Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mhkjdv_pu8IhjBx2qCeETrULwiY.roa
File: mhkjdv_pu8IhjBx2qCeETrULwiY.roa (raw, json)
Hash identifier: sEoVUl9XN9XPK3yzlbpg22xap/o5EfrS+5RlNs3dI2Q=
Subject key identifier: 9A:19:23:76:FF:E9:BB:C2:21:8C:1C:76:A8:27:84:4E:B5:0B:C2:26
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A7E9E053E6131266EDB4F342F9290
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mhkjdv_pu8IhjBx2qCeETrULwiY.roa
Signing time: Tue 02 Jan 2024 12:33:51 +0000
ROA not before: Tue 02 Jan 2024 12:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147287
IP address blocks: 195.133.78.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
195.133.37.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 Feb 2024 12:18:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:7e:9e:05:3e:61:31:26:6e:db:4f:34:2f:92:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a192376ffe9bbc2218c1c76a827844eb50bc226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7a:a4:85:c5:84:56:c4:28:03:45:af:9e:68:
2d:56:0d:51:97:63:2b:98:39:25:7c:fe:32:33:60:
30:04:9e:8b:3a:b2:8c:02:98:56:31:7a:ff:e1:13:
72:91:64:a0:cc:b3:de:31:99:d8:3c:33:99:db:1d:
97:0c:23:17:68:c3:4e:66:d8:61:26:dd:0e:8d:75:
7e:9c:ed:b1:33:73:4d:f0:c9:11:e1:43:3f:ea:9d:
c2:a4:a5:fc:b8:01:94:b7:9d:52:66:2a:80:54:15:
14:96:81:c0:fd:cd:b5:2a:70:03:b7:d5:f3:ab:c5:
29:90:22:96:5b:65:fe:02:32:a1:b1:83:52:cf:49:
05:8e:cc:c1:ae:ea:9a:8b:56:3c:10:32:62:e4:ca:
48:bc:02:98:e9:33:13:56:c8:ea:a2:81:a1:f3:7e:
98:55:ff:c3:c3:92:25:10:02:a1:dc:59:b1:e8:7e:
ba:78:46:9f:94:92:3f:af:d1:08:80:ac:a0:ef:9b:
ea:61:44:f7:f3:ee:e2:ba:d9:93:05:85:7c:c9:c5:
07:2c:87:64:1d:80:38:1f:3e:49:7c:f9:f7:79:5f:
de:3e:b3:59:bf:55:a2:3a:ef:aa:2a:37:3e:27:a8:
4e:f4:1c:64:8b:3c:1c:1a:a7:35:1c:d2:d0:9a:40:
59:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:19:23:76:FF:E9:BB:C2:21:8C:1C:76:A8:27:84:4E:B5:0B:C2:26
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/mhkjdv_pu8IhjBx2qCeETrULwiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.142.0/24
195.133.37.0/24
195.133.78.0/24
Signature Algorithm: sha256WithRSAEncryption
54:91:bf:39:63:57:b6:f8:dd:a3:cf:b5:2b:b5:23:8b:37:de:
1b:6e:1b:14:58:9e:64:2a:32:4e:da:40:c5:24:3c:05:df:1b:
b8:05:1b:c1:83:21:d0:78:ee:f3:9f:83:92:3b:40:27:8a:59:
35:95:3d:3b:73:5b:aa:eb:7d:73:67:ea:c3:98:d5:43:e1:94:
01:7a:17:44:70:be:28:af:bf:07:1e:0b:dd:d6:77:36:31:60:
82:e8:ef:c1:92:b8:b0:fd:d7:cb:dd:74:e9:92:0b:22:e4:1e:
cc:ec:b9:f1:af:63:28:ec:e1:f8:0c:8a:83:11:07:73:0c:a3:
86:35:64:11:14:0a:aa:72:87:63:2b:9e:1e:8b:da:90:a4:45:
cf:82:ff:fc:77:69:92:1c:fc:78:80:7f:2d:09:4b:af:9a:0f:
07:73:e0:99:cd:07:3d:c5:3c:99:b7:19:6d:2f:16:6d:bb:8c:
db:b3:8e:dd:8a:ce:99:c8:5d:6b:25:25:0e:c6:fd:24:5a:7b:
25:34:f0:77:08:94:fe:72:f9:dd:11:2e:6f:fe:6a:9a:84:38:
30:0f:05:ec:e9:62:10:d4:cb:3c:92:f3:71:53:d8:ca:18:5b:
fa:f1:ef:36:28:6f:f7:65:93:64:08:5f:16:23:f2:03:a4:9d:
76:aa:75:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKn6eBT5hMSZu2080L5KQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE5MjM3NmZmZTliYmMyMjE4YzFjNzZhODI3ODQ0ZWI1MGJjMjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnqkhcWEVsQoA0WvnmgtVg1Rl2Mr
mDklfP4yM2AwBJ6LOrKMAphWMXr/4RNykWSgzLPeMZnYPDOZ2x2XDCMXaMNOZthh
Jt0OjXV+nO2xM3NN8MkR4UM/6p3CpKX8uAGUt51SZiqAVBUUloHA/c21KnADt9Xz
q8UpkCKWW2X+AjKhsYNSz0kFjszBruqai1Y8EDJi5MpIvAKY6TMTVsjqooGh836Y
Vf/Dw5IlEAKh3Fmx6H66eEaflJI/r9EIgKyg75vqYUT38+7iutmTBYV8ycUHLIdk
HYA4Hz5JfPn3eV/ePrNZv1WiOu+qKjc+J6hO9BxkizwcGqc1HNLQmkBZ4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJoZI3b/6bvCIYwcdqgnhE61C8ImMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbWhramR2X3B1OEloakJ4MnFDZUVUclVMd2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwleOAwQA
w4UlAwQAw4VOMA0GCSqGSIb3DQEBCwUAA4IBAQBUkb85Y1e2+N2jz7UrtSOLN94b
bhsUWJ5kKjJO2kDFJDwF3xu4BRvBgyHQeO7zn4OSO0Anilk1lT07c1uq631zZ+rD
mNVD4ZQBehdEcL4or78HHgvd1nc2MWCC6O/Bkriw/dfL3XTpkgsi5B7M7Lnxr2Mo
7OH4DIqDEQdzDKOGNWQRFAqqcodjK54ei9qQpEXPgv/8d2mSHPx4gH8tCUuvmg8H
c+CZzQc9xTyZtxltLxZtu4zbs47dis6ZyF1rJSUOxv0kWnslNPB3CJT+cvndES5v
/mqahDgwDwXs6WIQ1Ms8kvNxU9jKGFv68e82KG/3ZZNkCF8WI/IDpJ12qnUQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org