Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Mklge3dypj65F-MaqKB7PrynNYs.roa
File: Mklge3dypj65F-MaqKB7PrynNYs.roa (raw, json)
Hash identifier: NgQRxzeXrOrmnomhm53Gfh/PHitC6yf6TTrPoD2KPW4=
Subject key identifier: 32:49:60:7B:77:72:A6:3E:B9:17:E3:1A:A8:A0:7B:3E:BC:A7:35:8B
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 01927A93FD9C4BA7461783C82A1A9643CF2B
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Mklge3dypj65F-MaqKB7PrynNYs.roa
Signing time: Fri 11 Oct 2024 07:56:11 +0000
ROA not before: Fri 11 Oct 2024 07:56:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 109.104.133.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Nov 2024 13:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:93:fd:9c:4b:a7:46:17:83:c8:2a:1a:96:43:cf:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Oct 11 07:56:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3249607b7772a63eb917e31aa8a07b3ebca7358b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f1:bf:e9:5b:11:15:c7:93:5f:15:0c:dd:d3:
3c:2c:26:47:ec:4a:37:3c:f8:c1:92:17:0d:ca:3d:
37:69:7a:74:e5:86:2c:e4:53:66:3d:b5:fe:7d:66:
20:b0:7c:37:13:76:e8:51:fd:4a:00:b1:14:54:4b:
26:cf:b0:a0:22:56:72:9b:3f:af:2a:85:7b:5e:11:
05:54:db:3e:9a:51:74:a0:c5:70:be:82:68:8a:5d:
6e:c1:be:dd:a6:04:12:29:7e:b4:f0:98:38:be:4c:
8e:22:cc:1c:26:67:94:8a:96:e1:65:30:4a:c3:39:
d9:2d:45:b8:e3:47:15:ac:73:8c:7f:c1:0f:28:ac:
08:84:d0:0f:2f:ab:b4:c1:39:d3:94:c5:f5:d2:92:
30:97:65:81:72:d6:fa:be:e2:07:e3:f6:b5:24:1a:
74:e2:cb:6b:39:47:42:a0:a3:8a:ce:fd:66:dc:65:
5f:85:3f:2c:46:64:c1:df:f4:0f:35:b4:e0:18:85:
6b:ff:5b:f5:09:3b:4b:e6:69:36:ed:00:ae:64:08:
83:51:c4:2f:27:47:e3:15:ed:a4:2f:55:45:72:63:
93:64:1d:54:39:14:5a:9f:4f:57:2d:43:19:73:9e:
83:df:35:24:b3:ea:0f:13:b9:1b:50:09:22:39:d9:
70:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:49:60:7B:77:72:A6:3E:B9:17:E3:1A:A8:A0:7B:3E:BC:A7:35:8B
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/Mklge3dypj65F-MaqKB7PrynNYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.133.0/24
185.233.127.0/24
Signature Algorithm: sha256WithRSAEncryption
84:18:f3:89:c2:ac:8e:95:33:73:22:e0:e4:b2:d2:f8:08:a2:
6f:77:ab:27:29:75:3d:8d:2d:5d:c2:b8:b4:be:e3:4f:b7:af:
49:a9:00:f0:ee:80:27:d9:a0:5f:e2:e4:1f:db:5b:13:c4:ba:
44:bf:6f:dd:e0:0a:45:0e:47:d5:95:36:aa:e3:1a:09:88:51:
db:de:12:26:25:a6:c0:6f:cd:89:1a:e5:96:09:75:b1:1b:41:
91:03:e7:ad:c0:32:f1:64:9f:90:f7:72:f8:18:f8:18:0a:e9:
e9:14:91:bb:bd:13:e0:42:a7:c9:fe:8a:01:19:8f:aa:30:42:
f9:db:c3:bb:16:47:3d:18:cf:73:55:00:ab:df:05:d6:e0:5d:
51:40:eb:f0:27:c3:da:64:8a:a5:3f:b1:1c:64:f3:8d:d2:7d:
d1:d5:e4:56:b3:78:47:e2:ee:1d:6e:db:81:63:39:c6:d2:64:
df:d3:21:02:34:c2:4f:a5:f6:53:e7:8b:5d:49:6d:49:50:84:
8a:5e:e6:b4:b8:23:3c:90:6e:f7:7b:21:fc:73:e7:a3:15:b7:
9c:d3:ee:e2:02:19:dc:e0:c7:6f:9f:79:c6:9d:da:ae:22:24:
22:41:2e:0d:af:d9:61:94:60:59:a4:5e:dd:b2:8e:08:89:44:
16:e0:d6:58
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJ6k/2cS6dGF4PIKhqWQ88rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjQxMDExMDc1NjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ5NjA3Yjc3NzJhNjNlYjkxN2UzMWFhOGEwN2IzZWJjYTczNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/G/6VsRFceTXxUM3dM8LCZH7Eo3
PPjBkhcNyj03aXp05YYs5FNmPbX+fWYgsHw3E3boUf1KALEUVEsmz7CgIlZymz+v
KoV7XhEFVNs+mlF0oMVwvoJoil1uwb7dpgQSKX608Jg4vkyOIswcJmeUipbhZTBK
wznZLUW440cVrHOMf8EPKKwIhNAPL6u0wTnTlMX10pIwl2WBctb6vuIH4/a1JBp0
4strOUdCoKOKzv1m3GVfhT8sRmTB3/QPNbTgGIVr/1v1CTtL5mk27QCuZAiDUcQv
J0fjFe2kL1VFcmOTZB1UORRan09XLUMZc56D3zUks+oPE7kbUAkiOdlwBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDJJYHt3cqY+uRfjGqigez68pzWLMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvTWtsZ2UzZHlwajY1Ri1NYXFLQjdQcnluTllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbWiFAwQA
uel/MA0GCSqGSIb3DQEBCwUAA4IBAQCEGPOJwqyOlTNzIuDkstL4CKJvd6snKXU9
jS1dwri0vuNPt69JqQDw7oAn2aBf4uQf21sTxLpEv2/d4ApFDkfVlTaq4xoJiFHb
3hImJabAb82JGuWWCXWxG0GRA+etwDLxZJ+Q93L4GPgYCunpFJG7vRPgQqfJ/ooB
GY+qMEL528O7Fkc9GM9zVQCr3wXW4F1RQOvwJ8PaZIqlP7EcZPON0n3R1eRWs3hH
4u4dbtuBYznG0mTf0yECNMJPpfZT54tdSW1JUISKXua0uCM8kG73eyH8c+ejFbec
0+7iAhnc4Mdvn3nGndquIiQiQS4Nr9lhlGBZpF7dso4IiUQW4NZY
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:26 2025 by rpki-client