Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mjp_jeIx-Xlqoly4O2DfSapczGk.roa
File: mjp_jeIx-Xlqoly4O2DfSapczGk.roa (raw, json)
Hash identifier: EoWOYXCoCTihcI2LpIzqfGJ8WNn0LHaiC+BwAybeNhk=
Subject key identifier: 9A:3A:7F:8D:E2:31:F9:79:6A:A2:5C:B8:3B:60:DF:49:AA:5C:CC:69
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018D41952C0011B20A1D4DE678127925CC2C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mjp_jeIx-Xlqoly4O2DfSapczGk.roa
Signing time: Thu 25 Jan 2024 17:05:11 +0000
ROA not before: Thu 25 Jan 2024 17:05:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133296
IP address blocks: 31.133.24.0/22 maxlen: 22
91.218.252.0/23 maxlen: 23
91.218.254.0/23 maxlen: 23
91.246.184.0/22 maxlen: 22
93.120.39.0/24 maxlen: 24
176.107.72.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 10 May 2024 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:41:95:2c:00:11:b2:0a:1d:4d:e6:78:12:79:25:cc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 25 17:05:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a3a7f8de231f9796aa25cb83b60df49aa5ccc69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:36:f2:32:5e:3c:d3:b7:d5:d9:8d:8c:f5:93:
1d:0d:e1:cb:1d:58:89:0b:0c:fe:6f:ee:2b:a3:d3:
63:11:60:f6:ec:e1:d2:57:c2:66:ef:e0:ae:f1:e3:
84:49:c1:bf:2d:18:fd:6e:26:bf:a7:ea:0f:52:7e:
84:f3:34:6f:54:8c:17:fd:74:0f:b2:90:38:f3:d3:
5f:02:2d:6c:14:11:30:d7:c4:0b:66:22:60:17:e6:
63:e5:e3:23:21:4b:af:18:d8:52:7f:87:4d:cb:50:
c2:c9:2d:81:c6:dc:0c:6e:82:a5:4b:76:0e:d1:66:
e5:48:57:6f:57:fb:84:49:0f:93:6d:7c:a5:74:9f:
5c:da:6f:77:45:f2:17:6d:c3:03:0a:46:d1:17:d8:
0e:98:00:cf:84:c1:3e:63:7c:62:a8:98:be:24:ff:
66:19:82:2a:e0:0e:d0:c4:00:61:5c:2a:18:8d:71:
04:00:32:95:77:09:90:7c:fe:a1:7c:42:bb:a3:d8:
6e:52:10:53:10:44:32:1e:f2:b8:1c:10:14:0e:23:
54:79:dc:2f:aa:a0:b6:0a:cb:08:db:13:4f:73:ff:
f9:f3:7f:53:2a:d6:23:bd:aa:6e:26:79:0c:78:02:
28:d4:8d:5d:e6:15:13:5c:f8:7e:b2:6c:82:42:62:
6e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3A:7F:8D:E2:31:F9:79:6A:A2:5C:B8:3B:60:DF:49:AA:5C:CC:69
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/mjp_jeIx-Xlqoly4O2DfSapczGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.24.0/22
91.218.252.0/22
91.246.184.0/22
93.120.39.0/24
176.107.72.0/21
Signature Algorithm: sha256WithRSAEncryption
99:c9:7d:71:ab:c6:f0:5d:10:5a:2e:4d:91:34:22:c6:0a:9a:
dd:28:c2:c4:6d:fd:31:a0:3e:6e:13:bb:91:c3:c7:6b:33:54:
8e:a1:0a:40:89:2a:0b:5b:3c:24:98:d0:17:f3:ff:6c:5e:af:
1d:d7:1b:6e:7c:b7:5e:4f:f8:97:94:67:87:cd:d7:75:b4:51:
f7:ea:5d:06:dd:c3:77:6c:85:00:3c:15:98:35:34:1e:5a:69:
42:7e:03:e3:79:6d:17:a1:4f:b4:0d:f1:79:74:ce:71:ea:5a:
18:cb:e0:8d:a3:40:99:a5:cf:4f:bc:39:4a:15:2b:f1:17:8b:
8c:ca:7c:bc:91:c6:ac:21:87:b2:d1:f3:1a:20:a3:a4:bd:68:
ee:d0:2b:10:96:a1:38:0d:08:11:c2:e4:1a:8d:d3:af:b5:ee:
cb:8a:18:fc:11:2f:84:c5:97:83:85:dd:e8:07:b9:7b:23:86:
68:8e:fb:71:0d:1e:5f:d6:fb:62:13:be:76:a9:75:79:c3:49:
cd:58:53:31:02:19:84:21:11:d1:00:37:03:51:19:31:3b:88:
d1:29:ca:cd:99:9c:03:9e:38:8e:4f:19:ce:b7:b6:59:db:fd:
45:13:f2:86:b9:ac:b1:0e:4a:a0:c7:1d:f2:88:fb:59:33:a4:
91:a9:81:6b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1BlSwAEbIKHU3meBJ5JcwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTI1MTcwNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNhN2Y4ZGUyMzFmOTc5NmFhMjVjYjgzYjYwZGY0OWFhNWNjYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozbyMl4807fV2Y2M9ZMdDeHLHViJ
Cwz+b+4ro9NjEWD27OHSV8Jm7+Cu8eOEScG/LRj9bia/p+oPUn6E8zRvVIwX/XQP
spA489NfAi1sFBEw18QLZiJgF+Zj5eMjIUuvGNhSf4dNy1DCyS2BxtwMboKlS3YO
0WblSFdvV/uESQ+TbXyldJ9c2m93RfIXbcMDCkbRF9gOmADPhME+Y3xiqJi+JP9m
GYIq4A7QxABhXCoYjXEEADKVdwmQfP6hfEK7o9huUhBTEEQyHvK4HBAUDiNUedwv
qqC2CssI2xNPc//5839TKtYjvapuJnkMeAIo1I1d5hUTXPh+smyCQmJuRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJo6f43iMfl5aqJcuDtg30mqXMxpMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbWpwX2plSXgtWGxxb2x5NE8yRGZTYXBjekdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH4UYAwQC
W9r8AwQCW/a4AwQAXXgnAwQDsGtIMA0GCSqGSIb3DQEBCwUAA4IBAQCZyX1xq8bw
XRBaLk2RNCLGCprdKMLEbf0xoD5uE7uRw8drM1SOoQpAiSoLWzwkmNAX8/9sXq8d
1xtufLdeT/iXlGeHzdd1tFH36l0G3cN3bIUAPBWYNTQeWmlCfgPjeW0XoU+0DfF5
dM5x6loYy+CNo0CZpc9PvDlKFSvxF4uMyny8kcasIYey0fMaIKOkvWju0CsQlqE4
DQgRwuQajdOvte7Lihj8ES+ExZeDhd3oB7l7I4ZojvtxDR5f1vtiE752qXV5w0nN
WFMxAhmEIRHRADcDURkxO4jRKcrNmZwDnjiOTxnOt7ZZ2/1FE/KGuayxDkqgxx3y
iPtZM6SRqYFr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org