Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/MfJa5lIfKeL-k_fTd3ig8TXt6Sc.roa
File: MfJa5lIfKeL-k_fTd3ig8TXt6Sc.roa (raw, json)
Hash identifier: t9clSs7ft2K24H/kr06civzgIhYdPxxYLz5IpV9DIpI=
Subject key identifier: 31:F2:5A:E6:52:1F:29:E2:FE:93:F7:D3:77:78:A0:F1:35:ED:E9:27
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018CF55B269F1E8F5C03DEE14348D8F03C43
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/MfJa5lIfKeL-k_fTd3ig8TXt6Sc.roa
Signing time: Wed 10 Jan 2024 21:50:40 +0000
ROA not before: Wed 10 Jan 2024 21:50:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 195.242.242.0/24 maxlen: 24
195.242.243.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
89.46.10.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Mar 2024 22:11:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f5:5b:26:9f:1e:8f:5c:03:de:e1:43:48:d8:f0:3c:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Jan 10 21:50:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31f25ae6521f29e2fe93f7d37778a0f135ede927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d4:17:96:db:48:2f:68:31:e5:2b:dd:d5:9f:
d3:fa:70:2b:53:b9:44:2a:57:47:5b:e2:c9:a7:04:
b1:c4:da:26:4b:5c:52:04:2f:01:96:12:fc:25:b7:
8e:99:dd:7f:bc:33:62:51:e4:f9:5c:88:34:2a:27:
52:3f:ac:ce:4a:1a:3f:b4:64:e9:77:c9:e3:f9:9a:
52:a2:c0:43:fd:5f:c5:fc:c9:fa:ea:d1:db:d4:0a:
c0:46:30:ca:ec:e7:e3:8a:11:f9:77:63:1f:d3:6c:
b1:01:c5:97:f9:25:02:02:63:dd:cb:3c:0b:9a:c2:
0e:f4:97:dc:6f:0c:a5:b7:e8:ea:9e:94:48:c9:47:
61:01:76:43:8e:76:f0:b7:f7:5f:91:df:35:39:9a:
a5:d6:f9:6d:ad:a7:90:b5:43:b0:4c:18:28:28:87:
0b:1e:5a:79:eb:b0:ef:78:ff:76:96:fc:9d:3b:8b:
d2:a3:4e:9e:e5:92:42:d9:63:67:80:3c:28:b3:82:
d3:13:db:5b:b4:fe:45:35:09:3e:46:10:78:95:73:
48:6f:48:ae:d6:b1:40:92:52:46:ef:27:c8:c7:9b:
79:9f:0d:a4:96:b1:48:61:c0:13:c3:e6:a2:1d:e8:
5e:2d:fb:ea:8f:93:0c:de:26:69:ec:d1:46:0b:bb:
6c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:F2:5A:E6:52:1F:29:E2:FE:93:F7:D3:77:78:A0:F1:35:ED:E9:27
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/MfJa5lIfKeL-k_fTd3ig8TXt6Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
93.114.61.0/24
185.81.180.0/23
195.242.242.0/23
Signature Algorithm: sha256WithRSAEncryption
74:3a:0f:0a:37:65:4e:b8:17:d3:ab:5f:72:75:37:82:eb:28:
f8:2e:46:0e:ed:69:5c:15:45:34:0b:dd:ec:6c:4e:c9:7d:e6:
30:7a:59:a3:e1:e2:f5:3a:e3:47:18:fc:9f:b7:d1:39:50:c3:
fa:f1:9c:bf:6f:5a:93:93:00:b4:82:1f:31:3f:8a:43:d9:58:
ed:1e:e2:17:15:52:79:c7:03:8f:32:19:9a:f3:9d:d0:5b:3d:
b8:4b:3c:f7:a7:bf:19:01:a9:f7:1a:c0:fc:9b:ae:2c:8e:74:
51:eb:ea:d7:58:6b:ef:23:4f:b6:c8:f1:e7:f1:a5:1b:96:dc:
50:3d:66:81:0f:8b:84:74:6b:e8:b1:7f:78:13:9e:35:99:82:
d2:a9:e6:91:0e:01:2d:04:7b:a9:aa:fc:45:e2:bf:ff:5b:76:
0b:69:c6:37:92:3a:b6:d9:ac:0a:d9:30:dc:6d:c6:fb:4d:9c:
a0:68:e7:eb:b6:fd:e5:77:7a:79:13:95:19:32:ba:04:4c:ce:
3b:35:bf:c1:44:98:75:4d:99:8a:d5:3a:51:6a:13:25:8c:4b:
a4:59:c2:ad:2a:93:46:1a:fc:50:c5:54:03:ab:43:f0:8b:5a:
d2:24:b6:eb:3e:56:37:bf:36:dc:54:7d:a7:bf:dc:bd:f3:ea:
27:37:b3:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYz1WyafHo9cA97hQ0jY8DxDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwMTEwMjE1MDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWYyNWFlNjUyMWYyOWUyZmU5M2Y3ZDM3Nzc4YTBmMTM1ZWRlOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNQXlttIL2gx5Svd1Z/T+nArU7lE
KldHW+LJpwSxxNomS1xSBC8BlhL8JbeOmd1/vDNiUeT5XIg0KidSP6zOSho/tGTp
d8nj+ZpSosBD/V/F/Mn66tHb1ArARjDK7OfjihH5d2Mf02yxAcWX+SUCAmPdyzwL
msIO9Jfcbwylt+jqnpRIyUdhAXZDjnbwt/dfkd81OZql1vltraeQtUOwTBgoKIcL
Hlp567DveP92lvydO4vSo06e5ZJC2WNngDwos4LTE9tbtP5FNQk+RhB4lXNIb0iu
1rFAklJG7yfIx5t5nw2klrFIYcATw+aiHeheLfvqj5MM3iZp7NFGC7ts4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDHyWuZSHyni/pP303d4oPE17eknMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvTWZKYTVsSWZLZUwta19mVGQzaWc4VFh0NlNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWS4KAwQA
XXI9AwQBuVG0AwQBw/LyMA0GCSqGSIb3DQEBCwUAA4IBAQB0Og8KN2VOuBfTq19y
dTeC6yj4LkYO7WlcFUU0C93sbE7JfeYwelmj4eL1OuNHGPyft9E5UMP68Zy/b1qT
kwC0gh8xP4pD2VjtHuIXFVJ5xwOPMhma853QWz24Szz3p78ZAan3GsD8m64sjnRR
6+rXWGvvI0+2yPHn8aUbltxQPWaBD4uEdGvosX94E541mYLSqeaRDgEtBHupqvxF
4r//W3YLacY3kjq22awK2TDcbcb7TZygaOfrtv3ld3p5E5UZMroETM47Nb/BRJh1
TZmK1TpRahMljEukWcKtKpNGGvxQxVQDq0Pwi1rSJLbrPlY3vzbcVH2nv9y98+on
N7Od
-----END CERTIFICATE-----
Generated at Wed Mar 13 23:03:51 2024 by rpki-client on console-fra.rpki-client.org