Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/d_MWKIzgXRCbi5di0lafoHAxKMc.roa
File: d_MWKIzgXRCbi5di0lafoHAxKMc.roa (raw, json)
Hash identifier: UmbEIjPtZD4bYTGiqGRk27+dQLgwjqjgfh8cdFudhHQ=
Subject key identifier: 77:F3:16:28:8C:E0:5D:10:9B:8B:97:62:D2:56:9F:A0:70:31:28:C7
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 018E6622923C18A7C7FFA3B694571C180173
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/d_MWKIzgXRCbi5di0lafoHAxKMc.roa
Signing time: Fri 22 Mar 2024 12:28:45 +0000
ROA not before: Fri 22 Mar 2024 12:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 46261
IP address blocks: 139.28.136.0/24 maxlen: 24
195.206.110.0/24 maxlen: 24
195.206.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 18:59:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:66:22:92:3c:18:a7:c7:ff:a3:b6:94:57:1c:18:01:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Mar 22 12:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=77f316288ce05d109b8b9762d2569fa0703128c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d7:8a:0f:c2:34:de:e3:18:b3:b3:3e:f6:f2:
69:4a:02:cb:56:1e:b4:15:85:13:d9:c0:20:bc:12:
1f:71:0b:94:9b:27:f6:b1:38:0c:24:c8:14:29:16:
7b:ca:8d:ad:ec:e9:b9:34:a4:f7:c9:20:7e:93:a5:
16:f1:4f:68:cd:bb:20:d7:2e:67:f4:0e:0e:98:78:
3c:e0:a4:db:c9:9c:5a:26:64:13:45:04:85:88:ac:
a5:8e:21:1e:fb:67:69:30:f4:d1:2c:d0:b1:2b:b0:
81:69:eb:fa:9c:4e:c7:87:0d:49:80:7d:a5:68:b9:
75:d5:de:61:01:57:1c:f8:ec:72:a3:ae:da:45:c8:
55:03:44:59:ed:2c:0a:84:dd:f1:7a:a3:a3:c2:ad:
9b:5d:70:45:87:de:38:1d:4b:1d:17:93:8f:aa:50:
77:d4:3e:c4:20:29:7f:8d:cc:41:7d:b7:80:92:e3:
43:bc:4c:9f:ea:59:86:9a:50:eb:58:ce:00:4b:7d:
79:7b:0d:2b:b1:97:70:be:5b:a3:fc:c7:c3:ce:bb:
07:68:8b:1e:a1:dd:e9:15:e3:88:0b:35:c7:2f:fc:
64:30:00:5f:ef:f3:df:4d:eb:ec:80:5a:d2:5b:8d:
73:bb:83:74:3e:4a:fc:5c:23:37:00:be:3f:1b:d8:
b3:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:F3:16:28:8C:E0:5D:10:9B:8B:97:62:D2:56:9F:A0:70:31:28:C7
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/d_MWKIzgXRCbi5di0lafoHAxKMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.136.0/24
195.206.110.0/23
Signature Algorithm: sha256WithRSAEncryption
08:10:e9:23:6d:e3:ae:64:d5:0a:70:d5:6b:b1:83:34:d4:c6:
8a:14:e2:75:27:ff:16:8d:2c:9d:ab:ce:38:53:7f:9f:1b:b4:
01:ea:64:a8:1f:2c:6d:ce:e7:08:62:76:2e:71:f4:b6:dd:1f:
01:f4:b3:b7:a1:4a:07:a8:a7:d9:72:19:f7:49:27:d1:c9:1b:
49:c8:98:fe:e4:08:77:f5:3f:dc:00:41:8e:fd:a1:a5:4d:82:
34:4b:10:30:b3:ba:f5:7c:eb:8b:1f:84:d7:dc:11:83:7c:23:
89:40:bf:dc:36:1e:2e:1e:15:c4:e3:d7:09:da:3d:5f:88:c5:
e2:2c:7e:81:b4:b9:32:52:ba:fb:d4:90:7a:f8:30:b9:b0:8e:
7e:8e:80:91:f6:ff:8c:50:7c:d9:1c:ea:70:f7:70:f0:2d:dc:
cb:98:9f:50:1e:e3:d9:92:b4:70:02:64:b8:e6:5d:6b:da:c8:
93:af:e5:c7:03:b0:54:49:e5:9e:84:b5:a1:79:0f:91:5c:9b:
79:1f:84:fc:b5:7c:0d:8f:4f:f4:2f:94:6d:7a:c8:44:78:0f:
5f:0b:1a:77:c5:c4:67:29:d7:67:a0:ee:a3:88:83:92:44:b8:
dd:60:5e:e5:bc:21:9c:b2:13:04:c1:08:a8:e8:d1:b5:6f:21:
24:7b:9c:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY5mIpI8GKfH/6O2lFccGAFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWEzZjIxZmIwYzI5NGQ2ZDRhNTI5YjJmMWRiZDRiZDEx
MTliZDcwHhcNMjQwMzIyMTIyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2YzMTYyODhjZTA1ZDEwOWI4Yjk3NjJkMjU2OWZhMDcwMzEyOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkteKD8I03uMYs7M+9vJpSgLLVh60
FYUT2cAgvBIfcQuUmyf2sTgMJMgUKRZ7yo2t7Om5NKT3ySB+k6UW8U9ozbsg1y5n
9A4OmHg84KTbyZxaJmQTRQSFiKyljiEe+2dpMPTRLNCxK7CBaev6nE7Hhw1JgH2l
aLl11d5hAVcc+Oxyo67aRchVA0RZ7SwKhN3xeqOjwq2bXXBFh944HUsdF5OPqlB3
1D7EICl/jcxBfbeAkuNDvEyf6lmGmlDrWM4AS315ew0rsZdwvluj/MfDzrsHaIse
od3pFeOICzXHL/xkMABf7/PfTevsgFrSW41zu4N0Pkr8XCM3AL4/G9izrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfzFiiM4F0Qm4uXYtJWn6BwMSjHMB8GA1UdIwQY
MBaAFIIaPyH7DClNbUpSmy8dvUvREZvXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMt
YjZmMmFjODZlZjI3LzEvZF9NV0tJemdYUkNiaTVkaTBsYWZvSEF4S01jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9lZGM4NTUtZjJiYy00ZTljLThjMGMtYjZmMmFjODZlZjI3
LzEvZ2hvX0lmc01LVTF0U2xLYkx4MjlTOUVSbTljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAixyIAwQB
w85uMA0GCSqGSIb3DQEBCwUAA4IBAQAIEOkjbeOuZNUKcNVrsYM01MaKFOJ1J/8W
jSydq844U3+fG7QB6mSoHyxtzucIYnYucfS23R8B9LO3oUoHqKfZchn3SSfRyRtJ
yJj+5Ah39T/cAEGO/aGlTYI0SxAws7r1fOuLH4TX3BGDfCOJQL/cNh4uHhXE49cJ
2j1fiMXiLH6BtLkyUrr71JB6+DC5sI5+joCR9v+MUHzZHOpw93DwLdzLmJ9QHuPZ
krRwAmS45l1r2siTr+XHA7BUSeWehLWheQ+RXJt5H4T8tXwNj0/0L5RteshEeA9f
Cxp3xcRnKddnoO6jiIOSRLjdYF7lvCGcshMEwQio6NG1byEke5zQ
-----END CERTIFICATE-----
Generated at Tue Apr 2 20:59:17 2024 by rpki-client on console-fra.rpki-client.org