Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/MoHaW0IibhCSbqRagdCZVXBxJxw.roa
File: MoHaW0IibhCSbqRagdCZVXBxJxw.roa (raw, json)
Hash identifier: EEt6FIv3RWPL1uszOyKM7p4SyUgD5h6uKZcwNSUw384=
Subject key identifier: 32:81:DA:5B:42:22:6E:10:92:6E:A4:5A:81:D0:99:55:70:71:27:1C
Certificate issuer: /CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Certificate serial: 018CC56E6874FDC340E1CB243D13A7A45C07
Authority key identifier: 54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/MoHaW0IibhCSbqRagdCZVXBxJxw.roa
Signing time: Mon 01 Jan 2024 14:29:56 +0000
ROA not before: Mon 01 Jan 2024 14:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201684
IP address blocks: 193.203.254.0/24 maxlen: 24
87.121.168.0/24 maxlen: 24
87.121.169.0/24 maxlen: 24
87.121.170.0/24 maxlen: 24
87.121.171.0/24 maxlen: 24
87.121.172.0/24 maxlen: 24
185.64.24.0/24 maxlen: 24
185.64.25.0/24 maxlen: 24
185.64.26.0/24 maxlen: 24
185.64.27.0/24 maxlen: 24
87.121.173.0/24 maxlen: 24
87.121.174.0/24 maxlen: 24
87.121.175.0/24 maxlen: 24
2a03:11a0:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:49:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:68:74:fd:c3:40:e1:cb:24:3d:13:a7:a4:5c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54a31ab033cfd2dee6852fa9d8bf5a4a0e352414
Validity
Not Before: Jan 1 14:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3281da5b42226e10926ea45a81d099557071271c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:44:5f:68:bb:80:a7:d3:85:91:41:9e:9d:c5:
70:79:52:17:ec:e7:86:47:a6:d9:90:48:1a:c7:7e:
a6:90:21:a3:32:24:2e:06:de:3a:94:39:4b:fa:d6:
e7:4b:de:9e:a0:9a:e1:5f:91:9a:3a:a7:ce:9b:68:
bd:28:9b:e7:78:34:55:4c:13:0d:71:8f:b4:46:1d:
79:26:6e:35:cc:6a:5f:76:2f:96:c2:34:28:1d:fb:
fe:53:29:4f:8f:14:42:b2:d2:8a:f3:69:f6:7a:2f:
c6:49:7b:ad:c2:75:d8:3c:aa:09:e3:ad:a3:b7:a4:
c6:14:ae:de:45:e3:02:41:bf:9c:37:d4:fe:1e:05:
ea:e3:3f:e6:3a:4c:28:4d:e1:f4:dd:11:18:0d:9c:
16:c3:91:55:4a:e6:aa:e4:3c:80:c2:df:f3:5a:01:
8d:2d:5c:3a:5c:30:7e:91:b6:9f:79:c3:b7:f8:39:
a9:08:05:ce:84:2c:ee:6d:6b:cc:b8:c5:4b:cc:dc:
22:59:32:9f:b4:5d:22:34:82:51:81:2b:04:83:24:
70:c1:02:a9:b2:c5:82:8e:7d:b8:7d:29:6d:60:97:
1c:41:21:48:12:7c:21:fc:7e:4a:99:2a:bb:e9:ac:
ff:7e:b6:6b:d4:c4:c2:ba:1e:4e:29:71:01:54:bb:
30:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:81:DA:5B:42:22:6E:10:92:6E:A4:5A:81:D0:99:55:70:71:27:1C
X509v3 Authority Key Identifier:
keyid:54:A3:1A:B0:33:CF:D2:DE:E6:85:2F:A9:D8:BF:5A:4A:0E:35:24:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VKMasDPP0t7mhS-p2L9aSg41JBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/MoHaW0IibhCSbqRagdCZVXBxJxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/080361-1bbe-4763-800b-619c26194168/1/VKMasDPP0t7mhS-p2L9aSg41JBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.168.0/21
