Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/muho3dRG_lGdS7v5QZxokbiBkao.roa
File: muho3dRG_lGdS7v5QZxokbiBkao.roa (raw, json)
Hash identifier: NkaBxRV3mhaiId2oU88vT4hLj0TdIEug1Ii43bfJ9qE=
Subject key identifier: 9A:E8:68:DD:D4:46:FE:51:9D:4B:BB:F9:41:9C:68:91:B8:81:91:AA
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0185EDAD32256A56C958C12BEDE27C3BB6BD
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/muho3dRG_lGdS7v5QZxokbiBkao.roa
Signing time: Thu 26 Jan 2023 10:43:48 +0000
ROA not before: Thu 26 Jan 2023 10:43:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203639
IP address blocks: 194.87.204.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
194.87.208.0/24 maxlen: 24
194.87.226.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
195.133.15.0/24 maxlen: 24
195.58.38.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Mar 2023 13:18:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ed:ad:32:25:6a:56:c9:58:c1:2b:ed:e2:7c:3b:b6:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 26 10:43:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ae868ddd446fe519d4bbbf9419c6891b88191aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ba:ee:b4:63:70:d8:e5:40:04:00:3b:2e:23:
f5:b3:7a:db:cf:59:26:b8:34:29:b0:0a:9a:a8:a4:
e2:95:be:ca:10:44:4d:e8:26:53:08:91:5d:de:39:
f0:46:e4:6a:f2:e0:cc:3a:34:53:7c:81:62:22:a1:
30:f9:60:f0:4c:bb:23:e9:04:71:3a:c2:e1:ea:27:
71:41:50:1d:86:cc:1a:c8:fb:d0:51:87:af:37:30:
11:ab:d1:29:93:e5:a7:2d:e0:78:42:8c:94:fe:76:
9d:32:13:59:6f:b5:89:b7:e7:ae:8d:fc:ed:02:85:
03:49:09:5e:1a:40:81:e5:8b:9f:91:92:0b:06:2e:
90:20:01:1c:ef:f4:60:31:1c:9b:46:31:ee:da:1a:
4d:36:12:ac:f0:fc:cd:50:3d:a4:8f:2e:12:28:fa:
80:73:0a:9d:35:d4:b1:83:b5:e9:c8:00:a9:1b:4f:
16:77:c0:3f:4e:91:28:d0:31:d9:03:1a:79:05:83:
20:a7:58:ba:ee:66:82:e8:f5:3e:aa:93:88:bd:91:
fb:c1:2f:f3:dc:bc:90:ad:80:b2:70:73:92:7c:7b:
9a:10:6e:3c:bd:51:5f:ac:cc:1b:16:aa:71:44:5c:
4b:e7:ea:2a:95:16:8f:45:b3:42:14:36:dc:a9:d8:
9c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:E8:68:DD:D4:46:FE:51:9D:4B:BB:F9:41:9C:68:91:B8:81:91:AA
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/muho3dRG_lGdS7v5QZxokbiBkao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.190.0/24
193.124.202.0/24
194.87.204.0/24
194.87.208.0/24
194.87.226.0/24
194.87.231.0/24
195.58.38.0/24
195.133.15.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
27:82:57:6c:b7:85:2d:56:24:b5:3f:96:6f:6e:21:ae:e4:44:
be:4c:16:cf:a1:73:51:81:49:dd:9f:0f:3c:6e:c8:dc:2b:b9:
28:2f:7a:91:41:6b:b5:51:8f:73:bb:c2:b2:c4:f7:f8:e1:03:
1b:9e:a3:7f:f2:1b:5d:49:fa:ff:c8:4f:ba:5e:a9:a3:11:c5:
e1:11:2a:01:a0:79:86:03:ee:5e:53:9b:ff:38:07:e7:44:5b:
bf:98:46:11:db:e7:a3:1b:d7:2f:b5:03:29:ce:04:67:5a:74:
68:ef:6d:03:39:52:5a:3a:db:d2:46:43:d3:42:22:7a:d1:14:
30:4d:f3:e4:81:c9:06:5a:1a:1e:6a:01:73:a9:42:1f:ee:64:
f5:02:ce:49:db:9f:37:67:64:d9:a5:7b:17:21:59:95:14:64:
02:e8:80:df:cd:1f:7f:ed:ca:70:6c:69:6c:87:4a:4c:f2:c9:
43:d1:af:96:85:92:80:e3:6b:f3:d0:1e:16:9d:18:35:d5:62:
f7:18:c8:6d:7a:99:dd:dc:d5:50:16:a2:67:0a:d1:98:df:c8:
c8:75:d1:78:c0:f3:bd:e4:cc:c9:23:12:a9:e4:62:f3:ed:1a:
d2:58:db:5a:5b:72:ab:6b:45:d3:14:bf:47:72:e7:52:19:41:
b8:a0:1f:ac
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYXtrTIlalbJWMEr7eJ8O7a9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTI2MTA0MzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWU4NjhkZGQ0NDZmZTUxOWQ0YmJiZjk0MTljNjg5MWI4ODE5MWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLrutGNw2OVABAA7LiP1s3rbz1km
uDQpsAqaqKTilb7KEERN6CZTCJFd3jnwRuRq8uDMOjRTfIFiIqEw+WDwTLsj6QRx
OsLh6idxQVAdhswayPvQUYevNzARq9Epk+WnLeB4QoyU/nadMhNZb7WJt+eujfzt
AoUDSQleGkCB5YufkZILBi6QIAEc7/RgMRybRjHu2hpNNhKs8PzNUD2kjy4SKPqA
cwqdNdSxg7XpyACpG08Wd8A/TpEo0DHZAxp5BYMgp1i67maC6PU+qpOIvZH7wS/z
3LyQrYCycHOSfHuaEG48vVFfrMwbFqpxRFxL5+oqlRaPRbNCFDbcqdicsQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJroaN3URv5RnUu7+UGcaJG4gZGqMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbXVobzNkUkdfbEdkUzd2NVFaeG9rYmlCa2FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAwHy+AwQA
wXzKAwQAwlfMAwQAwlfQAwQAwlfiAwQAwlfnAwQAwzomAwQAw4UPAwQA1MEOMA0G
CSqGSIb3DQEBCwUAA4IBAQAngldst4UtViS1P5ZvbiGu5ES+TBbPoXNRgUndnw88
bsjcK7koL3qRQWu1UY9zu8KyxPf44QMbnqN/8htdSfr/yE+6XqmjEcXhESoBoHmG
A+5eU5v/OAfnRFu/mEYR2+ejG9cvtQMpzgRnWnRo720DOVJaOtvSRkPTQiJ60RQw
TfPkgckGWhoeagFzqUIf7mT1As5J2583Z2TZpXsXIVmVFGQC6IDfzR9/7cpwbGls
h0pM8slD0a+WhZKA42vz0B4WnRg11WL3GMhtepnd3NVQFqJnCtGY38jIddF4wPO9
5MzJIxKp5GLz7RrSWNtaW3Kra0XTFL9HcudSGUG4oB+s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:26 2024 by rpki-client on console-fra.rpki-client.org