Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/MkD0900Mcx9VeYDsVtvAUIF-aP8.roa
File: MkD0900Mcx9VeYDsVtvAUIF-aP8.roa (raw, json)
Hash identifier: 3I7jtFHRzIYs9KJcggYR4pz6d2j6z/LwBCHWQvpBZXg=
Subject key identifier: 32:40:F4:F7:4D:0C:73:1F:55:79:80:EC:56:DB:C0:50:81:7E:68:FF
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018B70E9DC6C24137C6553E5F353293A48F8
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/MkD0900Mcx9VeYDsVtvAUIF-aP8.roa
Signing time: Fri 27 Oct 2023 11:34:16 +0000
ROA not before: Fri 27 Oct 2023 11:34:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212994
IP address blocks: 185.39.28.0/24 maxlen: 24
185.39.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:70:e9:dc:6c:24:13:7c:65:53:e5:f3:53:29:3a:48:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 27 11:34:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3240f4f74d0c731f557980ec56dbc050817e68ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:96:b1:a2:6a:b6:a4:13:57:6e:83:6f:8d:2d:
4d:d8:54:ed:16:e5:f5:76:39:bb:df:bf:14:29:34:
16:46:ae:7c:27:4a:28:c8:80:be:73:60:77:15:de:
27:7d:60:f9:e7:e2:70:df:51:d0:2b:99:0a:18:4b:
d0:85:52:f8:dd:dd:7f:71:5f:45:be:57:8e:01:23:
86:c8:b0:c1:c0:67:36:b7:24:58:01:32:23:0a:75:
c2:4c:f7:a3:72:17:57:db:ff:50:f0:b2:68:6c:6a:
05:a0:c6:85:f2:13:ca:38:6f:08:a7:d1:f4:57:b8:
6f:09:bb:c5:cd:ee:53:72:10:e2:ec:cc:e7:38:40:
c1:ce:48:92:cc:c4:b9:f3:0c:cb:b9:8f:de:cf:15:
e6:50:26:8e:18:77:08:c8:89:e6:4d:47:20:25:15:
fd:a7:a9:ff:3c:62:0f:98:d7:f3:cf:bc:4a:dd:49:
bc:05:7b:45:35:85:91:a6:34:00:92:e8:03:b7:56:
50:2b:25:7f:bc:f5:b2:a3:b2:3e:95:e7:d9:c9:05:
8f:d6:35:4b:3b:87:3d:65:c1:05:85:9f:2e:4d:76:
d7:00:b7:57:7f:60:df:40:58:aa:ed:73:4b:39:73:
0d:bb:a6:84:9a:0d:49:fd:83:23:23:9a:38:d7:27:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:40:F4:F7:4D:0C:73:1F:55:79:80:EC:56:DB:C0:50:81:7E:68:FF
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/MkD0900Mcx9VeYDsVtvAUIF-aP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.28.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:d7:b7:18:e4:91:c6:09:5b:1d:5d:e4:27:ea:6a:8f:b7:db:
e8:af:de:46:c9:eb:67:6a:35:e1:c9:f4:e6:0a:d0:d6:65:94:
9b:6d:c5:b3:72:a8:43:66:41:70:5f:8d:e3:98:b3:22:fa:57:
be:a7:de:84:3b:97:7a:e0:31:4e:24:a9:cf:73:32:97:9f:37:
9e:3a:29:0b:f0:e5:b0:38:46:b1:52:9b:bd:3e:dd:c9:1d:a0:
7f:f5:c8:f1:0b:d2:86:7e:71:91:3e:dd:7b:9c:5a:94:72:01:
a6:b5:bf:ee:48:d4:37:ce:84:e7:f7:af:52:3c:fb:d2:77:e9:
60:f7:10:be:ef:6f:4e:e4:29:9d:8b:07:73:9b:0b:46:cf:02:
2d:ea:04:b4:64:f2:06:d0:d2:89:2a:67:1f:7e:dd:7e:fc:82:
7a:15:54:ba:05:c6:97:81:ff:a1:7b:21:65:ca:41:01:d1:58:
75:4d:31:e7:71:80:6d:73:6a:3f:d7:30:f7:cd:eb:fb:d8:dd:
7a:24:6e:7a:41:bf:47:27:51:8d:78:8a:a6:19:d9:6c:53:2a:
4e:81:27:a8:2e:5d:5d:0c:82:2c:da:ba:a4:a2:51:61:b6:7e:
45:c6:53:95:5f:c1:3e:ef:db:9e:63:fe:41:e8:8d:14:2d:f4:
1e:1b:17:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtw6dxsJBN8ZVPl81MpOkj4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMDI3MTEzNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQwZjRmNzRkMGM3MzFmNTU3OTgwZWM1NmRiYzA1MDgxN2U2OGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZaxomq2pBNXboNvjS1N2FTtFuX1
djm7378UKTQWRq58J0ooyIC+c2B3Fd4nfWD55+Jw31HQK5kKGEvQhVL43d1/cV9F
vleOASOGyLDBwGc2tyRYATIjCnXCTPejchdX2/9Q8LJobGoFoMaF8hPKOG8Ip9H0
V7hvCbvFze5TchDi7MznOEDBzkiSzMS58wzLuY/ezxXmUCaOGHcIyInmTUcgJRX9
p6n/PGIPmNfzz7xK3Um8BXtFNYWRpjQAkugDt1ZQKyV/vPWyo7I+lefZyQWP1jVL
O4c9ZcEFhZ8uTXbXALdXf2DfQFiq7XNLOXMNu6aEmg1J/YMjI5o41ydA3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJA9PdNDHMfVXmA7FbbwFCBfmj/MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvTWtEMDkwME1jeDlWZVlEc1Z0dkFVSUYtYVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuSccMA0G
CSqGSIb3DQEBCwUAA4IBAQBu17cY5JHGCVsdXeQn6mqPt9vor95GyetnajXhyfTm
CtDWZZSbbcWzcqhDZkFwX43jmLMi+le+p96EO5d64DFOJKnPczKXnzeeOikL8OWw
OEaxUpu9Pt3JHaB/9cjxC9KGfnGRPt17nFqUcgGmtb/uSNQ3zoTn969SPPvSd+lg
9xC+729O5CmdiwdzmwtGzwIt6gS0ZPIG0NKJKmcfft1+/IJ6FVS6BcaXgf+heyFl
ykEB0Vh1TTHncYBtc2o/1zD3zev72N16JG56Qb9HJ1GNeIqmGdlsUypOgSeoLl1d
DIIs2rqkolFhtn5FxlOVX8E+79ueY/5B6I0ULfQeGxcy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:58 2024 by rpki-client on console-fra.rpki-client.org