Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MNG1cy44IG9p_GiYHHBcTYsr8lc.roa
File: MNG1cy44IG9p_GiYHHBcTYsr8lc.roa (raw, json)
Hash identifier: fh6MLXuCI6XONKxwYvOO9CzGB7+iQsWrWMu492NCvBo=
Subject key identifier: 30:D1:B5:73:2E:38:20:6F:69:FC:68:98:1C:70:5C:4D:8B:2B:F2:57
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7E128FABF5E1ADFF8ECFD0EB0A5D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MNG1cy44IG9p_GiYHHBcTYsr8lc.roa
Signing time: Tue 02 Jan 2024 12:33:51 +0000
ROA not before: Tue 02 Jan 2024 12:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 195.133.84.0/24 maxlen: 24
194.87.224.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.141.0/24 maxlen: 24
212.192.208.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
194.87.168.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
195.58.54.0/24 maxlen: 24
195.58.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jan 2024 11:08:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7e:12:8f:ab:f5:e1:ad:ff:8e:cf:d0:eb:0a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d1b5732e38206f69fc68981c705c4d8b2bf257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0e:17:c0:4e:07:c3:ce:bf:34:a2:55:ac:8d:
d8:c0:4d:a6:82:56:7b:8f:9d:f7:c3:da:af:d9:47:
73:df:a3:29:3a:ea:2a:a7:61:f7:10:5e:89:ea:9d:
2f:e8:df:ba:69:4b:30:a4:79:16:81:b1:65:55:87:
79:b7:a5:ab:d7:86:a1:f0:4b:79:6e:36:f6:5a:bd:
79:5e:28:20:27:66:32:50:39:b8:f2:51:83:75:5d:
73:e7:4e:94:bd:54:12:14:59:d1:2a:d1:ad:be:ca:
9d:2e:fb:5e:43:15:5f:48:2c:79:87:60:11:27:6b:
b2:2a:28:b6:72:95:81:e7:3b:32:6a:e7:07:92:86:
1d:ef:b8:21:6e:44:6c:8e:dc:f7:75:9e:64:7a:83:
a9:6c:de:62:b8:d4:7b:a6:75:d2:46:72:94:19:59:
d8:5c:55:d4:64:ed:89:59:67:34:be:52:c2:c9:84:
91:e5:48:8d:f2:3a:58:b0:02:2e:d2:4d:40:3f:49:
27:7a:71:01:42:f9:c6:51:60:95:d2:14:6a:e5:a5:
75:72:4e:fb:6a:de:25:2b:33:e8:1d:99:46:18:9b:
d3:7a:4b:2c:9f:56:53:7a:12:53:fc:c1:bb:98:55:
c4:a2:39:2a:88:80:b0:8c:41:d8:e9:b4:c6:01:40:
5b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D1:B5:73:2E:38:20:6F:69:FC:68:98:1C:70:5C:4D:8B:2B:F2:57
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/MNG1cy44IG9p_GiYHHBcTYsr8lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.141.0/24
194.87.168.0/24
194.87.170.0/24
194.87.224.0/24
194.87.229.0/24
195.58.54.0/24
195.58.63.0/24
195.133.84.0/24
212.192.1.0/24
212.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5e:08:c3:e0:86:7a:7c:2e:b3:89:6b:70:6f:99:5d:fd:2a:
2d:a2:30:53:59:1b:17:f6:1c:ec:24:8e:e1:7e:c3:16:a2:c5:
46:37:c3:6a:4c:38:62:48:6b:2e:7b:cd:fc:11:25:e4:ba:a7:
29:40:75:33:26:ee:fb:31:35:58:13:96:b3:e2:2f:d9:ce:aa:
8b:5d:8e:26:70:d9:fb:45:dd:fa:50:db:bc:b8:66:4f:54:48:
57:d0:b7:db:59:d1:99:61:9d:38:25:a8:7c:ad:2e:8b:ef:ac:
0d:7c:9a:16:2d:b2:ed:fe:d4:fa:c7:6b:bc:25:5d:2d:9c:28:
d6:c6:b9:bd:73:e8:f6:08:55:ac:31:84:b3:3c:5b:5d:22:66:
c1:84:39:c5:a8:e5:bd:53:49:81:3e:77:1e:bc:9e:49:06:90:
1e:3a:13:b0:6c:c3:f8:e6:a5:2d:54:c8:c1:fc:a6:65:e0:39:
d4:98:17:fc:99:2c:a6:89:f7:75:dd:e7:a7:0d:b9:8b:33:b9:
d2:8c:49:67:ee:4e:1a:66:5e:e1:19:60:1f:83:20:f0:89:75:
27:bf:cb:32:1c:1d:60:85:a0:a4:2b:60:52:ba:53:a4:f3:b8:
90:65:a3:f9:2c:63:76:ac:69:a2:70:50:5e:2e:cd:be:00:a1:
36:82:93:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzKKn4Sj6v14a3/js/Q6wpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQxYjU3MzJlMzgyMDZmNjlmYzY4OTgxYzcwNWM0ZDhiMmJmMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw4XwE4Hw86/NKJVrI3YwE2mglZ7
j533w9qv2Udz36MpOuoqp2H3EF6J6p0v6N+6aUswpHkWgbFlVYd5t6Wr14ah8Et5
bjb2Wr15XiggJ2YyUDm48lGDdV1z506UvVQSFFnRKtGtvsqdLvteQxVfSCx5h2AR
J2uyKii2cpWB5zsyaucHkoYd77ghbkRsjtz3dZ5keoOpbN5iuNR7pnXSRnKUGVnY
XFXUZO2JWWc0vlLCyYSR5UiN8jpYsAIu0k1AP0knenEBQvnGUWCV0hRq5aV1ck77
at4lKzPoHZlGGJvTekssn1ZTehJT/MG7mFXEojkqiICwjEHY6bTGAUBb1QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDDRtXMuOCBvafxomBxwXE2LK/JXMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTU5HMWN5NDRJRzlwX0dpWUhIQmNUWXNyOGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAwleNAwQA
wleoAwQAwleqAwQAwlfgAwQAwlflAwQAwzo2AwQAwzo/AwQAw4VUAwQA1MABAwQA
1MDQMA0GCSqGSIb3DQEBCwUAA4IBAQBAXgjD4IZ6fC6ziWtwb5ld/SotojBTWRsX
9hzsJI7hfsMWosVGN8NqTDhiSGsue838ESXkuqcpQHUzJu77MTVYE5az4i/ZzqqL
XY4mcNn7Rd36UNu8uGZPVEhX0LfbWdGZYZ04Jah8rS6L76wNfJoWLbLt/tT6x2u8
JV0tnCjWxrm9c+j2CFWsMYSzPFtdImbBhDnFqOW9U0mBPncevJ5JBpAeOhOwbMP4
5qUtVMjB/KZl4DnUmBf8mSymifd13eenDbmLM7nSjEln7k4aZl7hGWAfgyDwiXUn
v8syHB1ghaCkK2BSulOk87iQZaP5LGN2rGmicFBeLs2+AKE2gpNc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:14 2024 by rpki-client on console-fra.rpki-client.org