Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MBTtEg1P1CUMhO480ObANCCJKFo.roa
File: MBTtEg1P1CUMhO480ObANCCJKFo.roa (raw, json)
Hash identifier: liFuEivYivydG/5dtNBmpaNDA/DBkaS65t2XxJ3mir0=
Subject key identifier: 30:14:ED:12:0D:4F:D4:25:0C:84:EE:3C:D0:E6:C0:34:20:89:28:5A
Certificate issuer: /CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Certificate serial: 018CC2DB2C002411BB101C87F67C4DBE4B6D
Authority key identifier: 30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MBTtEg1P1CUMhO480ObANCCJKFo.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58128
IP address blocks: 185.155.205.0/24 maxlen: 24
185.155.204.0/24 maxlen: 24
185.155.206.0/24 maxlen: 24
185.186.182.0/24 maxlen: 24
185.186.181.0/24 maxlen: 24
185.186.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Mar 2024 11:03:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:2c:00:24:11:bb:10:1c:87:f6:7c:4d:be:4b:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3014ed120d4fd4250c84ee3cd0e6c0342089285a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8f:b6:a5:85:f1:dd:63:cc:15:0a:fd:c0:7a:
bd:fa:b6:34:2d:16:f6:20:3a:01:8a:25:c5:d1:da:
71:26:df:28:41:1c:41:57:99:a9:89:73:8a:b0:82:
c2:2c:ea:dc:8e:1a:b1:3c:76:ac:49:b7:9e:c5:6d:
b7:ed:82:89:39:b4:c7:45:22:6e:44:9f:0c:87:8d:
d8:5c:36:26:b2:d6:b3:d1:75:1d:0f:82:a8:a8:1d:
7c:b1:80:9b:88:36:bd:1d:91:5f:14:0b:5f:03:28:
ce:c5:cc:79:7f:58:c0:50:4d:37:b6:91:5f:09:60:
80:27:7e:a5:6d:66:39:b0:e8:de:81:c2:19:9a:82:
28:0d:6e:d5:7a:e4:c9:b1:95:47:b5:24:c0:80:48:
88:c5:0a:07:1e:70:a8:0c:46:4c:eb:94:69:57:ea:
1b:4f:c5:0c:73:a5:e2:d3:c4:2c:ef:68:5e:97:50:
42:f2:10:3b:06:94:99:50:5e:b1:bb:ac:c5:20:09:
f2:fe:be:1a:8b:a7:e5:28:dc:bb:2a:8b:92:06:bd:
8c:62:c5:89:50:44:5c:52:a2:5e:15:18:b2:4c:ae:
2f:a1:7c:f5:35:65:ce:4d:85:e6:a3:8c:de:ef:08:
4a:d4:b8:18:80:c6:b0:0b:2e:41:43:fd:e3:1e:6c:
ea:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:14:ED:12:0D:4F:D4:25:0C:84:EE:3C:D0:E6:C0:34:20:89:28:5A
X509v3 Authority Key Identifier:
keyid:30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MBTtEg1P1CUMhO480ObANCCJKFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MG1hg1W9iTf3W7RlC7XBr3D5oS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.204.0-185.155.206.255
185.186.180.0-185.186.182.255
Signature Algorithm: sha256WithRSAEncryption
3b:00:fe:ca:a5:0a:f2:d7:b4:fa:a6:d4:68:ab:cd:c7:7a:9d:
9a:bd:bd:11:e7:b5:ea:51:4c:98:60:5c:37:8b:4a:29:ef:9c:
6b:31:c3:79:40:89:bb:67:de:c1:4f:ae:65:f7:f9:ec:72:f3:
3f:f4:a3:ac:20:2a:eb:b3:61:93:f5:93:ff:7b:68:f2:92:bf:
65:8b:c5:48:43:5e:e7:2e:da:62:99:13:c2:80:a7:c8:c6:21:
4c:da:d4:a3:7c:87:98:d3:93:b4:98:42:08:3a:94:a2:e9:ea:
04:d8:7b:32:76:4e:e8:dc:a9:52:ca:c4:54:62:5c:c5:2c:c1:
10:c9:b1:b6:3c:6f:6f:f9:2e:6c:09:79:49:9c:14:83:31:f1:
46:2e:37:6d:42:37:6d:e4:91:b6:f0:3e:a6:13:56:a0:cc:13:
0d:58:c0:26:55:ec:48:e3:23:84:57:d3:f5:38:eb:0d:c9:2e:
db:60:16:b2:96:87:f0:f9:1f:ad:f5:8d:d3:1c:7e:41:5c:e0:
c3:0f:69:fa:01:de:06:2d:b8:38:59:a4:a9:95:5a:63:7d:c7:
1c:11:35:9a:63:84:bf:43:f6:2f:d0:aa:f4:a2:ef:9f:1e:a0:
8f:2e:c8:d9:8c:ca:a8:c1:29:19:87:3a:2f:4d:bc:d2:ca:04:
4c:8a:94:30
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzC2ywAJBG7EByH9nxNvkttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNmQ2MTgzNTViZDg5MzdmNzViYjQ2NTBiYjVjMWFmNzBm
OWExMmUwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDE0ZWQxMjBkNGZkNDI1MGM4NGVlM2NkMGU2YzAzNDIwODkyODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhY+2pYXx3WPMFQr9wHq9+rY0LRb2
IDoBiiXF0dpxJt8oQRxBV5mpiXOKsILCLOrcjhqxPHasSbeexW237YKJObTHRSJu
RJ8Mh43YXDYmstaz0XUdD4KoqB18sYCbiDa9HZFfFAtfAyjOxcx5f1jAUE03tpFf
CWCAJ36lbWY5sOjegcIZmoIoDW7VeuTJsZVHtSTAgEiIxQoHHnCoDEZM65RpV+ob
T8UMc6Xi08Qs72hel1BC8hA7BpSZUF6xu6zFIAny/r4ai6flKNy7KouSBr2MYsWJ
UERcUqJeFRiyTK4voXz1NWXOTYXmo4ze7whK1LgYgMawCy5BQ/3jHmzqlQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFDAU7RINT9QlDITuPNDmwDQgiShaMB8GA1UdIwQY
MBaAFDBtYYNVvYk391u0ZQu1wa9w+aEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2Ut
NTE2ZmZkODczNzZjLzEvTUJUdEVnMVAxQ1VNaE80ODBPYkFOQ0NKS0ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi8zY2RlOWItMzcwNS00ZGMzLThkN2UtNTE2ZmZkODczNzZj
LzEvTUcxaGcxVzlpVGYzVzdSbEM3WEJyM0Q1b1M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAK5m8wD
BAC5m84wDAMEArm6tAMEALm6tjANBgkqhkiG9w0BAQsFAAOCAQEAOwD+yqUK8te0
+qbUaKvNx3qdmr29Eee16lFMmGBcN4tKKe+cazHDeUCJu2fewU+uZff57HLzP/Sj
rCAq67Nhk/WT/3to8pK/ZYvFSENe5y7aYpkTwoCnyMYhTNrUo3yHmNOTtJhCCDqU
ounqBNh7MnZO6NypUsrEVGJcxSzBEMmxtjxvb/kubAl5SZwUgzHxRi43bUI3beSR
tvA+phNWoMwTDVjAJlXsSOMjhFfT9TjrDcku22AWspaH8PkfrfWN0xx+QVzgww9p
+gHeBi24OFmkqZVaY33HHBE1mmOEv0P2L9Cq9KLvnx6gjy7I2YzKqMEpGYc6L028
0soETIqUMA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:45 2025 by rpki-client