Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Mcz1y2D0fWTXY65ImFzOhb54izM.roa
File: Mcz1y2D0fWTXY65ImFzOhb54izM.roa (raw, json)
Hash identifier: wGzKg8UNeyHIDEMYvYQg0RoTHv2WP1fyIabXKIeBwWo=
Subject key identifier: 31:CC:F5:CB:60:F4:7D:64:D7:63:AE:48:98:5C:CE:85:BE:78:8B:33
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E2E3E4575FE4E7D6A6BA4F13069C0
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Mcz1y2D0fWTXY65ImFzOhb54izM.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12566
IP address blocks: 62.62.169.0/24 maxlen: 24
87.255.128.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
194.153.88.0/23 maxlen: 23
194.153.89.0/24 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
194.153.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 09:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2e:3e:45:75:fe:4e:7d:6a:6b:a4:f1:30:69:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ccf5cb60f47d64d763ae48985cce85be788b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:22:1d:84:b6:54:2e:4f:5c:4d:9a:6c:e4:73:
8e:c1:57:47:0e:70:db:c7:5e:c2:f6:e3:78:04:63:
59:1e:42:b1:26:b0:26:d9:e2:f0:89:78:da:87:16:
12:e6:57:87:b4:4d:5e:e8:98:a0:cb:48:48:22:5a:
15:56:03:43:1c:68:e4:c5:97:b1:ae:6c:ce:ec:7b:
69:a7:4b:dc:a6:65:13:e9:3f:1d:5e:a6:0e:1b:74:
0c:15:ce:81:6c:84:ad:bd:9a:a0:62:fb:f3:19:4a:
d2:77:42:15:be:da:78:95:ed:ce:0b:af:86:1a:8a:
6a:33:e5:1f:4e:c8:61:3a:20:2b:65:b0:3a:25:1f:
b1:e0:d6:53:cf:1b:2b:1f:b3:b7:86:4f:15:64:da:
97:1d:1f:61:6d:f0:23:70:13:18:c1:00:9e:e4:7a:
81:4e:d8:96:ff:6c:f8:69:f8:d2:1f:27:a3:e5:7f:
ba:f8:3f:ec:87:d2:e8:11:3b:b8:a4:d6:4e:64:ff:
bb:b8:c0:c3:63:3e:71:db:40:21:2f:09:3b:31:e8:
52:47:34:96:1d:5a:eb:02:fa:3c:ac:6c:2c:02:6d:
ea:fb:54:7b:0e:36:87:60:7f:e5:5a:54:14:d7:4b:
8e:3a:59:e3:78:9b:ab:68:30:d0:d9:01:1f:4f:60:
83:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:CC:F5:CB:60:F4:7D:64:D7:63:AE:48:98:5C:CE:85:BE:78:8B:33
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/Mcz1y2D0fWTXY65ImFzOhb54izM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.62.169.0/24
87.255.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
212.23.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2b:4c:7e:83:90:49:00:f3:c5:a5:dc:43:89:b8:79:23:77:f8:
99:b5:d2:f3:5a:40:a7:fc:c6:0f:7c:c2:f7:55:b2:38:02:a0:
98:6d:bb:b8:40:95:be:ea:7b:3c:52:9c:f3:aa:33:24:62:57:
ac:f4:54:a9:cb:f9:bb:45:fd:23:b9:87:bc:6a:b2:8d:10:b3:
31:03:6f:e7:64:08:30:8b:db:61:78:e2:28:3c:fc:d1:10:ec:
a2:3c:e7:6e:bd:a2:fe:b1:1f:cc:2d:2a:1d:c3:5d:88:6b:2a:
36:8f:75:6c:96:07:c1:38:53:48:81:fa:97:4c:ea:22:bc:ff:
13:71:04:c1:c9:7d:eb:6e:bf:59:6f:6c:37:e6:73:d3:95:ea:
3b:d0:0d:0f:3a:47:e9:63:d1:8c:d1:b4:e3:be:7b:01:49:25:
9a:2c:17:81:74:7e:60:06:98:db:2d:13:0a:eb:cd:6e:0a:64:
f5:75:29:55:b6:35:6b:50:97:6d:09:67:5d:7c:65:08:48:cd:
d0:5c:6e:a5:53:0d:92:71:63:1a:a8:90:60:b9:00:87:b2:d1:
09:1f:ad:f1:a2:71:d1:dc:64:5a:0a:69:b3:56:4d:75:73:1e:
81:d9:4e:06:f1:2b:53:31:72:1b:51:35:84:53:5f:87:01:92:
c2:71:cb:72
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJTi4+RXX+Tn1qa6TxMGnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWNjZjVjYjYwZjQ3ZDY0ZDc2M2FlNDg5ODVjY2U4NWJlNzg4YjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSIdhLZULk9cTZps5HOOwVdHDnDb
x17C9uN4BGNZHkKxJrAm2eLwiXjahxYS5leHtE1e6Jigy0hIIloVVgNDHGjkxZex
rmzO7Htpp0vcpmUT6T8dXqYOG3QMFc6BbIStvZqgYvvzGUrSd0IVvtp4le3OC6+G
GopqM+UfTshhOiArZbA6JR+x4NZTzxsrH7O3hk8VZNqXHR9hbfAjcBMYwQCe5HqB
TtiW/2z4afjSHyej5X+6+D/sh9LoETu4pNZOZP+7uMDDYz5x20AhLwk7MehSRzSW
HVrrAvo8rGwsAm3q+1R7DjaHYH/lWlQU10uOOlnjeJuraDDQ2QEfT2CDcQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDHM9ctg9H1k12OuSJhczoW+eIszMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvTWN6MXkyRDBmV1RYWTY1SW1Gek9oYjU0aXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPj6pAwQF
V/+AMAwDBAPCmVgDBADCmVoDBADCmVwDBADCmWEDBAXUF6AwDQYJKoZIhvcNAQEL
BQADggEBACtMfoOQSQDzxaXcQ4m4eSN3+Jm10vNaQKf8xg98wvdVsjgCoJhtu7hA
lb7qezxSnPOqMyRiV6z0VKnL+btF/SO5h7xqso0QszEDb+dkCDCL22F44ig8/NEQ
7KI85269ov6xH8wtKh3DXYhrKjaPdWyWB8E4U0iB+pdM6iK8/xNxBMHJfetuv1lv
bDfmc9OV6jvQDQ86R+lj0YzRtOO+ewFJJZosF4F0fmAGmNstEwrrzW4KZPV1KVW2
NWtQl20JZ118ZQhIzdBcbqVTDZJxYxqokGC5AIey0QkfrfGicdHcZFoKabNWTXVz
HoHZTgbxK1MxchtRNYRTX4cBksJxy3I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:50 2024 by rpki-client on console-ams.rpki-client.org