Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MvnsrWV21xnsxonLBayI7grStEQ.roa
File: MvnsrWV21xnsxonLBayI7grStEQ.roa (raw, json)
Hash identifier: XgWPDaiMpHJu3PHsxxlqlnRWh96dZVpDH2dxEN4hC10=
Subject key identifier: 32:F9:EC:AD:65:76:D7:19:EC:C6:89:CB:05:AC:88:EE:0A:D2:B4:44
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D3A2D1CC6E284F1A55FF4AD292BD26C0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MvnsrWV21xnsxonLBayI7grStEQ.roa
Signing time: Tue 17 Dec 2024 08:01:23 +0000
ROA not before: Tue 17 Dec 2024 08:01:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61071
IP address blocks: 85.217.164.0/23 maxlen: 32
85.217.180.0/22 maxlen: 32
87.120.246.0/24 maxlen: 32
Validation: Failed, certificate revoked on Tue 17 Dec 2024 11:11:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d3:a2:d1:cc:6e:28:4f:1a:55:ff:4a:d2:92:bd:26:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 17 08:01:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=32f9ecad6576d719ecc689cb05ac88ee0ad2b444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:79:f1:59:33:1f:20:f9:ab:45:a8:99:86:e0:
8f:b7:5f:5c:2c:28:2d:33:bb:ea:07:63:53:d3:3a:
5a:72:e5:b0:9e:a1:af:98:9b:d2:02:8b:27:11:d0:
bd:74:bd:7d:21:95:3b:90:f5:c4:d9:fb:3c:5a:d3:
ca:cd:3b:c0:a6:38:27:cd:73:17:f6:0d:28:ab:a3:
2a:9a:3b:e3:de:80:7d:89:a6:3c:1a:17:3a:a7:c2:
94:4b:82:8b:e1:fb:d5:d8:b4:35:63:68:3a:57:60:
5b:7c:05:23:ef:31:d5:cf:c0:86:ee:20:95:99:e7:
20:dd:a1:f2:fc:b0:1a:f5:24:b4:21:6c:4d:ae:d3:
ef:ac:f7:ed:6c:72:4f:cf:2b:fa:a4:1d:8e:20:e6:
78:7a:b4:ae:27:a6:7f:b4:9a:c5:60:26:3a:84:9f:
a8:ec:80:6f:40:94:be:19:eb:eb:90:22:a0:95:bc:
2f:b0:da:87:83:57:36:54:ff:1c:79:05:fa:9d:4c:
68:90:41:b7:aa:81:bf:14:f8:36:50:5e:63:2d:7d:
18:8e:b0:7f:25:81:88:ba:34:9b:48:f1:66:de:19:
ae:eb:3b:7f:de:ff:22:9b:4b:bd:c2:2b:7d:89:b0:
f6:f7:a7:42:3f:d5:6f:fb:8a:b1:55:84:e2:f7:0b:
55:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F9:EC:AD:65:76:D7:19:EC:C6:89:CB:05:AC:88:EE:0A:D2:B4:44
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/MvnsrWV21xnsxonLBayI7grStEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/23
85.217.180.0/22
87.120.246.0/24
Signature Algorithm: sha256WithRSAEncryption
55:2e:c8:70:9e:12:da:80:61:13:07:11:65:3a:ea:d9:88:25:
99:d9:00:81:0d:bf:ac:11:61:24:f2:56:7c:89:ae:26:fd:29:
a0:11:91:0f:70:ae:09:4a:83:d8:fe:9f:94:29:1f:e0:34:a0:
66:f9:ac:08:00:7a:ad:15:8f:77:02:53:cf:3b:0f:a4:f5:77:
6c:bd:03:61:b8:bb:34:1b:90:86:ee:7f:d7:c5:61:0b:31:d3:
c2:7f:b1:79:6d:3e:75:fd:a0:8d:54:f3:e7:e6:b8:6e:13:3c:
4a:03:e1:8d:65:86:f8:d0:d1:da:53:64:ce:53:02:b2:78:47:
96:4d:61:58:56:de:ce:9b:d9:86:72:c9:e3:86:b2:00:86:32:
05:31:12:a9:6f:63:25:99:f8:01:bb:48:50:03:32:0c:e3:06:
8d:3e:93:f0:79:d0:1d:15:7e:71:c2:ac:31:4e:f6:04:ec:89:
5f:14:e6:30:95:82:d6:d3:06:83:2a:67:5a:f2:76:6c:13:cb:
2d:c9:b1:ac:7c:52:39:82:8c:a2:e5:c0:34:20:31:48:6f:b3:
23:f8:02:02:cb:a6:2b:16:78:1b:68:c8:44:80:23:44:50:69:
d1:ad:c9:a3:cd:3b:9e:24:71:d5:11:cb:3a:dc:5e:b2:a2:6e:
00:da:de:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPTotHMbihPGlX/StKSvSbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE3MDgwMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmY5ZWNhZDY1NzZkNzE5ZWNjNjg5Y2IwNWFjODhlZTBhZDJiNDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHnxWTMfIPmrRaiZhuCPt19cLCgt
M7vqB2NT0zpacuWwnqGvmJvSAosnEdC9dL19IZU7kPXE2fs8WtPKzTvApjgnzXMX
9g0oq6Mqmjvj3oB9iaY8Ghc6p8KUS4KL4fvV2LQ1Y2g6V2BbfAUj7zHVz8CG7iCV
mecg3aHy/LAa9SS0IWxNrtPvrPftbHJPzyv6pB2OIOZ4erSuJ6Z/tJrFYCY6hJ+o
7IBvQJS+GevrkCKglbwvsNqHg1c2VP8ceQX6nUxokEG3qoG/FPg2UF5jLX0YjrB/
JYGIujSbSPFm3hmu6zt/3v8im0u9wit9ibD296dCP9Vv+4qxVYTi9wtVnQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDL57K1ldtcZ7MaJywWsiO4K0rREMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTXZuc3JXVjIxeG5zeG9uTEJheUk3Z3JTdEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVdmkAwQC
Vdm0AwQAV3j2MA0GCSqGSIb3DQEBCwUAA4IBAQBVLshwnhLagGETBxFlOurZiCWZ
2QCBDb+sEWEk8lZ8ia4m/SmgEZEPcK4JSoPY/p+UKR/gNKBm+awIAHqtFY93AlPP
Ow+k9XdsvQNhuLs0G5CG7n/XxWELMdPCf7F5bT51/aCNVPPn5rhuEzxKA+GNZYb4
0NHaU2TOUwKyeEeWTWFYVt7Om9mGcsnjhrIAhjIFMRKpb2MlmfgBu0hQAzIM4waN
PpPwedAdFX5xwqwxTvYE7IlfFOYwlYLW0waDKmda8nZsE8stybGsfFI5goyi5cA0
IDFIb7Mj+AICy6YrFngbaMhEgCNEUGnRrcmjzTueJHHVEcs63F6yom4A2t5B
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:35:51 2025 by rpki-client