Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MUPFlWhS7SzOUA8_dve-4fjqBbw.roa
File: MUPFlWhS7SzOUA8_dve-4fjqBbw.roa (raw, json)
Hash identifier: ySFvkHLZLIhx/k9LUTs6BC6Byyai6zQRJBCIXxEDW4w=
Subject key identifier: 31:43:C5:95:68:52:ED:2C:CE:50:0F:3F:76:F7:BE:E1:F8:EA:05:BC
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 018AB14E404BC47E79E97F0EFC8573B8DAEA
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MUPFlWhS7SzOUA8_dve-4fjqBbw.roa
Signing time: Wed 20 Sep 2023 06:36:50 +0000
ROA not before: Wed 20 Sep 2023 06:36:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 195.178.0.0/23 maxlen: 23
185.8.84.0/23 maxlen: 23
109.75.100.0/22 maxlen: 22
109.75.105.0/24 maxlen: 24
185.65.196.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b1:4e:40:4b:c4:7e:79:e9:7f:0e:fc:85:73:b8:da:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Sep 20 06:36:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3143c5956852ed2cce500f3f76f7bee1f8ea05bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:bd:9b:08:f1:3e:66:3a:c4:f2:76:f5:65:74:
dc:f6:76:ba:31:08:09:52:5d:27:a0:ac:95:f4:d5:
7b:50:b9:fd:0a:c9:da:16:ee:66:ce:f2:11:53:f1:
67:64:66:27:c0:77:3e:74:bd:8b:11:4e:1a:80:35:
6d:4a:a6:fb:f9:88:f5:de:12:ca:19:ad:05:0b:e6:
57:7f:f0:6a:00:b5:49:1c:1f:a9:a1:b6:35:9d:b6:
ea:9c:03:e1:da:54:e5:8e:81:e9:98:be:31:fe:62:
55:09:74:f4:b0:90:db:5b:97:92:b8:b3:c7:f0:4c:
cd:2e:48:4f:6d:b4:49:d3:1c:d4:8e:de:1c:b7:b4:
5d:68:7c:85:d7:34:1a:cd:c8:a6:05:8c:77:27:40:
5d:17:8f:13:6c:90:10:b6:cb:28:55:5a:23:5d:f0:
0a:03:a8:d7:8a:40:7c:6b:41:b2:23:03:d5:e1:0d:
ae:82:11:ce:c2:fd:5c:6d:9c:ba:e6:2e:2b:73:38:
53:32:53:e2:8c:de:e5:2c:54:fc:cf:2f:bb:4a:98:
75:6c:e3:ff:44:c4:7b:be:39:32:55:1f:7c:27:94:
8e:08:54:18:59:8a:33:55:bf:ea:47:65:9b:4e:fd:
d9:52:8c:16:89:a4:4c:33:4e:05:b6:f9:52:c1:bf:
68:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:43:C5:95:68:52:ED:2C:CE:50:0F:3F:76:F7:BE:E1:F8:EA:05:BC
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MUPFlWhS7SzOUA8_dve-4fjqBbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.75.100.0/22
109.75.105.0/24
185.8.84.0/23
185.65.196.0/23
195.178.0.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:9e:1e:92:ca:78:06:84:25:ee:a1:b5:0b:72:d8:b0:9a:06:
8b:5d:c1:c5:41:a7:d7:20:f3:5e:fd:e2:70:3c:4f:9f:79:17:
64:a0:b8:29:90:68:71:fe:bd:ca:8b:21:b4:f2:ba:8f:7e:73:
69:45:96:b8:4c:50:fb:f9:75:e1:bd:77:0b:55:05:ef:e3:e3:
70:08:3c:64:db:70:b9:7a:8d:a9:23:a4:92:5b:45:91:a8:bd:
c7:e0:e4:d3:77:98:26:36:8c:35:23:4f:97:c7:97:f2:60:76:
94:e3:28:06:d0:c7:e0:8c:fb:53:b6:ed:43:d0:60:85:36:e4:
3f:0f:8b:0d:a5:32:5c:6c:d6:8a:a9:6c:1e:d1:4a:bf:11:6a:
1f:5f:e7:38:0f:fc:3d:70:69:4e:b8:7b:28:41:2c:0c:c6:7d:
a5:d7:60:1b:a3:6f:c7:b9:8b:38:c4:74:13:4e:5a:8e:a3:2a:
34:7c:6c:3b:37:ef:46:ed:8c:1d:7f:b8:3a:0e:80:4f:d8:b8:
af:17:66:37:1d:a9:af:41:6c:8c:fd:e7:96:d7:c3:de:a0:6c:
11:0a:80:a5:06:ec:9d:ed:d0:83:c1:dd:fb:f3:1d:c0:5d:3b:
fc:c9:92:fb:72:2b:30:ff:1e:ba:25:eb:cd:99:e1:3e:7f:92:
ec:eb:10:f9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYqxTkBLxH556X8O/IVzuNrqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjMwOTIwMDYzNjUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQzYzU5NTY4NTJlZDJjY2U1MDBmM2Y3NmY3YmVlMWY4ZWEwNWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0r2bCPE+ZjrE8nb1ZXTc9na6MQgJ
Ul0noKyV9NV7ULn9CsnaFu5mzvIRU/FnZGYnwHc+dL2LEU4agDVtSqb7+Yj13hLK
Ga0FC+ZXf/BqALVJHB+pobY1nbbqnAPh2lTljoHpmL4x/mJVCXT0sJDbW5eSuLPH
8EzNLkhPbbRJ0xzUjt4ct7RdaHyF1zQazcimBYx3J0BdF48TbJAQtssoVVojXfAK
A6jXikB8a0GyIwPV4Q2ughHOwv1cbZy65i4rczhTMlPijN7lLFT8zy+7Sph1bOP/
RMR7vjkyVR98J5SOCFQYWYozVb/qR2WbTv3ZUowWiaRMM04FtvlSwb9oVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDFDxZVoUu0szlAPP3b3vuH46gW8MB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvTVVQRmxXaFM3U3pPVUE4X2R2ZS00ZmpxQmJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCbUtkAwQA
bUtpAwQBuQhUAwQBuUHEAwQBw7IAMA0GCSqGSIb3DQEBCwUAA4IBAQBanh6SyngG
hCXuobULctiwmgaLXcHFQafXIPNe/eJwPE+feRdkoLgpkGhx/r3KiyG08rqPfnNp
RZa4TFD7+XXhvXcLVQXv4+NwCDxk23C5eo2pI6SSW0WRqL3H4OTTd5gmNow1I0+X
x5fyYHaU4ygG0MfgjPtTtu1D0GCFNuQ/D4sNpTJcbNaKqWwe0Uq/EWofX+c4D/w9
cGlOuHsoQSwMxn2l12Abo2/HuYs4xHQTTlqOoyo0fGw7N+9G7Ywdf7g6DoBP2Liv
F2Y3HamvQWyM/eeW18PeoGwRCoClBuyd7dCDwd378x3AXTv8yZL7cisw/x66JevN
meE+f5Ls6xD5
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:20 2024 by rpki-client on console-ams.rpki-client.org