db:44:4d:aa:28:94:95:44:17:
97:68:38:eb:2a:11:ba:d0:6c:67:5c:b5:77:80:53:6b:48:44:
74:35:2d:a2:4e:6e:c2:e0:e0:01:8b:b1:9a:9c:bb:a7:c9:16:
44:30:03:f1:42:44:51:8a:af:1a:74:22:5f:8d:25:c0:dd:19:
ac:c9:35:63:e9:3e:1e:80:75:f3:86:d3:22:5f:25:da:da:f1:
e1:f1:29:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYxsXYIZd2l6DJlQNf0l8/HtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MGI2YjQyNTYwMGEyNWE2ZGMxMzJkZTUxNDc5N2UyYWE0
YjAyNDcwHhcNMjMxMjE1MDcyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjUzYWMwMTA5MDVjY2FkZTgzNDlmY2RhZWY2M2ZjYTk3OGU1NGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRnT4aNoEbSI+WnLlg4GELhIQexE
fd4ZIvtJa9HRfyqUOBDDL4dj9g7kEq7VIGl2MwKpiyxONJQG40zrK16tDBFpz3XF
7FLkFJkkFnaI3W8YD5PGZmLcSf4ttDZapTjbT4lRSWkBiut1ELFxQIHHmKLxgD5c
aHh1Bh9ES6+XV3f5XUboiSQeiizPT9OX2dLQJqHRCwbXQHnI1uEREkfJUCgZPbxr
9aUzfl8j4aG2vXnQh5uPg1+wIerLrOPJcXcxLhUCSWJBpwEYxi81Bzho6bJtMUnR
rkpNoRE9Eft2fHTZyomBAYoHFhr1eyzjVz8xYuRu4Gp/0K4H1pzdtZ7bTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDJTrAEJBcyt6DSfza72P8qXjlSvMB8GA1UdIwQY
MBaAFPULa0JWAKJabcEy3lFHl+KqSwJHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYt
MTAwZjg0ZmU5NTBjLzEvTWxPc0FRa0Z6SzNvTkpfTnJ2WV95cGVPVks4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9hOWZjYzktNjdiMi00NGQ2LWI1NjYtMTAwZjg0ZmU5NTBj
LzEvOVF0clFsWUFvbHB0d1RMZVVVZVg0cXBMQWtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9nSAwQC
uTBEMA0EAgACMAcDBQAqAZZgMA0GCSqGSIb3DQEBCwUAA4IBAQA2SONfjG2pIzTB
GJipfucZDff4VqkMDGeOsX+ZaCKkHmynTjPm0ze/Wb4RBfwPfgextqN4DuwSTK2F
odWH9ObZIcqVqmgL8tFbVqHXzF0qOQVYqJsd+htt4leh8c32FW0kXGVuxnXp4/ne
/PeQFfwDQA5fm7KGeMSKw2Ls1gBbcmDk45jLxRFb8/2WhhA9ZECDKgrZ721Ak/Gz
9mOUCvtV2D4Bq2sAAf1G+ofbRE2qKJSVRBeXaDjrKhG60GxnXLV3gFNrSER0NS2i
Tm7C4OABi7GanLunyRZEMAPxQkRRiq8adCJfjSXA3RmsyTVj6T4egHXzhtMiXyXa
2vHh8SnF
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:36 2024 by rpki-client on console-ams.rpki-client.org