Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MBWUqTpghtMKB1BiYQGx4lTzMDA.roa
File: MBWUqTpghtMKB1BiYQGx4lTzMDA.roa (raw, json)
Hash identifier: i+UjUy76DK8lZzamX7Su1GXpsJNqP6JEyQRgg4O6Iww=
Subject key identifier: 30:15:94:A9:3A:60:86:D3:0A:07:50:62:61:01:B1:E2:54:F3:30:30
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018D78A97A5E573BC0838FA636CA470D891A
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MBWUqTpghtMKB1BiYQGx4lTzMDA.roa
Signing time: Mon 05 Feb 2024 09:46:29 +0000
ROA not before: Mon 05 Feb 2024 09:46:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 193.124.5.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.95.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
193.124.207.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.81.0/24 maxlen: 24
194.87.149.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
194.87.172.0/24 maxlen: 24
194.87.201.0/24 maxlen: 24
194.135.18.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.60.0/24 maxlen: 24
195.133.2.0/24 maxlen: 24
195.133.25.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
195.133.192.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.193.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 06:10:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:78:a9:7a:5e:57:3b:c0:83:8f:a6:36:ca:47:0d:89:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Feb 5 09:46:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=301594a93a6086d30a0750626101b1e254f33030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:28:68:2e:de:7d:3c:fc:fe:bc:38:8a:e3:4a:
61:c1:21:ca:17:33:75:93:82:98:7e:53:b6:e4:1b:
88:1c:5e:3b:97:4a:27:d2:e9:4e:f1:54:cd:0b:b8:
96:dd:f9:5e:8c:89:a7:b8:2e:37:bd:cc:0a:96:4e:
e0:6b:ac:1d:82:9d:bc:64:75:e8:eb:47:f0:b6:f1:
45:1a:c2:5c:2f:2d:95:b0:3a:6d:7d:51:07:d0:28:
4a:31:5b:f3:7d:d3:38:26:3d:fd:2a:5c:a8:51:bf:
6c:14:b0:da:f9:fa:a9:3f:29:9d:34:1b:35:84:84:
4c:90:3f:04:19:9e:a1:00:3a:2c:eb:a6:df:e5:65:
42:0b:c9:40:d2:82:63:bf:16:60:78:eb:8c:22:28:
58:ce:94:5a:6d:65:4d:d0:0d:b6:43:2b:34:5c:fb:
b5:44:48:19:09:c4:a0:7b:f3:7a:db:c0:c1:25:96:
60:77:ab:6f:1e:e8:f9:7a:12:be:68:a8:7b:2c:92:
3e:a5:db:5a:19:d2:52:4f:85:b5:f3:6c:3c:cd:f4:
11:1f:55:8c:8c:37:99:fd:34:6e:60:b8:af:27:ae:
10:a4:74:d7:36:ea:53:fe:d3:7a:5a:08:9d:6c:0e:
d9:3b:4d:09:e3:55:b7:34:d4:b3:75:3f:b7:b0:cd:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:15:94:A9:3A:60:86:D3:0A:07:50:62:61:01:B1:E2:54:F3:30:30
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MBWUqTpghtMKB1BiYQGx4lTzMDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
193.124.7.0/24
193.124.95.0/24
193.124.200.0/24
