Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MbmLFVlz3Z_PtoogvlV5R2w4dyw.roa
File: MbmLFVlz3Z_PtoogvlV5R2w4dyw.roa (raw, json)
Hash identifier: 9rSQ+ACHazOG/xbp0K7+Pt3Duxbq9J4eIQPdKQUNgkM=
Subject key identifier: 31:B9:8B:15:59:73:DD:9F:CF:B6:8A:20:BE:55:79:47:6C:38:77:2C
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 018E2D39C9890A2CF21E09E9A8E0AE00BF24
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MbmLFVlz3Z_PtoogvlV5R2w4dyw.roa
Signing time: Mon 11 Mar 2024 11:15:45 +0000
ROA not before: Mon 11 Mar 2024 11:15:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 86.111.192.0/22 maxlen: 22
86.111.192.0/24 maxlen: 24
86.111.193.0/24 maxlen: 24
86.111.194.0/24 maxlen: 24
86.111.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:39:c9:89:0a:2c:f2:1e:09:e9:a8:e0:ae:00:bf:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: Mar 11 11:15:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31b98b155973dd9fcfb68a20be5579476c38772c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:52:57:e5:dc:5d:c4:76:99:bb:1f:57:f5:78:
b4:8a:d5:31:0e:ed:68:b9:c7:80:da:c5:5a:92:90:
f8:1a:eb:f0:a7:fb:dc:c7:f8:0b:f5:4f:56:33:2c:
e5:e2:49:ff:3d:61:56:38:a1:e5:dd:43:ae:a4:8c:
f8:30:08:c8:28:81:a5:85:6b:62:c5:34:9a:45:6b:
fa:8c:c8:fb:24:e7:7a:d6:b8:52:ac:6b:52:9b:66:
67:71:cc:70:6e:e8:d5:55:89:1a:68:7b:48:50:d9:
6a:bd:0e:fe:a6:26:4d:8f:c4:e0:6b:3b:f9:13:53:
d7:c5:b1:30:98:78:d6:88:43:bb:70:a5:3e:1d:22:
c8:0c:fe:db:2f:2c:ec:a1:9f:2e:0a:d7:86:c2:8f:
f8:f2:61:76:a8:eb:1c:c2:75:df:73:e9:e1:69:62:
d6:ca:94:ab:12:f3:5d:19:08:61:1e:21:a5:0b:67:
d7:f2:63:02:ea:20:40:34:7d:c9:43:41:19:a9:62:
e9:0e:c9:59:19:4f:3d:ad:bf:1f:f8:8a:19:90:3c:
7c:a0:be:98:03:8c:74:a4:d4:b9:9b:7c:e0:15:03:
24:9c:dc:54:5c:3c:61:ca:d4:a4:f7:b3:b9:a7:5e:
22:df:2f:aa:2c:17:09:f4:41:0f:1d:3e:30:01:e1:
7d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B9:8B:15:59:73:DD:9F:CF:B6:8A:20:BE:55:79:47:6C:38:77:2C
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MbmLFVlz3Z_PtoogvlV5R2w4dyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.192.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:47:78:6f:68:40:1f:0b:0e:9a:fb:49:57:ab:9c:b0:ee:24:
cc:45:43:50:8b:27:14:96:46:1d:12:3f:45:b0:b1:b9:72:f2:
07:91:b4:7a:aa:1e:c8:6f:a9:3c:ab:3d:e8:46:85:7d:74:9e:
3b:e7:22:5e:53:61:80:02:02:4a:a8:df:40:cc:54:c7:a4:fa:
39:9a:df:9e:b1:27:4a:ac:bc:8d:d3:50:be:f4:4a:c3:f3:43:
71:fc:e2:51:79:a5:14:1d:71:a2:b5:20:f1:58:20:7c:fb:b7:
ec:bd:25:17:9c:2f:39:b2:1a:7a:cd:a5:50:6d:d3:6d:d6:dd:
59:ad:9e:5d:ea:cc:ad:46:84:01:ba:d2:cd:1e:7b:7d:b8:b0:
e5:19:e9:63:3c:94:4f:fa:17:71:66:b6:34:30:21:87:4f:8f:
c5:4f:22:ca:50:92:27:e5:54:d7:e4:cd:ee:b1:95:92:1e:4a:
e3:b9:0f:19:54:90:b5:87:1d:f8:d0:03:aa:4f:7f:0f:5b:a1:
46:9d:24:99:da:da:4e:1f:bf:fc:db:06:8a:c2:f1:bf:c0:ec:
0a:4d:38:30:be:5c:13:b5:1d:4e:f2:0e:ef:03:6c:39:af:c5:
b3:ff:4e:f1:fc:78:91:1a:c6:07:f7:da:51:fa:6b:5f:9b:ae:
ae:bc:5b:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4tOcmJCizyHgnpqOCuAL8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjQwMzExMTExNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWI5OGIxNTU5NzNkZDlmY2ZiNjhhMjBiZTU1Nzk0NzZjMzg3NzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1JX5dxdxHaZux9X9Xi0itUxDu1o
uceA2sVakpD4Guvwp/vcx/gL9U9WMyzl4kn/PWFWOKHl3UOupIz4MAjIKIGlhWti
xTSaRWv6jMj7JOd61rhSrGtSm2ZnccxwbujVVYkaaHtIUNlqvQ7+piZNj8Tgazv5
E1PXxbEwmHjWiEO7cKU+HSLIDP7bLyzsoZ8uCteGwo/48mF2qOscwnXfc+nhaWLW
ypSrEvNdGQhhHiGlC2fX8mMC6iBANH3JQ0EZqWLpDslZGU89rb8f+IoZkDx8oL6Y
A4x0pNS5m3zgFQMknNxUXDxhytSk97O5p14i3y+qLBcJ9EEPHT4wAeF99wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDG5ixVZc92fz7aKIL5VeUdsOHcsMB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvTWJtTEZWbHozWl9QdG9vZ3ZsVjVSMnc0ZHl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVm/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBbR3hvaEAfCw6a+0lXq5yw7iTMRUNQiycUlkYdEj9F
sLG5cvIHkbR6qh7Ib6k8qz3oRoV9dJ475yJeU2GAAgJKqN9AzFTHpPo5mt+esSdK
rLyN01C+9ErD80Nx/OJReaUUHXGitSDxWCB8+7fsvSUXnC85shp6zaVQbdNt1t1Z
rZ5d6sytRoQButLNHnt9uLDlGeljPJRP+hdxZrY0MCGHT4/FTyLKUJIn5VTX5M3u
sZWSHkrjuQ8ZVJC1hx340AOqT38PW6FGnSSZ2tpOH7/82waKwvG/wOwKTTgwvlwT
tR1O8g7vA2w5r8Wz/07x/HiRGsYH99pR+mtfm66uvFvo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:14 2025 by rpki-client