Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/MMjHbfVd6rzKz0LYajB-59i-fkI.roa
File: MMjHbfVd6rzKz0LYajB-59i-fkI.roa (raw, json)
Hash identifier: rYwnsKy2v4h65C/NKul4O8l3sYxiudevQYqwCM0wJMI=
Subject key identifier: 30:C8:C7:6D:F5:5D:EA:BC:CA:CF:42:D8:6A:30:7E:E7:D8:BE:7E:42
Certificate issuer: /CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Certificate serial: 018B94B81DCB0016118FF217A6169520712F
Authority key identifier: 97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/MMjHbfVd6rzKz0LYajB-59i-fkI.roa
Signing time: Fri 03 Nov 2023 10:26:16 +0000
ROA not before: Fri 03 Nov 2023 10:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49025
IP address blocks: 185.111.108.0/22 maxlen: 24
95.173.200.0/21 maxlen: 21
95.173.204.0/22 maxlen: 22
95.173.208.0/21 maxlen: 21
95.173.216.0/21 maxlen: 21
185.2.40.0/22 maxlen: 22
2a02:a48:f000::/36 maxlen: 36
2a06:5d80::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 08:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:94:b8:1d:cb:00:16:11:8f:f2:17:a6:16:95:20:71:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97cca0952db8aa9fe5e5703c6f189a06a57f4bb1
Validity
Not Before: Nov 3 10:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30c8c76df55deabccacf42d86a307ee7d8be7e42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:06:57:32:fa:ca:0c:9e:88:53:9e:40:a1:a9:
94:53:cc:90:fa:ad:a4:0e:a8:c6:08:da:86:7d:ad:
5c:c2:56:59:3b:79:91:ad:1b:7d:17:ff:03:9e:4f:
e6:0f:8c:ea:23:5e:48:3a:3f:41:2a:b4:18:28:c9:
be:6e:43:6b:8a:f5:86:88:30:c6:b0:88:67:25:50:
75:90:e3:35:e9:6f:97:4b:6c:bb:ae:24:55:26:00:
1f:95:70:5a:bd:6c:c3:71:8d:88:08:cc:20:fc:f8:
c1:75:22:f4:da:81:f9:63:fc:94:9b:1e:f2:63:f8:
15:fc:8e:1a:03:ad:70:9a:10:98:a8:06:57:37:73:
9f:64:ad:47:29:e9:8a:3b:c1:42:c3:8d:bc:13:bf:
4c:3b:51:80:51:86:40:f0:c0:d2:11:6c:d9:74:98:
81:d8:65:b7:e9:98:3b:73:31:34:ae:fa:b7:28:84:
6a:20:16:ff:d8:ff:0c:98:08:ae:a8:1b:b6:70:92:
6e:28:5c:eb:d5:29:70:df:13:f9:5d:cf:78:3b:50:
52:93:27:42:4f:47:10:82:95:aa:1c:ba:d6:b3:67:
52:dd:66:ed:f1:6c:5a:fe:ae:85:86:c6:94:31:44:
cc:c2:e2:08:a9:9e:09:06:17:b6:d7:f1:9a:ce:b7:
95:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:C8:C7:6D:F5:5D:EA:BC:CA:CF:42:D8:6A:30:7E:E7:D8:BE:7E:42
X509v3 Authority Key Identifier:
keyid:97:CC:A0:95:2D:B8:AA:9F:E5:E5:70:3C:6F:18:9A:06:A5:7F:4B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l8yglS24qp_l5XA8bxiaBqV_S7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/MMjHbfVd6rzKz0LYajB-59i-fkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/9a0eb2-e994-4719-a166-5d6dd0ba52cf/1/l8yglS24qp_l5XA8bxiaBqV_S7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.200.0-95.173.223.255
