Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MPBHGRKnDnSZJb74G-4Rp22t-ro.roa
File: MPBHGRKnDnSZJb74G-4Rp22t-ro.roa (raw, json)
Hash identifier: +a3BO/SDBxctm/+YOod2b7aWSrf1JYjR2u+o2tEFxXo=
Subject key identifier: 30:F0:47:19:12:A7:0E:74:99:25:BE:F8:1B:EE:11:A7:6D:AD:FA:BA
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 01856CB83C60064D0124214C91638B42755A
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MPBHGRKnDnSZJb74G-4Rp22t-ro.roa
Signing time: Sun 01 Jan 2023 09:44:51 +0000
ROA not before: Sun 01 Jan 2023 09:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12826
IP address blocks: 194.250.211.0/24 maxlen: 24
81.80.237.0/24 maxlen: 24
195.101.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:b8:3c:60:06:4d:01:24:21:4c:91:63:8b:42:75:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 09:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f0471912a70e749925bef81bee11a76dadfaba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:05:6d:4f:2d:bc:5b:49:71:49:50:d5:b1:a2:
5c:a9:75:74:ac:98:78:51:62:16:34:9f:07:e7:c6:
08:44:51:e2:5a:57:a5:cf:47:6d:ff:26:4e:7c:c4:
26:86:db:31:74:2f:d4:ab:92:2d:7d:58:be:86:a2:
37:cc:66:9a:23:46:07:e1:08:49:3c:3d:5a:47:bf:
a1:75:20:63:9b:26:36:8e:f2:46:c3:9f:fd:4a:84:
15:28:2c:e9:7d:c5:c9:45:ea:bd:34:b7:87:57:4f:
e7:15:a3:39:79:81:53:a7:65:cb:d7:85:a4:3f:ec:
72:f8:e3:57:d0:03:71:5d:27:b1:33:77:e9:7f:92:
39:9e:5a:76:d0:bb:23:34:b3:0a:4b:df:8b:db:53:
19:89:43:c2:ac:e7:10:d6:07:ec:4f:99:a3:e1:95:
d4:a8:07:32:3c:28:da:dc:a3:15:05:df:c5:b3:9c:
53:e8:3b:80:cc:58:6a:b7:34:0a:b7:b5:3a:e0:9c:
1c:f4:02:01:7c:09:b0:06:f8:23:22:c5:3a:c3:ed:
91:a4:28:14:17:9f:bd:77:2f:4b:83:3b:38:7c:1d:
60:29:39:71:43:96:35:86:19:21:38:bd:33:f7:f8:
d0:6d:78:81:db:10:74:34:0f:28:56:18:d7:84:d7:
39:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F0:47:19:12:A7:0E:74:99:25:BE:F8:1B:EE:11:A7:6D:AD:FA:BA
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/MPBHGRKnDnSZJb74G-4Rp22t-ro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.80.237.0/24
194.250.211.0/24
195.101.158.0/24
Signature Algorithm: sha256WithRSAEncryption
41:41:69:ef:3e:40:9f:f1:97:0a:7b:17:f6:8b:50:ae:33:40:
f5:f8:6b:2f:47:ef:67:39:95:03:47:5a:f2:5e:9b:b7:b4:e4:
86:5b:2c:38:1d:0d:1a:db:cb:0a:25:b2:e6:47:db:ea:76:bc:
54:69:c6:36:9a:e7:5e:a5:44:d4:32:41:00:20:41:a0:4e:ad:
92:22:04:e1:be:18:37:a8:ad:da:0a:4e:7c:b6:c6:86:93:ed:
38:47:cf:93:6c:13:fb:49:d1:51:b1:9c:3d:5b:9e:f0:d9:bc:
2e:0e:5b:22:8f:6e:9f:24:4a:1d:fe:5f:0c:10:25:1e:e9:52:
e5:db:44:aa:45:98:2d:d4:8d:5a:2a:f2:d8:a3:d0:70:f1:f3:
14:4a:5c:70:85:d1:37:98:32:3c:5b:53:c6:b5:51:f6:e0:fe:
22:0a:bf:ae:5e:98:78:45:d6:7c:32:1c:e7:da:be:fb:c7:44:
69:34:11:4d:de:e4:7e:ec:a0:84:28:1e:19:47:14:0b:92:ac:
f7:89:ff:4a:1c:31:65:33:5d:6e:6e:f3:34:30:7e:df:e5:66:
61:6a:b9:a2:9d:07:9a:90:d8:f6:36:b4:c2:f6:6d:06:fd:30:
95:7d:f6:62:bf:86:cf:7b:89:2a:ef:f2:01:1b:58:15:f8:78:
0f:96:c2:1e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsuDxgBk0BJCFMkWOLQnVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjMwMTAxMDk0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYwNDcxOTEyYTcwZTc0OTkyNWJlZjgxYmVlMTFhNzZkYWRmYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygVtTy28W0lxSVDVsaJcqXV0rJh4
UWIWNJ8H58YIRFHiWlelz0dt/yZOfMQmhtsxdC/Uq5ItfVi+hqI3zGaaI0YH4QhJ
PD1aR7+hdSBjmyY2jvJGw5/9SoQVKCzpfcXJReq9NLeHV0/nFaM5eYFTp2XL14Wk
P+xy+ONX0ANxXSexM3fpf5I5nlp20LsjNLMKS9+L21MZiUPCrOcQ1gfsT5mj4ZXU
qAcyPCja3KMVBd/Fs5xT6DuAzFhqtzQKt7U64Jwc9AIBfAmwBvgjIsU6w+2RpCgU
F5+9dy9Lgzs4fB1gKTlxQ5Y1hhkhOL0z9/jQbXiB2xB0NA8oVhjXhNc5swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDDwRxkSpw50mSW++BvuEadtrfq6MB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvTVBCSEdSS25EblNaSmI3NEctNFJwMjJ0LXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUVDtAwQA
wvrTAwQAw2WeMA0GCSqGSIb3DQEBCwUAA4IBAQBBQWnvPkCf8ZcKexf2i1CuM0D1
+GsvR+9nOZUDR1ryXpu3tOSGWyw4HQ0a28sKJbLmR9vqdrxUacY2mudepUTUMkEA
IEGgTq2SIgThvhg3qK3aCk58tsaGk+04R8+TbBP7SdFRsZw9W57w2bwuDlsij26f
JEod/l8MECUe6VLl20SqRZgt1I1aKvLYo9Bw8fMUSlxwhdE3mDI8W1PGtVH24P4i
Cr+uXph4RdZ8Mhzn2r77x0RpNBFN3uR+7KCEKB4ZRxQLkqz3if9KHDFlM11ubvM0
MH7f5WZharminQeakNj2NrTC9m0G/TCVffZiv4bPe4kq7/IBG1gV+HgPlsIe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org