Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMYdQVg_yLiR0P2QoY3brhgUtxo.roa
File: MMYdQVg_yLiR0P2QoY3brhgUtxo.roa (raw, json)
Hash identifier: S+1QUcv9z5TZkHoG1nvYY2PkmjIlZGy1Dz2sD4T+pVs=
Subject key identifier: 30:C6:1D:41:58:3F:C8:B8:91:D0:FD:90:A1:8D:DB:AE:18:14:B7:1A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F2AE77597838AB52FDB7649CA80B3783E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMYdQVg_yLiR0P2QoY3brhgUtxo.roa
Signing time: Mon 29 Apr 2024 17:29:22 +0000
ROA not before: Mon 29 Apr 2024 17:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 79.110.49.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
194.31.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 May 2024 14:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:e7:75:97:83:8a:b5:2f:db:76:49:ca:80:b3:78:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 29 17:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30c61d41583fc8b891d0fd90a18ddbae1814b71a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:da:37:b9:50:19:0e:47:90:3a:43:d6:cd:a6:
81:52:82:fc:ad:39:24:7a:c4:79:4b:e0:70:bf:90:
0b:99:f2:0c:76:e7:32:c8:2d:b1:7a:db:3f:58:51:
c4:94:46:58:64:a3:72:0d:7c:5d:0a:e9:1c:ca:cc:
b9:e8:5e:ea:0a:fe:63:cb:4e:64:dc:3b:a7:5c:71:
fd:bc:1b:fb:20:0e:e0:86:27:5f:a3:c8:54:d6:20:
65:4f:df:c0:89:a6:59:e6:65:3a:78:55:ad:20:d8:
b8:c8:08:58:9a:00:0e:30:0b:76:58:76:01:e7:30:
02:0b:f4:8d:c3:0b:29:24:8e:ed:1c:1a:5e:7e:68:
8c:31:c6:ca:07:9d:66:6c:ea:b0:7a:72:d9:42:40:
4c:63:3d:ba:12:3f:9a:ac:a4:46:e9:2b:b5:3c:f3:
c3:b3:31:06:bc:48:8a:aa:5f:77:d1:4f:bd:19:82:
e6:40:d8:51:09:aa:92:c3:6d:4d:11:47:dc:08:ff:
37:7a:fa:6e:c0:b0:ea:59:6f:3d:43:5d:3f:e1:41:
ac:a2:57:8a:b6:94:cd:b3:45:64:9e:c7:be:11:d4:
44:24:67:fc:51:34:a0:3a:d1:12:02:50:2e:7c:a0:
bb:0d:63:fd:a8:44:79:0b:57:7e:33:1f:34:c2:99:
ff:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C6:1D:41:58:3F:C8:B8:91:D0:FD:90:A1:8D:DB:AE:18:14:B7:1A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MMYdQVg_yLiR0P2QoY3brhgUtxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.49.0/24
87.120.93.0/24
194.31.205.0/24
Signature Algorithm: sha256WithRSAEncryption
89:43:6a:f8:29:57:73:03:8d:dc:a9:25:4b:48:f1:fc:e7:53:
bd:ac:d9:79:7f:09:6e:0e:d3:2c:f4:00:c8:dd:c6:3d:1a:18:
2d:dd:e4:32:57:ac:55:2b:43:93:18:87:6b:cf:53:23:68:5d:
19:eb:da:f5:b6:38:65:22:2a:07:3b:1d:7c:b9:6f:57:34:45:
f7:37:66:9e:d5:4d:b2:3f:5d:6e:91:b3:b3:b8:af:77:71:65:
be:c8:f1:4f:56:57:16:90:7b:a2:bf:48:9e:52:6e:c1:e2:8f:
a3:5d:dc:12:26:52:4a:d4:7e:76:ec:84:b1:94:48:6f:f5:20:
7e:0f:b5:3d:b1:33:fb:c6:ec:16:e1:ec:d4:a1:2d:ab:c4:01:
2a:b5:be:3b:c3:11:49:05:05:3d:35:84:ca:82:bb:00:24:6e:
94:03:1c:16:67:39:43:b3:d1:e6:1b:86:a0:e2:5e:9e:dc:88:
71:b6:a3:00:ab:10:74:c5:5e:af:04:97:24:6b:7c:0b:ed:1c:
b9:b6:79:e8:3f:a5:d2:9f:29:93:41:91:ec:86:eb:d1:d1:09:
2c:f3:16:f6:e6:dd:2d:18:ee:4f:51:46:25:64:70:bd:7e:8e:
9f:9b:c8:2d:5b:00:4b:a5:ba:a8:7f:5e:36:d6:37:c5:2a:46:
ef:9a:0a:97
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8q53WXg4q1L9t2ScqAs3g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDI5MTcyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM2MWQ0MTU4M2ZjOGI4OTFkMGZkOTBhMThkZGJhZTE4MTRiNzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2No3uVAZDkeQOkPWzaaBUoL8rTkk
esR5S+Bwv5ALmfIMducyyC2xets/WFHElEZYZKNyDXxdCukcysy56F7qCv5jy05k
3DunXHH9vBv7IA7ghidfo8hU1iBlT9/AiaZZ5mU6eFWtINi4yAhYmgAOMAt2WHYB
5zACC/SNwwspJI7tHBpefmiMMcbKB51mbOqwenLZQkBMYz26Ej+arKRG6Su1PPPD
szEGvEiKql930U+9GYLmQNhRCaqSw21NEUfcCP83evpuwLDqWW89Q10/4UGsoleK
tpTNs0Vknse+EdREJGf8UTSgOtESAlAufKC7DWP9qER5C1d+Mx80wpn/NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDDGHUFYP8i4kdD9kKGN264YFLcaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTU1ZZFFWZ195TGlSMFAyUW9ZM2JyaGdVdHhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT24xAwQA
V3hdAwQAwh/NMA0GCSqGSIb3DQEBCwUAA4IBAQCJQ2r4KVdzA43cqSVLSPH851O9
rNl5fwluDtMs9ADI3cY9Ghgt3eQyV6xVK0OTGIdrz1MjaF0Z69r1tjhlIioHOx18
uW9XNEX3N2ae1U2yP11ukbOzuK93cWW+yPFPVlcWkHuiv0ieUm7B4o+jXdwSJlJK
1H527ISxlEhv9SB+D7U9sTP7xuwW4ezUoS2rxAEqtb47wxFJBQU9NYTKgrsAJG6U
AxwWZzlDs9HmG4ag4l6e3IhxtqMAqxB0xV6vBJcka3wL7Ry5tnnoP6XSnymTQZHs
huvR0Qks8xb25t0tGO5PUUYlZHC9fo6fm8gtWwBLpbqof1421jfFKkbvmgqX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:31 2024 by rpki-client on console-ams.rpki-client.org