185.64.24.0/22
193.203.254.0/24
IPv6:
2a03:11a0:1::/48
Signature Algorithm: sha256WithRSAEncryption
44:a6:56:28:01:35:b7:80:8e:cf:e2:6d:ed:d5:f7:34:cd:81:
5f:f2:df:55:63:8a:86:aa:bd:bc:04:5c:c1:4a:75:68:44:5a:
31:7f:49:b5:78:3a:7c:55:00:bc:1f:d5:48:ac:ea:0b:c9:18:
3f:0c:7c:e9:75:0f:39:88:37:f1:9c:9a:ba:90:df:63:c6:b7:
66:5d:e1:f8:f4:e5:8d:14:64:aa:9f:da:1e:f6:42:30:73:20:
01:17:64:90:63:5b:bd:03:09:7f:b1:fe:d2:b2:62:41:16:25:
1a:f6:03:c2:c6:61:2f:9f:77:98:86:9b:84:bd:69:21:87:c6:
08:5d:01:e9:5f:92:1e:bc:62:b8:b3:0b:ca:85:33:e9:ec:f6:
65:c0:a4:e4:50:95:cc:fc:9e:3e:0e:7c:00:c0:3c:53:07:1c:
ac:0a:f6:68:3c:12:6b:56:54:47:9c:80:e3:70:1f:f3:f5:05:
da:6f:f6:7b:0a:96:9d:97:73:c2:92:a8:dd:e5:86:09:8f:1a:
44:fb:6c:fe:5c:18:a5:ac:a5:0e:68:3e:4d:3c:04:76:b1:1d:
d1:3a:4e:55:d0:aa:92:9b:e3:e8:80:5d:05:ed:a4:c0:53:cb:
dd:fa:31:e4:7d:bc:35:4c:02:5c:b6:8e:41:2a:03:13:46:9c:
63:12:66:40
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbmh0/cNA4cskPROnpFwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YTMxYWIwMzNjZmQyZGVlNjg1MmZhOWQ4YmY1YTRhMGUz
NTI0MTQwHhcNMjQwMTAxMTQyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgxZGE1YjQyMjI2ZTEwOTI2ZWE0NWE4MWQwOTk1NTcwNzEyNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvURfaLuAp9OFkUGencVweVIX7OeG
R6bZkEgax36mkCGjMiQuBt46lDlL+tbnS96eoJrhX5GaOqfOm2i9KJvneDRVTBMN
cY+0Rh15Jm41zGpfdi+WwjQoHfv+UylPjxRCstKK82n2ei/GSXutwnXYPKoJ462j
t6TGFK7eReMCQb+cN9T+HgXq4z/mOkwoTeH03REYDZwWw5FVSuaq5DyAwt/zWgGN
LVw6XDB+kbafecO3+DmpCAXOhCzubWvMuMVLzNwiWTKftF0iNIJRgSsEgyRwwQKp
ssWCjn24fSltYJccQSFIEnwh/H5KmSq76az/frZr1MTCuh5OKXEBVLswtwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDKB2ltCIm4Qkm6kWoHQmVVwcSccMB8GA1UdIwQY
MBaAFFSjGrAzz9Le5oUvqdi/WkoONSQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGIt
NjE5YzI2MTk0MTY4LzEvTW9IYVcwSWliaENTYnFSYWdkQ1pWWEJ4Snh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wODAzNjEtMWJiZS00NzYzLTgwMGItNjE5YzI2MTk0MTY4
LzEvVktNYXNEUFAwdDdtaFMtcDJMOWFTZzQxSkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDV3moAwQC
uUAYAwQAwcv+MA8EAgACMAkDBwAqAxGgAAEwDQYJKoZIhvcNAQELBQADggEBAESm
VigBNbeAjs/ibe3V9zTNgV/y31VjioaqvbwEXMFKdWhEWjF/SbV4OnxVALwf1Uis
6gvJGD8MfOl1DzmIN/GcmrqQ32PGt2Zd4fj05Y0UZKqf2h72QjBzIAEXZJBjW70D
CX+x/tKyYkEWJRr2A8LGYS+fd5iGm4S9aSGHxghdAelfkh68YrizC8qFM+ns9mXA
pORQlcz8nj4OfADAPFMHHKwK9mg8EmtWVEecgONwH/P1Bdpv9nsKlp2Xc8KSqN3l
hgmPGkT7bP5cGKWspQ5oPk08BHaxHdE6TlXQqpKb4+iAXQXtpMBTy936MeR9vDVM
Aly2jkEqAxNGnGMSZkA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:28:38 2025 by rpki-client