Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MkVfjjgier4eOq2kBi1yneNv8-w.roa
File: MkVfjjgier4eOq2kBi1yneNv8-w.roa (raw, json)
Hash identifier: XeCXtmg6qGgW5fvI94qW3trcMcKy4FyAbE3ddWlR9oc=
Subject key identifier: 32:45:5F:8E:38:22:7A:BE:1E:3A:AD:A4:06:2D:72:9D:E3:6F:F3:EC
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018A4C7A1866DE9D13E49E457CC809B857EF
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MkVfjjgier4eOq2kBi1yneNv8-w.roa
Signing time: Thu 31 Aug 2023 16:43:04 +0000
ROA not before: Thu 31 Aug 2023 16:43:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57217
IP address blocks: 193.36.216.0/22 maxlen: 22
176.116.224.0/22 maxlen: 22
176.107.64.0/21 maxlen: 21
176.121.32.0/21 maxlen: 21
91.237.91.0/24 maxlen: 24
176.121.40.0/21 maxlen: 21
46.174.200.0/22 maxlen: 22
176.121.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 02 Jan 2024 04:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4c:7a:18:66:de:9d:13:e4:9e:45:7c:c8:09:b8:57:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Aug 31 16:43:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32455f8e38227abe1e3aada4062d729de36ff3ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:6f:00:03:0f:65:e8:4d:c1:61:86:af:6a:0c:
54:c7:23:a1:69:e3:ab:e1:d2:3f:ea:e0:4c:0f:58:
26:47:ff:17:6a:08:41:b8:1e:09:71:d2:3f:e2:7e:
1d:53:fc:f0:6b:87:1d:d9:61:63:73:1d:71:9d:16:
9a:bf:22:66:ac:48:91:3c:2e:6d:07:e5:48:67:f3:
87:06:80:93:8c:41:64:74:b8:f6:a6:91:46:f0:2e:
bb:98:a5:5b:c7:e7:72:03:fe:41:6e:a5:21:ef:26:
1b:10:26:89:1f:ed:68:7b:da:ea:74:8d:c3:e6:e9:
fe:fb:e2:86:40:de:6e:98:74:49:62:8a:f0:74:67:
91:3b:62:51:12:5c:09:a9:b6:ec:3b:5f:66:68:bb:
80:04:1c:13:99:ac:8c:78:0a:2a:0b:e5:b3:03:f1:
7a:c5:e2:82:e2:61:48:bf:e4:d3:32:a3:25:18:93:
ba:27:6c:3f:6e:5d:e9:1a:06:8b:cc:fb:4d:3d:7e:
d1:27:aa:66:1b:23:04:e1:2f:80:0d:3e:c0:83:7a:
6c:16:30:6e:12:92:82:f6:90:ab:7e:a2:95:07:bb:
bc:ec:14:71:80:6a:3f:49:84:2d:00:8a:8a:20:05:
27:39:76:87:62:ba:2e:0c:5e:18:84:c3:0d:6f:49:
36:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:45:5F:8E:38:22:7A:BE:1E:3A:AD:A4:06:2D:72:9D:E3:6F:F3:EC
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/MkVfjjgier4eOq2kBi1yneNv8-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.200.0/22
91.237.91.0/24
176.107.64.0/21
176.116.224.0/22
176.121.32.0/20
176.121.104.0/22
193.36.216.0/22
Signature Algorithm: sha256WithRSAEncryption
06:6c:bd:dc:6e:6a:d7:3c:cb:45:56:aa:65:b7:06:ba:ca:af:
4f:27:02:9a:c7:83:56:3f:34:8f:af:ec:06:6b:80:12:b7:bd:
74:e0:0a:c7:97:f0:a3:77:48:42:ec:d3:42:34:3b:87:41:93:
88:0c:76:09:47:f2:af:7c:37:04:9b:fd:f0:03:ba:74:72:4a:
bc:4f:24:1c:ab:d3:6a:0b:b7:33:90:b2:61:a2:11:23:e1:05:
d0:ec:86:26:33:58:34:3d:6f:2c:09:bf:20:f2:33:28:4b:fa:
73:5f:dc:bf:4d:9b:4e:8b:3d:82:fc:45:90:17:09:11:46:57:
a1:fe:e9:72:f4:09:43:c7:e8:38:14:1b:d9:b3:ca:cd:90:e5:
7e:5d:99:0b:6e:de:7c:2c:74:4d:c1:2f:84:93:8a:ca:6d:52:
62:62:37:11:01:ba:3a:32:c5:a8:d3:82:34:b9:20:db:d1:a8:
5f:62:96:fc:99:32:8d:69:2f:c6:d2:d7:4c:28:0a:1e:94:14:
62:63:40:8b:20:ab:e4:17:15:99:8a:dc:34:47:aa:2a:00:f0:
7e:ec:66:fe:88:c4:5f:78:fa:8d:bc:fc:d1:f7:f7:6d:ab:ba:
cf:ad:f4:e1:3e:bb:01:81:ca:e3:92:f3:f1:f2:93:91:6a:37:
e9:ef:1a:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYpMehhm3p0T5J5FfMgJuFfvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjMwODMxMTY0MzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQ1NWY4ZTM4MjI3YWJlMWUzYWFkYTQwNjJkNzI5ZGUzNmZmM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkW8AAw9l6E3BYYavagxUxyOhaeOr
4dI/6uBMD1gmR/8XaghBuB4JcdI/4n4dU/zwa4cd2WFjcx1xnRaavyJmrEiRPC5t
B+VIZ/OHBoCTjEFkdLj2ppFG8C67mKVbx+dyA/5BbqUh7yYbECaJH+1oe9rqdI3D
5un+++KGQN5umHRJYorwdGeRO2JRElwJqbbsO19maLuABBwTmayMeAoqC+WzA/F6
xeKC4mFIv+TTMqMlGJO6J2w/bl3pGgaLzPtNPX7RJ6pmGyME4S+ADT7Ag3psFjBu
EpKC9pCrfqKVB7u87BRxgGo/SYQtAIqKIAUnOXaHYrouDF4YhMMNb0k2KQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDJFX444Inq+HjqtpAYtcp3jb/PsMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTWtWZmpqZ2llcjRlT3Eya0JpMXluZU52OC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLq7IAwQA
W+1bAwQDsGtAAwQCsHTgAwQEsHkgAwQCsHloAwQCwSTYMA0GCSqGSIb3DQEBCwUA
A4IBAQAGbL3cbmrXPMtFVqpltwa6yq9PJwKax4NWPzSPr+wGa4ASt7104ArHl/Cj
d0hC7NNCNDuHQZOIDHYJR/KvfDcEm/3wA7p0ckq8TyQcq9NqC7czkLJhohEj4QXQ
7IYmM1g0PW8sCb8g8jMoS/pzX9y/TZtOiz2C/EWQFwkRRleh/uly9AlDx+g4FBvZ
s8rNkOV+XZkLbt58LHRNwS+Ek4rKbVJiYjcRAbo6MsWo04I0uSDb0ahfYpb8mTKN
aS/G0tdMKAoelBRiY0CLIKvkFxWZitw0R6oqAPB+7Gb+iMRfePqNvPzR9/dtq7rP
rfThPrsBgcrjkvPx8pORajfp7xo2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org