193.124.202.0/24
193.124.207.0/24
194.87.22.0/24
194.87.32.0/24
194.87.81.0/24
194.87.149.0/24
194.87.170.0/24
194.87.172.0/24
194.87.201.0/24
194.135.18.0/24
195.58.54.0/24
195.58.60.0/24
195.133.2.0/24
195.133.25.0/24
195.133.72.0/24
195.133.85.0/24
195.133.192.0/24
212.192.1.0/24
212.193.13.0/24
Signature Algorithm: sha256WithRSAEncryption
58:0d:4f:5a:8d:07:d2:e1:e1:ba:64:e0:08:ee:06:b4:b0:00:
a0:bc:d2:fb:a4:5d:10:91:65:83:3e:9f:b3:21:d0:5d:a3:02:
fa:69:32:cc:3f:4a:57:90:21:7b:b0:9e:3c:89:33:96:ad:3d:
b3:c4:ee:f0:70:4a:21:fa:91:98:a8:54:90:6f:3f:5f:93:1c:
21:0d:57:e3:c6:8a:46:b6:54:70:67:61:d3:97:00:1e:15:9a:
07:f7:fe:2d:33:7a:e6:7f:cf:b7:22:4a:bd:ee:6c:98:c1:82:
f1:dc:53:09:40:e9:01:d6:d7:42:f4:cf:05:92:dd:8d:7f:1f:
34:51:b2:40:03:cb:7d:35:c7:26:ff:13:c0:ae:17:ea:c5:88:
08:db:8c:a1:5a:21:92:da:7b:35:a6:9d:b1:77:ef:a5:e5:53:
72:c7:5e:cd:57:8b:56:08:11:13:cc:b8:f2:f4:35:b5:b4:d7:
4c:b5:11:65:b7:1d:ed:0a:78:bf:a3:20:ae:ba:60:1b:cf:00:
36:64:31:68:33:ae:4b:8b:fc:48:cd:16:79:d6:6a:bd:27:db:
79:4c:ce:fe:12:d3:1d:ce:2a:f1:0a:dd:36:37:75:3f:50:a8:
41:93:2d:bd:6b:c8:55:10:47:94:a1:f9:f7:27:fa:72:64:15:
14:45:77:93
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY14qXpeVzvAg4+mNspHDYkaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMjA1MDk0NjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE1OTRhOTNhNjA4NmQzMGEwNzUwNjI2MTAxYjFlMjU0ZjMzMDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiChoLt59PPz+vDiK40phwSHKFzN1
k4KYflO25BuIHF47l0on0ulO8VTNC7iW3flejImnuC43vcwKlk7ga6wdgp28ZHXo
60fwtvFFGsJcLy2VsDptfVEH0ChKMVvzfdM4Jj39KlyoUb9sFLDa+fqpPymdNBs1
hIRMkD8EGZ6hADos66bf5WVCC8lA0oJjvxZgeOuMIihYzpRabWVN0A22Qys0XPu1
REgZCcSge/N628DBJZZgd6tvHuj5ehK+aKh7LJI+pdtaGdJST4W182w8zfQRH1WM
jDeZ/TRuYLivJ64QpHTXNupT/tN6WgidbA7ZO00J41W3NNSzdT+3sM0ViQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFDAVlKk6YIbTCgdQYmEBseJU8zAwMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUJXVXFUcGdodE1LQjFCaVlRR3g0bFR6TURBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBADB
fAUDBADBfAcDBADBfF8DBADBfMgDBADBfMoDBADBfM8DBADCVxYDBADCVyADBADC
V1EDBADCV5UDBADCV6oDBADCV6wDBADCV8kDBADChxIDBADDOjYDBADDOjwDBADD
hQIDBADDhRkDBADDhUgDBADDhVUDBADDhcADBADUwAEDBADUwQ0wDQYJKoZIhvcN
AQELBQADggEBAFgNT1qNB9Lh4bpk4AjuBrSwAKC80vukXRCRZYM+n7Mh0F2jAvpp
Msw/SleQIXuwnjyJM5atPbPE7vBwSiH6kZioVJBvP1+THCENV+PGika2VHBnYdOX
AB4Vmgf3/i0zeuZ/z7ciSr3ubJjBgvHcUwlA6QHW10L0zwWS3Y1/HzRRskADy301
xyb/E8CuF+rFiAjbjKFaIZLaezWmnbF376XlU3LHXs1Xi1YIERPMuPL0NbW010y1
EWW3He0KeL+jIK66YBvPADZkMWgzrkuL/EjNFnnWar0n23lMzv4S0x3OKvEK3TY3
dT9QqEGTLb1ryFUQR5Sh+fcn+nJkFRRFd5M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org