Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mt-ngMzTKctTuqxbClkCknjGEZY.roa
File: Mt-ngMzTKctTuqxbClkCknjGEZY.roa (raw, json)
Hash identifier: L14c+WNWBok8dAW7riQ3RTlc/FLZV42AB0YsPtpacX8=
Subject key identifier: 32:DF:A7:80:CC:D3:29:CB:53:BA:AC:5B:0A:59:02:92:78:C6:11:96
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01874D8A309801055BB4BAD2F3DC9A8B333D
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mt-ngMzTKctTuqxbClkCknjGEZY.roa
Signing time: Tue 04 Apr 2023 18:31:54 +0000
ROA not before: Tue 04 Apr 2023 18:31:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200482
IP address blocks: 185.199.213.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
79.98.246.0/24 maxlen: 24
185.226.183.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4d:8a:30:98:01:05:5b:b4:ba:d2:f3:dc:9a:8b:33:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Apr 4 18:31:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32dfa780ccd329cb53baac5b0a59029278c61196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:39:e8:d7:68:f6:8d:ab:51:a0:b4:83:a7:c0:
5a:00:f6:bb:8d:2d:4e:89:16:43:ff:c0:fc:8d:91:
77:69:f7:aa:fa:43:76:f1:42:9e:3e:4f:fe:3c:33:
d6:dc:53:a4:bd:14:41:74:9c:05:7c:79:8e:f5:6e:
b3:18:ae:39:fb:ef:88:96:b3:14:24:a7:44:cf:9a:
e0:32:31:41:27:6c:a4:04:34:86:21:cc:b1:b9:60:
2c:d2:a0:3c:3b:8b:b0:cc:15:1f:2e:94:09:09:50:
99:6e:9e:6a:cc:13:b4:3d:ec:18:a4:c5:3b:d1:5d:
80:fc:6d:9c:75:84:46:20:00:f1:9e:95:d0:70:d3:
98:93:0c:ec:75:4e:a6:87:58:1a:0c:c4:b3:ad:6d:
f1:ba:57:2c:b9:f0:a6:5e:44:18:29:d4:73:d8:77:
2b:78:18:a6:3d:93:40:15:9a:20:11:a8:d1:6b:5d:
1a:e1:b6:ea:21:45:f5:5b:0b:41:d3:c8:32:7f:41:
b5:5f:74:6d:8a:f9:c4:82:79:08:c9:da:c6:34:ac:
55:cf:c0:fd:dc:85:82:16:a7:fd:f7:73:11:32:5f:
81:a5:ce:17:ac:b4:93:9c:da:e2:4b:b7:25:0a:b0:
39:d6:ac:60:6c:ff:d4:da:64:5f:c8:e8:ca:f3:e9:
8d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DF:A7:80:CC:D3:29:CB:53:BA:AC:5B:0A:59:02:92:78:C6:11:96
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Mt-ngMzTKctTuqxbClkCknjGEZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.209.0/24
79.98.246.0/24
185.199.213.0/24
185.226.183.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:f8:a4:6d:32:b1:6d:2d:cb:e9:fd:59:43:5a:4a:d7:8b:f9:
12:16:35:1b:b2:d2:27:d8:36:42:72:17:4f:28:af:c9:93:17:
08:a9:be:42:41:ce:8f:78:cd:a0:80:d6:c4:4a:27:b5:7a:21:
a6:3e:e6:39:95:58:c6:f7:d5:fd:5f:24:19:de:9d:0f:56:37:
60:22:19:f2:3a:60:e8:b6:15:9f:47:35:40:ff:fb:e8:a3:87:
36:4b:97:2a:f9:29:88:a2:7d:94:95:96:55:3c:55:98:d4:83:
c3:0f:0b:f1:66:38:e0:e4:5f:c2:09:ae:c9:76:e2:ae:72:93:
f0:90:4c:53:1b:12:8e:c9:86:52:56:50:36:7d:f9:77:44:9b:
5d:81:45:3b:59:6f:e3:c3:42:e1:79:d5:88:77:5e:84:45:9f:
78:0f:9e:68:fb:c7:d6:95:0c:af:6d:28:4b:76:39:b7:f2:51:
1d:0e:45:10:2d:97:4c:fc:61:83:80:bf:da:7c:a0:a3:0d:29:
c6:35:3e:54:23:51:58:76:15:4d:e1:70:e1:ac:a1:cb:27:d4:
6c:d9:e2:45:85:13:a9:20:06:e6:35:c2:6f:88:8b:c5:97:63:
ad:c6:2f:a3:62:a1:fd:3f:9c:ca:c0:4c:8c:db:cb:3c:5c:29:
78:e7:cc:90
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYdNijCYAQVbtLrS89yaizM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjMwNDA0MTgzMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRmYTc4MGNjZDMyOWNiNTNiYWFjNWIwYTU5MDI5Mjc4YzYxMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlTno12j2jatRoLSDp8BaAPa7jS1O
iRZD/8D8jZF3afeq+kN28UKePk/+PDPW3FOkvRRBdJwFfHmO9W6zGK45+++IlrMU
JKdEz5rgMjFBJ2ykBDSGIcyxuWAs0qA8O4uwzBUfLpQJCVCZbp5qzBO0PewYpMU7
0V2A/G2cdYRGIADxnpXQcNOYkwzsdU6mh1gaDMSzrW3xulcsufCmXkQYKdRz2Hcr
eBimPZNAFZogEajRa10a4bbqIUX1WwtB08gyf0G1X3RtivnEgnkIydrGNKxVz8D9
3IWCFqf993MRMl+Bpc4XrLSTnNriS7clCrA51qxgbP/U2mRfyOjK8+mNlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDLfp4DM0ynLU7qsWwpZApJ4xhGWMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTXQtbmdNelRLY3RUdXF4YkNsa0NrbmpHRVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZ3RAwQA
T2L2AwQAucfVAwQAueK3MA0GCSqGSIb3DQEBCwUAA4IBAQAO+KRtMrFtLcvp/VlD
WkrXi/kSFjUbstIn2DZCchdPKK/JkxcIqb5CQc6PeM2ggNbESie1eiGmPuY5lVjG
99X9XyQZ3p0PVjdgIhnyOmDothWfRzVA//voo4c2S5cq+SmIon2UlZZVPFWY1IPD
DwvxZjjg5F/CCa7JduKucpPwkExTGxKOyYZSVlA2ffl3RJtdgUU7WW/jw0LhedWI
d16ERZ94D55o+8fWlQyvbShLdjm38lEdDkUQLZdM/GGDgL/afKCjDSnGNT5UI1FY
dhVN4XDhrKHLJ9Rs2eJFhROpIAbmNcJviIvFl2Otxi+jYqH9P5zKwEyM28s8XCl4
58yQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:11 2023 by rpki-client on console-ams.rpki-client.org