Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MTCvbb1KZXQqUNphdwYUaD0KnMc.roa
File: MTCvbb1KZXQqUNphdwYUaD0KnMc.roa (raw, json)
Hash identifier: 19jeqOU8mh3eXK+W8XO0H6AEBy6iZ/Q2BuoNKXX5DAQ=
Subject key identifier: 31:30:AF:6D:BD:4A:65:74:2A:50:DA:61:77:06:14:68:3D:0A:9C:C7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DD57BC52384071AE5BD7A252625647A90
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MTCvbb1KZXQqUNphdwYUaD0KnMc.roa
Signing time: Fri 23 Feb 2024 10:21:14 +0000
ROA not before: Fri 23 Feb 2024 10:21:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.84.89.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.173.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 08:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d5:7b:c5:23:84:07:1a:e5:bd:7a:25:26:25:64:7a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 23 10:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3130af6dbd4a65742a50da61770614683d0a9cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a8:b0:7f:7f:78:a9:93:3c:74:8f:32:b0:89:
ce:d2:cd:ca:a0:a5:28:b3:f2:f1:2e:8f:d6:cd:71:
81:eb:d2:f4:1d:64:5b:67:a2:af:40:05:e9:b9:db:
52:42:ed:fb:78:30:ef:63:c9:46:ae:af:d8:ca:81:
e4:7a:bb:e6:7d:da:52:d8:0c:00:d6:0b:5f:f0:42:
03:8c:bb:c8:27:bc:61:29:6a:ce:b8:3c:e3:06:bf:
ed:33:ff:39:c8:7e:43:f9:95:65:6c:aa:94:66:49:
33:bb:ee:89:e9:c6:ad:94:90:c2:1d:71:c7:85:2b:
96:0a:d1:d2:e3:f7:c6:13:62:e9:f0:84:28:3c:e1:
da:40:1f:4b:1e:0e:85:3d:06:2a:25:1f:d8:7f:5a:
40:72:d6:c7:0c:f7:de:73:08:9b:75:66:2c:9e:13:
17:c0:aa:ad:24:0e:17:0b:9a:a2:94:d6:11:df:88:
51:91:e0:ab:98:46:5c:1f:bd:51:24:d9:1c:42:ae:
6d:69:6d:fc:5f:ff:e6:25:51:de:bf:ff:1d:6f:ee:
6a:40:41:e4:c6:c9:a4:3b:3b:a8:14:ad:c1:03:e1:
14:3a:a0:27:d1:56:22:a0:95:6f:85:36:d8:17:2e:
2f:ff:69:10:19:93:50:b7:b9:e6:ba:7d:44:92:d6:
fd:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:30:AF:6D:BD:4A:65:74:2A:50:DA:61:77:06:14:68:3D:0A:9C:C7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MTCvbb1KZXQqUNphdwYUaD0KnMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.252.176.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d1:e4:c1:f3:fa:8a:a8:63:7b:97:31:2e:4b:4e:35:1d:f8:
9d:14:5f:03:b7:c2:8f:49:26:c9:7a:7f:1b:51:34:3c:af:54:
39:e2:32:1e:8d:04:49:7e:17:d5:74:4c:69:89:b3:c1:c1:41:
a4:b9:e5:73:d0:84:2e:16:7f:b7:ea:c5:20:cb:02:5f:85:89:
47:b8:53:b0:99:75:97:6a:1a:06:9e:7b:0d:17:bb:a9:b7:1a:
44:4e:6b:c6:b9:61:24:a1:39:38:5c:e4:01:d2:bc:a7:79:24:
57:bd:f3:d3:54:bc:a9:cb:92:c3:30:e0:5b:34:8d:11:60:0f:
64:1b:e7:56:78:a7:0f:55:56:8e:51:c5:7b:76:cb:b5:0c:2e:
50:ee:32:a8:a2:61:1f:ae:80:d7:a8:4e:01:71:53:5e:b4:9f:
51:85:ad:39:28:21:c4:72:03:98:2e:fc:91:bf:49:47:be:5f:
f1:be:03:b6:ac:f1:d3:c0:90:4d:60:85:89:76:88:33:4e:84:
91:88:e7:a5:8f:20:65:7f:e3:e6:1b:b3:21:ea:b4:e1:01:36:
33:1f:14:7d:1d:ef:13:18:08:cd:80:ef:eb:eb:d8:56:1a:dd:
71:50:6b:07:4f:f4:e1:1a:85:e0:5e:3c:30:40:a2:27:c4:c1:
c9:b3:17:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY3Ve8UjhAca5b16JSYlZHqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIzMTAyMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTMwYWY2ZGJkNGE2NTc0MmE1MGRhNjE3NzA2MTQ2ODNkMGE5Y2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqiwf394qZM8dI8ysInO0s3KoKUo
s/LxLo/WzXGB69L0HWRbZ6KvQAXpudtSQu37eDDvY8lGrq/YyoHkervmfdpS2AwA
1gtf8EIDjLvIJ7xhKWrOuDzjBr/tM/85yH5D+ZVlbKqUZkkzu+6J6catlJDCHXHH
hSuWCtHS4/fGE2Lp8IQoPOHaQB9LHg6FPQYqJR/Yf1pActbHDPfecwibdWYsnhMX
wKqtJA4XC5qilNYR34hRkeCrmEZcH71RJNkcQq5taW38X//mJVHev/8db+5qQEHk
xsmkOzuoFK3BA+EUOqAn0VYioJVvhTbYFy4v/2kQGZNQt7nmun1Ektb9yQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDEwr229SmV0KlDaYXcGFGg9CpzHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTVRDdmJiMUtaWFFxVU5waGR3WVVhRDBLbk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQALVRZAwQA
LZdZAwQAV3hXAwQAV3ktAwQAV3ndAwQBXHfEAwQCXpqgAwQAXpzvAwQAk05mAwQC
qxZIAwQAstfgAwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAufywAwQAwjfgMA0G
CSqGSIb3DQEBCwUAA4IBAQA40eTB8/qKqGN7lzEuS041HfidFF8Dt8KPSSbJen8b
UTQ8r1Q54jIejQRJfhfVdExpibPBwUGkueVz0IQuFn+36sUgywJfhYlHuFOwmXWX
ahoGnnsNF7uptxpETmvGuWEkoTk4XOQB0ryneSRXvfPTVLypy5LDMOBbNI0RYA9k
G+dWeKcPVVaOUcV7dsu1DC5Q7jKoomEfroDXqE4BcVNetJ9Rha05KCHEcgOYLvyR
v0lHvl/xvgO2rPHTwJBNYIWJdogzToSRiOeljyBlf+PmG7Mh6rThATYzHxR9He8T
GAjNgO/r69hWGt1xUGsHT/ThGoXgXjwwQKInxMHJsxce
-----END CERTIFICATE-----
Generated at Tue Feb 27 13:19:35 2024 by rpki-client on console-ams.rpki-client.org