185.2.40.0/22
185.111.108.0/22
IPv6:
2a02:a48:f000::/36
2a06:5d80::/32
Signature Algorithm: sha256WithRSAEncryption
1e:01:f5:d0:ff:97:96:ec:95:91:72:23:3e:ae:89:53:d7:9e:
5e:3c:72:b3:37:96:87:a2:f7:94:7d:d1:bb:de:87:97:14:c2:
c2:5d:21:93:a5:f3:0f:8a:6e:d9:c9:0d:b2:0d:a1:bd:2b:fb:
0c:c4:9e:b3:6c:2c:b3:9a:b9:88:15:b9:e4:4c:e5:3c:67:e7:
8e:12:01:f2:27:2d:30:53:5a:64:82:96:39:4c:58:b3:1e:4d:
8e:68:99:27:e8:40:da:13:42:6c:5d:d2:fa:22:ac:fe:70:d2:
91:af:ce:cf:4a:41:da:23:8d:e0:84:49:63:8d:3b:86:65:75:
cf:84:01:6e:ac:55:43:bb:b8:45:b6:43:ad:cb:e1:4c:d2:3a:
4d:ee:77:82:6c:3d:a4:c4:2d:ed:bf:79:80:dd:aa:af:22:e6:
f2:06:3f:86:c8:fb:b4:32:11:a6:f1:20:03:08:e7:61:53:d8:
57:37:b5:38:c0:3f:bf:8b:da:74:98:b3:49:b1:64:9c:48:80:
b2:5a:05:87:7a:20:b2:85:84:b6:6d:c3:9c:33:17:70:85:11:
9c:61:79:d7:f1:c1:d8:37:01:02:6e:95:d6:ec:1d:66:d8:ca:
5b:6b:6c:bc:a0:fd:8a:0a:a8:3f:22:fb:39:43:8d:03:eb:f0:
e1:c7:61:2c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYuUuB3LABYRj/IXphaVIHEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3Y2NhMDk1MmRiOGFhOWZlNWU1NzAzYzZmMTg5YTA2YTU3
ZjRiYjEwHhcNMjMxMTAzMTAyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGM4Yzc2ZGY1NWRlYWJjY2FjZjQyZDg2YTMwN2VlN2Q4YmU3ZTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwZXMvrKDJ6IU55AoamUU8yQ+q2k
DqjGCNqGfa1cwlZZO3mRrRt9F/8Dnk/mD4zqI15IOj9BKrQYKMm+bkNrivWGiDDG
sIhnJVB1kOM16W+XS2y7riRVJgAflXBavWzDcY2ICMwg/PjBdSL02oH5Y/yUmx7y
Y/gV/I4aA61wmhCYqAZXN3OfZK1HKemKO8FCw428E79MO1GAUYZA8MDSEWzZdJiB
2GW36Zg7czE0rvq3KIRqIBb/2P8MmAiuqBu2cJJuKFzr1Slw3xP5Xc94O1BSkydC
T0cQgpWqHLrWs2dS3Wbt8Wxa/q6FhsaUMUTMwuIIqZ4JBhe21/GazreV1wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDDIx231Xeq8ys9C2GowfufYvn5CMB8GA1UdIwQY
MBaAFJfMoJUtuKqf5eVwPG8Ymgalf0uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYt
NWQ2ZGQwYmE1MmNmLzEvTU1qSGJmVmQ2cnpLejBMWWFqQi01OWktZmtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy85YTBlYjItZTk5NC00NzE5LWExNjYtNWQ2ZGQwYmE1MmNm
LzEvbDh5Z2xTMjRxcF9sNVhBOGJ4aWFCcVZfUzdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAgBAIAATAaMAwDBANfrcgD
BAVfrcADBAK5AigDBAK5b2wwFQQCAAIwDwMGBCoCCkjwAwUAKgZdgDANBgkqhkiG
9w0BAQsFAAOCAQEAHgH10P+XluyVkXIjPq6JU9eeXjxyszeWh6L3lH3Ru96HlxTC
wl0hk6XzD4pu2ckNsg2hvSv7DMSes2wss5q5iBW55EzlPGfnjhIB8ictMFNaZIKW
OUxYsx5NjmiZJ+hA2hNCbF3S+iKs/nDSka/Oz0pB2iON4IRJY407hmV1z4QBbqxV
Q7u4RbZDrcvhTNI6Te53gmw9pMQt7b95gN2qryLm8gY/hsj7tDIRpvEgAwjnYVPY
Vze1OMA/v4vadJizSbFknEiAsloFh3ogsoWEtm3DnDMXcIURnGF51/HB2DcBAm6V
1uwdZtjKW2tsvKD9igqoPyL7OUONA+vw4cdhLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:34 2024 by rpki-client on console-ams.rpki-client.org