Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRGxvMkXb5kzUbkLfo_9Wf-Ge0A.roa
File: MRGxvMkXb5kzUbkLfo_9Wf-Ge0A.roa (raw, json)
Hash identifier: psQX1uACe3qsHUulXrRTyuRTM8FiAWtPGl++b4e3Anw=
Subject key identifier: 31:11:B1:BC:C9:17:6F:99:33:51:B9:0B:7E:8F:FD:59:FF:86:7B:40
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0189FD7C3B95157084F11E2411308BB6565F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRGxvMkXb5kzUbkLfo_9Wf-Ge0A.roa
Signing time: Wed 16 Aug 2023 08:35:24 +0000
ROA not before: Wed 16 Aug 2023 08:35:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 109.72.127.0/24 maxlen: 24
89.185.1.0/24 maxlen: 24
81.22.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Aug 2023 05:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fd:7c:3b:95:15:70:84:f1:1e:24:11:30:8b:b6:56:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 16 08:35:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3111b1bcc9176f993351b90b7e8ffd59ff867b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:86:97:b8:e5:5b:58:a0:a2:48:46:fb:84:f5:
28:e4:70:47:49:d4:93:99:68:bd:f4:fd:c6:48:8c:
22:f3:7e:38:5b:b3:6b:e0:97:cf:2c:46:79:12:96:
99:ca:dd:ba:8b:9f:2b:c5:f8:21:09:57:51:86:f3:
37:14:70:7d:84:b7:08:00:7e:e8:da:73:22:e2:2a:
05:20:d0:6c:fa:10:ad:22:5e:4c:08:ee:6b:66:77:
3e:c4:1b:d4:dd:53:6f:32:a6:67:bb:35:b5:8b:a7:
6e:69:f7:6a:3e:11:8a:d3:ff:21:22:66:df:9b:12:
11:a4:80:1d:f1:a4:c3:c4:4b:83:23:56:95:76:0f:
c9:d5:01:0f:9b:73:74:85:6b:54:e0:9b:11:9f:47:
af:dc:b7:cc:7d:1e:3d:db:36:6b:47:62:e8:a9:9e:
11:d0:3a:30:e5:64:69:a8:bc:2d:36:63:46:c2:70:
20:e6:3a:02:89:75:dc:71:a8:ff:00:d0:f8:4a:e7:
8a:a2:22:f2:7d:19:23:33:1d:47:ab:b8:57:bf:00:
fa:ea:3b:12:85:35:25:df:cc:bf:7d:1a:bd:14:e0:
24:95:01:74:40:28:d7:d0:99:4d:d7:38:66:67:bb:
82:82:fc:e0:2c:fa:83:5b:20:e4:36:dc:35:d4:ab:
6a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:11:B1:BC:C9:17:6F:99:33:51:B9:0B:7E:8F:FD:59:FF:86:7B:40
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/MRGxvMkXb5kzUbkLfo_9Wf-Ge0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/24
89.185.1.0/24
109.72.127.0/24
Signature Algorithm: sha256WithRSAEncryption
75:49:b8:38:ff:31:f7:be:39:a9:80:45:8e:3e:86:9f:e8:36:
66:13:2b:47:68:40:c5:fa:56:26:aa:21:3b:26:9a:de:da:fa:
5f:d9:6e:5b:82:0e:29:2c:04:bd:b7:7e:6f:5b:71:dd:3a:dd:
ca:46:75:30:92:3e:58:d0:a0:0c:c1:0f:a3:e8:4e:06:09:d1:
bf:c1:6d:d9:47:28:31:df:3c:f1:0e:ae:33:86:2f:c1:a9:f8:
5e:f6:fd:15:f7:fd:af:95:dc:8f:80:c0:8b:5e:86:94:26:7b:
c6:d9:36:ed:f5:5c:97:b7:54:24:f4:fe:df:3c:fe:77:e5:30:
7d:01:2f:2b:ae:a7:fa:bf:6f:ef:96:79:17:56:4f:0a:ab:e2:
e8:0c:6d:e6:15:f6:1a:81:f9:a5:87:9b:ff:dd:e7:8d:d3:42:
09:80:30:68:bc:12:77:ef:4c:4c:9d:7f:60:69:dc:a5:69:68:
7e:50:81:1e:23:b6:ff:a8:1e:93:07:18:1a:54:c9:2a:95:5f:
43:5d:bf:f3:88:9f:f7:60:c3:20:1a:51:85:0a:17:84:e5:af:
dd:09:d6:11:08:9e:08:2a:11:46:f9:91:1f:93:ed:f7:17:65:
56:0b:76:1f:86:c6:7c:f0:87:b4:c6:41:4a:ee:c5:6a:f4:fb:
8f:7e:e2:37
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn9fDuVFXCE8R4kETCLtlZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjMwODE2MDgzNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTExYjFiY2M5MTc2Zjk5MzM1MWI5MGI3ZThmZmQ1OWZmODY3YjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4aXuOVbWKCiSEb7hPUo5HBHSdST
mWi99P3GSIwi8344W7Nr4JfPLEZ5EpaZyt26i58rxfghCVdRhvM3FHB9hLcIAH7o
2nMi4ioFINBs+hCtIl5MCO5rZnc+xBvU3VNvMqZnuzW1i6duafdqPhGK0/8hImbf
mxIRpIAd8aTDxEuDI1aVdg/J1QEPm3N0hWtU4JsRn0ev3LfMfR492zZrR2LoqZ4R
0Dow5WRpqLwtNmNGwnAg5joCiXXccaj/AND4SueKoiLyfRkjMx1Hq7hXvwD66jsS
hTUl38y/fRq9FOAklQF0QCjX0JlN1zhmZ7uCgvzgLPqDWyDkNtw11KtqbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDERsbzJF2+ZM1G5C36P/Vn/hntAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvTVJHeHZNa1hiNWt6VWJrTGZvXzlXZi1HZTBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaAAwQA
WbkBAwQAbUh/MA0GCSqGSIb3DQEBCwUAA4IBAQB1Sbg4/zH3vjmpgEWOPoaf6DZm
EytHaEDF+lYmqiE7Jpre2vpf2W5bgg4pLAS9t35vW3HdOt3KRnUwkj5Y0KAMwQ+j
6E4GCdG/wW3ZRygx3zzxDq4zhi/Bqfhe9v0V9/2vldyPgMCLXoaUJnvG2Tbt9VyX
t1Qk9P7fPP535TB9AS8rrqf6v2/vlnkXVk8Kq+LoDG3mFfYagfmlh5v/3eeN00IJ
gDBovBJ370xMnX9gadylaWh+UIEeI7b/qB6TBxgaVMkqlV9DXb/ziJ/3YMMgGlGF
CheE5a/dCdYRCJ4IKhFG+ZEfk+33F2VWC3YfhsZ88Ie0xkFK7sVq9PuPfuI3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org