Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/MbNrXIA6MAnMTuMyURtPaIUDmp0.roa
File: MbNrXIA6MAnMTuMyURtPaIUDmp0.roa (raw, json)
Hash identifier: /YxjsEZC84uyQ9+aPW2TGF1L+yEkJmQA/AtW1wGQFhg=
Subject key identifier: 31:B3:6B:5C:80:3A:30:09:CC:4E:E3:32:51:1B:4F:68:85:03:9A:9D
Certificate issuer: /CN=88d5e09af82a96918c86a647b4edcd8ebb23820d
Certificate serial: 0188E281CB9995DDBDC3314F0AD7C7E4313A
Authority key identifier: 88:D5:E0:9A:F8:2A:96:91:8C:86:A6:47:B4:ED:CD:8E:BB:23:82:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iNXgmvgqlpGMhqZHtO3Njrsjgg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/MbNrXIA6MAnMTuMyURtPaIUDmp0.roa
Signing time: Thu 22 Jun 2023 09:48:56 +0000
ROA not before: Thu 22 Jun 2023 09:48:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30761
IP address blocks: 185.73.252.0/24 maxlen: 24
185.73.253.0/24 maxlen: 24
185.73.254.0/24 maxlen: 24
193.22.7.0/24 maxlen: 24
2a05:4780::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:81:cb:99:95:dd:bd:c3:31:4f:0a:d7:c7:e4:31:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88d5e09af82a96918c86a647b4edcd8ebb23820d
Validity
Not Before: Jun 22 09:48:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31b36b5c803a3009cc4ee332511b4f6885039a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:36:3d:7e:1b:7a:81:4a:1e:21:da:f2:ef:72:
44:d1:32:84:23:52:9c:a2:07:10:89:c4:b5:a1:68:
5c:7f:ec:9a:e2:d1:28:6c:61:e2:26:2b:eb:5c:dc:
8e:d8:a6:60:58:4d:c6:fd:55:cc:65:b0:e5:c7:3c:
5b:0d:ce:07:e9:cd:3b:91:c5:8a:75:68:d2:e4:f5:
11:97:d4:66:e8:ff:c1:c9:63:66:ca:4e:52:9c:7c:
67:78:94:e2:1e:94:de:b0:af:df:08:2b:c4:8e:13:
a5:4b:db:7f:22:a7:7c:3d:ca:6c:16:5d:d6:ea:28:
83:ba:5f:01:16:a1:c4:c1:af:91:dd:09:c8:e3:b7:
cf:ec:e0:15:46:15:45:3c:ee:7c:6b:1c:74:42:96:
03:4a:62:63:d9:56:52:a4:10:b8:d3:3c:d4:4b:00:
81:43:d0:95:72:28:1a:9b:35:d7:2d:98:15:97:25:
fa:08:e0:c2:6c:31:8f:c7:42:db:f9:4c:5e:b7:a8:
ff:c3:8a:22:36:5a:23:2a:46:98:13:bf:61:b9:62:
86:16:b9:29:ea:a7:78:44:0b:74:d6:10:f9:3a:cc:
30:d8:07:08:81:9b:10:d6:3c:88:57:f3:3f:95:f2:
ae:34:6c:0c:50:54:82:de:bc:24:bf:e3:dc:bc:29:
b1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B3:6B:5C:80:3A:30:09:CC:4E:E3:32:51:1B:4F:68:85:03:9A:9D
X509v3 Authority Key Identifier:
keyid:88:D5:E0:9A:F8:2A:96:91:8C:86:A6:47:B4:ED:CD:8E:BB:23:82:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iNXgmvgqlpGMhqZHtO3Njrsjgg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/MbNrXIA6MAnMTuMyURtPaIUDmp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/7dbe93-5df8-48a3-8613-293b62794850/1/iNXgmvgqlpGMhqZHtO3Njrsjgg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.252.0-185.73.254.255
