Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MKY14YKD7RVJU0nlIp1pCsI3aUI.roa
File: MKY14YKD7RVJU0nlIp1pCsI3aUI.roa (raw, json)
Hash identifier: Y5u9TIPfatUtZIdOc3ULD8sHt5QMOhP7eeaa3jYw6SQ=
Subject key identifier: 30:A6:35:E1:82:83:ED:15:49:53:49:E5:22:9D:69:0A:C2:37:69:42
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018F72203ACF96F50CFC36C89DADAE2DA4C9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MKY14YKD7RVJU0nlIp1pCsI3aUI.roa
Signing time: Mon 13 May 2024 13:24:25 +0000
ROA not before: Mon 13 May 2024 13:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 194.87.1.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 13:10:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:20:3a:cf:96:f5:0c:fc:36:c8:9d:ad:ae:2d:a4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 13 13:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30a635e18283ed15495349e5229d690ac2376942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b8:44:64:60:07:f2:2c:25:50:e1:45:e7:61:
92:a5:54:39:9e:92:e6:9f:d0:18:c7:3d:64:1b:39:
86:de:79:f5:e5:7a:52:7c:b5:84:c6:e8:7b:29:d6:
11:5a:44:07:d9:14:e6:6d:f1:3e:96:af:39:28:eb:
c4:64:9a:dd:78:9e:94:e4:30:ba:10:01:df:73:45:
13:3b:93:b3:64:b9:50:8c:ef:ea:7a:4b:c9:15:ba:
27:86:88:09:71:45:f0:69:a9:3b:2a:a0:76:8b:d5:
14:90:7d:0f:fc:b5:db:45:1d:9e:c6:53:2f:2e:97:
2d:f2:3c:0f:0c:3f:76:71:68:e8:d8:26:8c:62:ae:
64:e8:1b:79:77:72:01:01:7e:75:4c:c0:f9:84:de:
f7:9a:f1:88:95:44:d0:56:61:a3:0d:94:21:3f:34:
a4:91:e7:2b:da:64:40:94:ed:44:81:dd:67:cf:87:
82:e5:c0:1f:d7:ec:a3:88:55:2e:00:2c:60:8e:91:
4b:c8:de:31:b3:58:f9:95:16:fb:09:f4:a7:26:25:
75:d4:f1:bd:1f:82:5e:6f:c2:32:42:23:f5:13:26:
00:cc:ab:05:70:7e:d8:a6:0d:e1:c7:54:94:fc:5c:
1f:5b:5f:61:d3:73:45:2e:2f:8d:cf:56:30:21:66:
f2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A6:35:E1:82:83:ED:15:49:53:49:E5:22:9D:69:0A:C2:37:69:42
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MKY14YKD7RVJU0nlIp1pCsI3aUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.1.0/24
194.87.122.0/24
194.87.179.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:45:57:d2:44:cf:96:d1:50:de:4f:6d:56:4c:fc:18:f7:13:
11:a1:3a:00:c0:36:8c:75:e0:de:32:e5:7d:c4:67:d3:dc:ad:
0a:76:a0:01:a7:d9:bb:25:45:20:0b:ce:90:f2:9a:e8:b7:86:
f2:87:6e:bc:ee:6b:b4:a7:6f:c0:e3:42:ee:6a:24:4f:e3:ee:
28:01:46:6c:18:c9:91:ce:f0:04:b9:bd:6f:6d:38:e6:9f:9f:
bf:04:82:f2:e3:f7:e5:6f:7d:9d:06:5e:76:b9:48:43:8b:b0:
4d:2d:e2:e5:0a:90:4b:6a:c9:8d:f3:ee:af:40:9a:99:f7:ef:
f5:36:d9:b4:c8:97:82:f4:0a:24:cd:0d:53:9e:e1:a1:39:61:
51:5b:5c:91:44:f2:57:19:6e:2e:a3:b9:7c:0f:a3:20:70:49:
86:23:ee:87:03:c7:17:e6:f6:ba:56:03:32:7f:f9:bb:e5:39:
c6:cb:4c:5f:ab:24:5c:f7:b5:68:8d:87:71:90:a1:52:d6:fa:
ad:2c:4b:36:50:8e:0a:33:19:e4:58:1c:5d:28:5f:ce:df:99:
e0:57:89:fc:a0:20:12:f7:cc:94:f2:20:a4:d0:d7:c3:9d:ad:
18:8f:83:a2:73:a6:3a:40:2d:32:76:32:f7:00:57:81:f2:f4:
a4:2a:4c:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY9yIDrPlvUM/DbIna2uLaTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNTEzMTMyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE2MzVlMTgyODNlZDE1NDk1MzQ5ZTUyMjlkNjkwYWMyMzc2OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLhEZGAH8iwlUOFF52GSpVQ5npLm
n9AYxz1kGzmG3nn15XpSfLWExuh7KdYRWkQH2RTmbfE+lq85KOvEZJrdeJ6U5DC6
EAHfc0UTO5OzZLlQjO/qekvJFbonhogJcUXwaak7KqB2i9UUkH0P/LXbRR2exlMv
Lpct8jwPDD92cWjo2CaMYq5k6Bt5d3IBAX51TMD5hN73mvGIlUTQVmGjDZQhPzSk
kecr2mRAlO1Egd1nz4eC5cAf1+yjiFUuACxgjpFLyN4xs1j5lRb7CfSnJiV11PG9
H4Jeb8IyQiP1EyYAzKsFcH7Ypg3hx1SU/FwfW19h03NFLi+Nz1YwIWby5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDCmNeGCg+0VSVNJ5SKdaQrCN2lCMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTUtZMTRZS0Q3UlZKVTBubElwMXBDc0kzYVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcBAwQA
wld6AwQAwlezMA0GCSqGSIb3DQEBCwUAA4IBAQAKRVfSRM+W0VDeT21WTPwY9xMR
oToAwDaMdeDeMuV9xGfT3K0KdqABp9m7JUUgC86Q8prot4byh2687mu0p2/A40Lu
aiRP4+4oAUZsGMmRzvAEub1vbTjmn5+/BILy4/flb32dBl52uUhDi7BNLeLlCpBL
asmN8+6vQJqZ9+/1Ntm0yJeC9AokzQ1TnuGhOWFRW1yRRPJXGW4uo7l8D6MgcEmG
I+6HA8cX5va6VgMyf/m75TnGy0xfqyRc97VojYdxkKFS1vqtLEs2UI4KMxnkWBxd
KF/O35ngV4n8oCAS98yU8iCk0NfDna0Yj4Oic6Y6QC0ydjL3AFeB8vSkKkwb
-----END CERTIFICATE-----
Generated at Fri Jul 12 15:20:15 2024 by rpki-client on console-ams.rpki-client.org