Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/MNGNU4tOZhmxANbUQ-cqLZILel4.roa
File: MNGNU4tOZhmxANbUQ-cqLZILel4.roa (raw, json)
Hash identifier: ae3yz92Wic13S+qA6U+AJC6KyMHbwRw/guCVw1e5P2A=
Subject key identifier: 30:D1:8D:53:8B:4E:66:19:B1:00:D6:D4:43:E7:2A:2D:92:0B:7A:5E
Certificate issuer: /CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
Certificate serial: 018CC9BC26710D9E00FCC2D0D930E00218E5
Authority key identifier: C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/MNGNU4tOZhmxANbUQ-cqLZILel4.roa
Signing time: Tue 02 Jan 2024 10:33:20 +0000
ROA not before: Tue 02 Jan 2024 10:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59888
IP address blocks: 212.1.204.0/23 maxlen: 23
212.1.200.0/21 maxlen: 21
212.1.200.0/23 maxlen: 23
212.1.202.0/23 maxlen: 23
2a07:7600::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 May 2024 09:26:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:26:71:0d:9e:00:fc:c2:d0:d9:30:e0:02:18:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9c02d4234f4bc4e87555e41c03779d5620a5155
Validity
Not Before: Jan 2 10:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d18d538b4e6619b100d6d443e72a2d920b7a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:e1:06:6c:cd:c3:21:52:5c:cd:68:80:1c:
ec:0c:04:f5:3c:ae:37:77:fe:95:f1:14:9f:56:40:
98:3a:63:13:c9:fe:e3:0a:14:73:fa:ab:f0:1c:0e:
cf:d9:08:e2:63:a9:35:11:62:97:40:7e:af:b9:47:
0f:06:04:3e:4f:22:e9:75:ff:9e:ae:14:b5:ba:52:
eb:93:b2:01:37:72:3f:e5:59:0c:a1:58:05:de:a7:
bc:3e:9a:d5:58:18:f7:9f:58:27:16:9e:d4:bb:63:
a5:74:8f:8b:69:d5:fc:15:21:e2:d4:47:ce:70:36:
cf:bc:03:1a:83:4f:e9:17:50:a1:6c:29:9f:3b:9a:
8d:e1:e3:d0:8f:ad:1a:87:2c:f6:63:dd:d2:4d:90:
05:e3:ca:e2:d9:a0:e5:d7:86:f0:00:a5:e2:27:c3:
76:b6:ee:4a:fe:d8:ab:1f:ba:91:43:60:eb:ef:43:
54:05:fd:72:80:0c:c3:90:53:c0:71:56:ec:e7:82:
91:09:bd:96:87:26:bb:a6:54:bb:94:fb:d7:7f:a5:
e0:5c:1e:33:f1:08:ec:2a:d7:dc:40:02:08:72:cf:
48:1d:0e:45:cc:32:71:ad:64:e7:92:04:26:77:5f:
f2:e0:7c:c6:ec:80:2b:bf:c9:ac:c9:c7:5d:1f:e8:
20:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D1:8D:53:8B:4E:66:19:B1:00:D6:D4:43:E7:2A:2D:92:0B:7A:5E
X509v3 Authority Key Identifier:
keyid:C9:C0:2D:42:34:F4:BC:4E:87:55:5E:41:C0:37:79:D5:62:0A:51:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycAtQjT0vE6HVV5BwDd51WIKUVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/MNGNU4tOZhmxANbUQ-cqLZILel4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/685232-f5e9-41d6-b94e-1a6ce5faf916/1/ycAtQjT0vE6HVV5BwDd51WIKUVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.1.200.0/21
