Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAVGrt3AzmfJd82wZ73KIHRH7V8.roa
File: MAVGrt3AzmfJd82wZ73KIHRH7V8.roa (raw, json)
Hash identifier: 7Fu262G7njJZBuaNgsQxzNopOjmCfJ5ndwvlNXu4Mc0=
Subject key identifier: 30:05:46:AE:DD:C0:CE:67:C9:77:CD:B0:67:BD:CA:20:74:47:ED:5F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018827F95B769BB486FBF5C29270C538D595
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAVGrt3AzmfJd82wZ73KIHRH7V8.roa
Signing time: Wed 17 May 2023 04:30:33 +0000
ROA not before: Wed 17 May 2023 04:30:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 194.87.73.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:27:f9:5b:76:9b:b4:86:fb:f5:c2:92:70:c5:38:d5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 17 04:30:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=300546aeddc0ce67c977cdb067bdca207447ed5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:30:3c:8c:1d:cb:67:24:c6:b4:a7:a4:00:6c:
0b:c1:41:d7:07:07:67:3f:ef:d8:ed:ac:e1:6c:f1:
8c:1f:19:e3:67:f9:f2:5b:20:a9:8e:7c:38:e8:54:
df:1c:c0:9e:21:1b:25:99:f9:33:eb:f9:ed:31:a4:
66:07:7a:69:ed:c7:af:dd:cb:14:9b:ca:6e:b7:22:
36:98:f0:0e:ce:1d:b1:38:f3:ca:04:59:41:14:63:
99:f5:61:18:e9:bf:41:39:0d:77:bd:83:69:bf:63:
78:7a:7b:ac:e0:cf:7e:68:a4:31:0e:14:c3:9e:ca:
4e:6a:de:50:b7:ed:ab:8c:1c:55:38:f9:6b:a6:59:
df:a4:cd:1c:7d:50:63:3c:82:bd:b4:96:2f:f2:1d:
8e:72:d6:84:00:cb:3f:c8:fc:8d:12:09:40:9b:9e:
f1:cb:7e:01:14:92:17:af:46:64:46:45:ae:fe:4e:
4d:3b:71:e5:3d:7a:8e:15:3a:ed:21:89:ce:cf:42:
e3:6b:37:96:aa:3b:bd:f4:ab:41:6e:ad:fc:0f:68:
ce:fd:9a:d2:e3:3e:72:fd:ae:e2:09:55:57:c8:4a:
65:a5:9c:ed:e2:40:ec:21:7a:cf:b1:49:04:78:27:
2d:b5:74:ed:8b:70:3e:e8:25:2c:ee:45:e4:86:96:
ba:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:05:46:AE:DD:C0:CE:67:C9:77:CD:B0:67:BD:CA:20:74:47:ED:5F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MAVGrt3AzmfJd82wZ73KIHRH7V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.73.0/24
194.87.90.0/24
194.87.198.0/24
212.193.0.0/23
Signature Algorithm: sha256WithRSAEncryption
88:cb:92:af:b1:fc:8f:bf:af:d6:c3:e9:f3:66:57:92:49:51:
f4:9c:60:44:a1:65:a8:0b:0f:64:6f:f9:f1:49:c6:4c:7a:42:
fd:94:fa:01:94:53:a4:56:5d:31:fc:57:61:81:7b:0c:ef:08:
68:41:b8:93:30:f7:93:fe:a4:b3:32:b0:47:e4:61:80:1d:9b:
a5:c5:6d:e7:8f:c2:e6:3d:52:8e:aa:2c:b3:47:62:7e:d2:9d:
18:a8:19:8d:f4:0d:8a:a0:c6:f3:b7:2c:b9:7c:0e:cc:14:c0:
66:45:94:c7:75:25:8c:f7:38:d0:c1:81:ec:81:35:c7:b9:4c:
3c:6d:73:35:84:ec:70:fa:30:67:1b:04:2b:48:d5:3a:5d:aa:
9c:c5:69:bc:36:1d:7e:c0:44:3f:5e:82:81:8e:df:9a:3b:a1:
21:c6:70:5f:e7:99:de:fe:51:66:6e:48:6c:14:23:aa:37:1a:
49:92:82:04:81:73:fd:cf:39:39:3b:6f:14:7b:cb:10:19:58:
27:6b:6e:f2:25:7b:07:09:56:a6:12:cb:3a:ae:39:86:4a:e3:
75:78:c4:70:28:72:08:19:63:0a:e3:4b:3f:c3:90:dc:9e:2d:
02:16:80:24:41:31:58:6d:aa:93:a0:f8:92:11:d1:9b:d4:fb:
21:d3:ba:01
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYgn+Vt2m7SG+/XCknDFONWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNTE3MDQzMDMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDA1NDZhZWRkYzBjZTY3Yzk3N2NkYjA2N2JkY2EyMDc0NDdlZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijA8jB3LZyTGtKekAGwLwUHXBwdn
P+/Y7azhbPGMHxnjZ/nyWyCpjnw46FTfHMCeIRslmfkz6/ntMaRmB3pp7cev3csU
m8putyI2mPAOzh2xOPPKBFlBFGOZ9WEY6b9BOQ13vYNpv2N4enus4M9+aKQxDhTD
nspOat5Qt+2rjBxVOPlrplnfpM0cfVBjPIK9tJYv8h2OctaEAMs/yPyNEglAm57x
y34BFJIXr0ZkRkWu/k5NO3HlPXqOFTrtIYnOz0LjazeWqju99KtBbq38D2jO/ZrS
4z5y/a7iCVVXyEplpZzt4kDsIXrPsUkEeCcttXTti3A+6CUs7kXkhpa6HwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDAFRq7dwM5nyXfNsGe9yiB0R+1fMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUFWR3J0M0F6bWZKZDgyd1o3M0tJSFJIN1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwldJAwQA
wldaAwQAwlfGAwQB1MEAMA0GCSqGSIb3DQEBCwUAA4IBAQCIy5KvsfyPv6/Ww+nz
ZleSSVH0nGBEoWWoCw9kb/nxScZMekL9lPoBlFOkVl0x/FdhgXsM7whoQbiTMPeT
/qSzMrBH5GGAHZulxW3nj8LmPVKOqiyzR2J+0p0YqBmN9A2KoMbztyy5fA7MFMBm
RZTHdSWM9zjQwYHsgTXHuUw8bXM1hOxw+jBnGwQrSNU6XaqcxWm8Nh1+wEQ/XoKB
jt+aO6EhxnBf55ne/lFmbkhsFCOqNxpJkoIEgXP9zzk5O28Ue8sQGVgna27yJXsH
CVamEss6rjmGSuN1eMRwKHIIGWMK40s/w5Dcni0CFoAkQTFYbaqToPiSEdGb1Psh
07oB
-----END CERTIFICATE-----
Generated at Sun Sep 17 08:57:10 2023 by rpki-client on console-ams.rpki-client.org