193.22.7.0/24
IPv6:
2a05:4780::/29
Signature Algorithm: sha256WithRSAEncryption
2b:e5:49:04:66:47:38:7a:b5:61:3a:f3:51:e9:2f:1e:a6:e7:
69:ba:ac:a0:cf:a6:87:46:68:b1:f5:56:6c:b3:a2:ae:a4:18:
30:16:c9:b8:e5:26:22:af:0f:cb:bf:a5:57:ae:6e:11:1b:40:
83:fb:b1:80:af:03:0a:d2:65:3e:34:ea:9c:94:e7:d7:7d:0f:
db:39:1f:a3:ec:0c:95:ba:92:33:d4:87:15:5d:90:9f:16:fe:
ab:b7:23:ce:1f:2d:95:67:98:4f:d2:2d:f2:45:58:84:5f:57:
87:1e:84:dd:24:00:78:be:15:5c:b9:77:27:5a:7b:dc:4c:a5:
7f:01:18:b4:f6:7d:42:03:2e:0c:a5:da:25:e1:4d:f3:7d:7c:
72:f9:c3:0a:ad:c7:ad:c7:25:cb:03:aa:79:c8:cf:e9:59:4f:
ba:5e:75:90:e1:f4:f0:ad:85:9f:eb:c3:21:c8:00:bd:15:ab:
e4:86:2d:80:6d:7c:f4:e6:c0:fd:d1:f2:1d:fc:9d:d2:e6:49:
fc:57:9c:b8:2e:b9:ac:0a:39:01:f3:92:38:b3:8e:01:63:27:
a0:d2:22:e0:93:3b:91:18:c2:1b:c7:8f:17:f2:5d:a8:8a:e2:
d1:aa:d5:7e:cc:77:c5:64:0f:9f:c5:ca:db:ca:66:8c:fe:f8:
d8:89:7b:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYjigcuZld29wzFPCtfH5DE6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZDVlMDlhZjgyYTk2OTE4Yzg2YTY0N2I0ZWRjZDhlYmIy
MzgyMGQwHhcNMjMwNjIyMDk0ODU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWIzNmI1YzgwM2EzMDA5Y2M0ZWUzMzI1MTFiNGY2ODg1MDM5YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzY9fht6gUoeIdry73JE0TKEI1Kc
ogcQicS1oWhcf+ya4tEobGHiJivrXNyO2KZgWE3G/VXMZbDlxzxbDc4H6c07kcWK
dWjS5PURl9Rm6P/ByWNmyk5SnHxneJTiHpTesK/fCCvEjhOlS9t/Iqd8PcpsFl3W
6iiDul8BFqHEwa+R3QnI47fP7OAVRhVFPO58axx0QpYDSmJj2VZSpBC40zzUSwCB
Q9CVcigamzXXLZgVlyX6CODCbDGPx0Lb+Uxet6j/w4oiNlojKkaYE79huWKGFrkp
6qd4RAt01hD5Osww2AcIgZsQ1jyIV/M/lfKuNGwMUFSC3rwkv+PcvCmxJwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDGza1yAOjAJzE7jMlEbT2iFA5qdMB8GA1UdIwQY
MBaAFIjV4Jr4KpaRjIamR7TtzY67I4INMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaU5YZ212Z3FscEdNaHFaSHRPM05qcnNqZ2cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny83ZGJlOTMtNWRmOC00OGEzLTg2MTMt
MjkzYjYyNzk0ODUwLzEvTWJOclhJQTZNQW5NVHVNeVVSdFBhSVVEbXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny83ZGJlOTMtNWRmOC00OGEzLTg2MTMtMjkzYjYyNzk0ODUw
LzEvaU5YZ212Z3FscEdNaHFaSHRPM05qcnNqZ2cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAK5SfwD
BAC5Sf4DBADBFgcwDQQCAAIwBwMFAyoFR4AwDQYJKoZIhvcNAQELBQADggEBACvl
SQRmRzh6tWE681HpLx6m52m6rKDPpodGaLH1Vmyzoq6kGDAWybjlJiKvD8u/pVeu
bhEbQIP7sYCvAwrSZT406pyU59d9D9s5H6PsDJW6kjPUhxVdkJ8W/qu3I84fLZVn
mE/SLfJFWIRfV4cehN0kAHi+FVy5dydae9xMpX8BGLT2fUIDLgyl2iXhTfN9fHL5
wwqtx63HJcsDqnnIz+lZT7pedZDh9PCthZ/rwyHIAL0Vq+SGLYBtfPTmwP3R8h38
ndLmSfxXnLguuawKOQHzkjizjgFjJ6DSIuCTO5EYwhvHjxfyXaiK4tGq1X7Md8Vk
D5/FytvKZoz++NiJe24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:54 2024 by rpki-client on console-ams.rpki-client.org