Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MzYANqDGlR0k7ONTr0IcLbTDPXg.roa
File: MzYANqDGlR0k7ONTr0IcLbTDPXg.roa (raw, json)
Hash identifier: qSyIzZgHyB3jtIbjBJRerPQIpd7Fm1+gknLSlLqR+Y0=
Subject key identifier: 33:36:00:36:A0:C6:95:1D:24:EC:E3:53:AF:42:1C:2D:B4:C3:3D:78
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 01856D81AD8A5041D8E4ED79C587A86FF87B
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MzYANqDGlR0k7ONTr0IcLbTDPXg.roa
Signing time: Sun 01 Jan 2023 13:24:53 +0000
ROA not before: Sun 01 Jan 2023 13:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
153.92.32.0/21 maxlen: 21
185.62.88.0/22 maxlen: 22
185.68.76.0/22 maxlen: 22
37.123.120.0/21 maxlen: 21
2a04:6ec0::/32 maxlen: 32
2a04:6ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:30:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ad:8a:50:41:d8:e4:ed:79:c5:87:a8:6f:f8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Jan 1 13:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33360036a0c6951d24ece353af421c2db4c33d78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:7e:9c:65:52:99:5f:db:4d:08:30:c3:7f:c5:
52:a5:1c:fe:f6:9f:bc:4d:ae:fd:e6:11:e9:62:82:
58:03:28:c2:1c:43:0d:8f:6c:ef:63:a4:f9:6e:d3:
82:bc:43:da:9a:ff:38:99:f1:0e:4f:9f:a0:8a:4c:
3f:29:37:d5:bf:12:3d:71:e4:76:52:ac:9c:6b:46:
38:60:57:7d:37:af:b4:94:41:8d:68:a6:f1:10:23:
ec:3b:73:b1:02:18:2b:d7:95:52:c2:8c:4b:09:41:
f9:26:95:79:65:f7:65:b7:90:68:5d:a6:50:e0:53:
50:07:72:90:8f:59:8e:e0:2b:4a:f4:e2:9b:f4:53:
54:ad:dc:0a:7f:19:8a:15:d5:c4:23:6c:5e:a5:64:
ad:72:aa:67:fa:47:7a:23:37:ee:e7:e8:cc:57:c0:
f4:24:30:5a:2e:2a:0b:a8:1b:85:b7:07:e8:40:9a:
e1:25:fe:da:93:83:af:25:8b:0c:cf:5d:c5:68:80:
c3:bc:a8:fa:db:74:b8:cd:82:cc:10:58:12:12:84:
7a:1a:e5:85:33:1f:e8:8d:2a:37:bc:96:99:c3:2c:
7a:14:d3:65:6e:25:98:21:72:27:14:86:f3:ea:2d:
78:a6:8c:f0:fb:53:a8:80:33:c2:f9:0b:2a:96:24:
4e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:36:00:36:A0:C6:95:1D:24:EC:E3:53:AF:42:1C:2D:B4:C3:3D:78
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/MzYANqDGlR0k7ONTr0IcLbTDPXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.123.120.0/21
153.92.32.0/21
185.62.88.0/22
185.68.76.0/22
IPv6:
2a04:6ec0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:45:be:78:2f:21:3d:ed:2d:bb:c9:fe:2a:92:25:57:4f:7f:
29:0f:28:59:0f:de:11:f8:1b:93:f4:82:b1:78:fb:21:da:31:
d9:15:ef:ae:86:3f:32:3a:58:ef:ad:a0:36:13:58:8a:e9:b6:
44:6f:49:66:f0:fa:5e:d7:08:a4:a9:a1:71:ad:3e:7a:3f:a0:
da:60:9d:ce:69:7c:b7:af:50:74:ba:28:8f:4a:af:87:a6:12:
3c:f0:ba:05:5a:df:f0:9f:c4:f5:92:f8:13:60:ae:f0:dc:c2:
7d:08:9e:32:b8:3e:57:84:b6:eb:5a:57:a1:34:0b:f1:07:9a:
0e:97:b3:11:8c:db:a1:d5:47:88:34:22:03:53:93:1f:14:11:
0d:0d:7b:15:b4:b7:b8:36:3e:07:48:07:e2:23:1c:13:2e:d2:
79:c7:69:68:c7:e5:75:33:8d:87:bf:8a:75:bb:70:c2:66:65:
3c:6d:02:e6:54:37:8a:e2:ae:6f:91:6a:85:d1:4b:47:0b:bf:
30:67:70:9e:4b:c9:80:95:ec:22:92:01:5b:bf:a6:53:53:c7:
3b:df:72:5a:67:76:18:c7:56:a1:39:81:91:2c:6a:b6:06:ac:
c5:34:11:6a:12:70:6d:c2:26:84:ac:a7:a6:c6:7a:07:4a:d8:
96:28:78:e5
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVtga2KUEHY5O15xYeob/h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjMwMTAxMTMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzM2MDAzNmEwYzY5NTFkMjRlY2UzNTNhZjQyMWMyZGI0YzMzZDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgX6cZVKZX9tNCDDDf8VSpRz+9p+8
Ta795hHpYoJYAyjCHEMNj2zvY6T5btOCvEPamv84mfEOT5+gikw/KTfVvxI9ceR2
Uqyca0Y4YFd9N6+0lEGNaKbxECPsO3OxAhgr15VSwoxLCUH5JpV5Zfdlt5BoXaZQ
4FNQB3KQj1mO4CtK9OKb9FNUrdwKfxmKFdXEI2xepWStcqpn+kd6Izfu5+jMV8D0
JDBaLioLqBuFtwfoQJrhJf7ak4OvJYsMz13FaIDDvKj623S4zYLMEFgSEoR6GuWF
Mx/ojSo3vJaZwyx6FNNlbiWYIXInFIbz6i14pozw+1OogDPC+QsqliROpwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDM2ADagxpUdJOzjU69CHC20wz14MB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvTXpZQU5xREdsUjBrN09OVHIwSWNMYlREUFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDHxmYAwQD
JXt4AwQDmVwgAwQCuT5YAwQCuURMMA0EAgACMAcDBQMqBG7AMA0GCSqGSIb3DQEB
CwUAA4IBAQChRb54LyE97S27yf4qkiVXT38pDyhZD94R+BuT9IKxePsh2jHZFe+u
hj8yOljvraA2E1iK6bZEb0lm8Ppe1wikqaFxrT56P6DaYJ3OaXy3r1B0uiiPSq+H
phI88LoFWt/wn8T1kvgTYK7w3MJ9CJ4yuD5XhLbrWlehNAvxB5oOl7MRjNuh1UeI
NCIDU5MfFBENDXsVtLe4Nj4HSAfiIxwTLtJ5x2lox+V1M42Hv4p1u3DCZmU8bQLm
VDeK4q5vkWqF0UtHC78wZ3CeS8mAlewikgFbv6ZTU8c733JaZ3YYx1ahOYGRLGq2
BqzFNBFqEnBtwiaErKemxnoHStiWKHjl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:55 2024 by rpki-client on console-fra.rpki-client.org