IPv6:
2a07:7600::/29
Signature Algorithm: sha256WithRSAEncryption
a7:9d:29:c4:e3:74:b1:f4:9c:60:c4:c3:19:ce:61:12:19:e9:
f0:70:90:ef:6e:da:ee:e2:a8:fd:10:6f:44:aa:57:c9:c0:ee:
e0:dc:e7:02:65:1a:65:e1:b3:31:78:7f:6f:c3:b1:8c:c4:14:
a8:66:a7:4a:10:95:a8:2d:14:07:1c:65:c4:e9:8d:3a:ea:04:
89:0b:61:e2:ca:4c:9f:00:76:ac:93:4e:af:90:6e:48:99:43:
f0:1e:fe:56:96:15:0f:67:f2:92:af:00:90:69:cc:3a:e4:16:
db:dd:d2:f1:53:9f:ac:55:54:a0:dd:ac:ca:9e:79:7d:66:2b:
4e:f8:1a:33:19:f8:fc:3d:f5:8e:16:3d:64:13:6c:bd:6b:2e:
de:78:37:ec:6b:2f:b6:53:0f:01:f2:d1:d3:2c:8f:3b:ed:10:
8f:88:16:11:65:05:b2:9d:fa:5e:6f:7b:b5:a8:e8:d1:f4:ee:
8d:62:4b:fd:45:35:3c:81:35:e1:ca:20:7c:bd:c9:e7:65:4a:
33:80:ff:0d:70:55:1b:b7:d1:8a:39:9f:52:96:bf:b4:dc:8f:
bd:de:60:ba:ee:d8:4a:23:0c:0d:35:b3:6a:36:fc:68:74:72:
e6:10:cd:41:99:4d:40:50:78:53:9a:0b:7e:be:03:49:59:08:
a6:5e:60:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvCZxDZ4A/MLQ2TDgAhjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YzAyZDQyMzRmNGJjNGU4NzU1NWU0MWMwMzc3OWQ1NjIw
YTUxNTUwHhcNMjQwMTAyMTAzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQxOGQ1MzhiNGU2NjE5YjEwMGQ2ZDQ0M2U3MmEyZDkyMGI3YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHLhBmzNwyFSXM1ogBzsDAT1PK43
d/6V8RSfVkCYOmMTyf7jChRz+qvwHA7P2QjiY6k1EWKXQH6vuUcPBgQ+TyLpdf+e
rhS1ulLrk7IBN3I/5VkMoVgF3qe8PprVWBj3n1gnFp7Uu2OldI+LadX8FSHi1EfO
cDbPvAMag0/pF1ChbCmfO5qN4ePQj60ahyz2Y93STZAF48ri2aDl14bwAKXiJ8N2
tu5K/tirH7qRQ2Dr70NUBf1ygAzDkFPAcVbs54KRCb2Whya7plS7lPvXf6XgXB4z
8QjsKtfcQAIIcs9IHQ5FzDJxrWTnkgQmd1/y4HzG7IArv8msycddH+ggOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDDRjVOLTmYZsQDW1EPnKi2SC3peMB8GA1UdIwQY
MBaAFMnALUI09LxOh1VeQcA3edViClFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUt
MWE2Y2U1ZmFmOTE2LzEvTU5HTlU0dE9aaG14QU5iVVEtY3FMWklMZWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS82ODUyMzItZjVlOS00MWQ2LWI5NGUtMWE2Y2U1ZmFmOTE2
LzEveWNBdFFqVDB2RTZIVlY1QndEZDUxV0lLVVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQD1AHIMA0E
AgACMAcDBQMqB3YAMA0GCSqGSIb3DQEBCwUAA4IBAQCnnSnE43Sx9JxgxMMZzmES
GenwcJDvbtru4qj9EG9EqlfJwO7g3OcCZRpl4bMxeH9vw7GMxBSoZqdKEJWoLRQH
HGXE6Y066gSJC2HiykyfAHask06vkG5ImUPwHv5WlhUPZ/KSrwCQacw65Bbb3dLx
U5+sVVSg3azKnnl9ZitO+BozGfj8PfWOFj1kE2y9ay7eeDfsay+2Uw8B8tHTLI87
7RCPiBYRZQWynfpeb3u1qOjR9O6NYkv9RTU8gTXhyiB8vcnnZUozgP8NcFUbt9GK
OZ9Slr+03I+93mC67thKIwwNNbNqNvxodHLmEM1BmU1AUHhTmgt+vgNJWQimXmDO
-----END CERTIFICATE-----
Generated at Wed May 1 12:49:31 2024 by rpki-client on console-fra.rpki-client.org