Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/MPcztlAUenNBAsyPhH9epwdlUDk.roa
File: MPcztlAUenNBAsyPhH9epwdlUDk.roa (raw, json)
Hash identifier: J4cVrAc5cF7G1xLzFyic7JYRP6ktcywyc6iAvdetdd0=
Subject key identifier: 30:F7:33:B6:50:14:7A:73:41:02:CC:8F:84:7F:5E:A7:07:65:50:39
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018AA775CEE2ADD4E6A9E8CF7A43E123E772
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/MPcztlAUenNBAsyPhH9epwdlUDk.roa
Signing time: Mon 18 Sep 2023 08:43:50 +0000
ROA not before: Mon 18 Sep 2023 08:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 91.209.234.0/24 maxlen: 24
77.75.180.0/24 maxlen: 24
185.193.68.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 12:06:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:75:ce:e2:ad:d4:e6:a9:e8:cf:7a:43:e1:23:e7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Sep 18 08:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f733b650147a734102cc8f847f5ea707655039
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ed:5e:40:52:8c:6b:7b:13:c5:2d:14:e0:eb:
3c:4f:8f:1c:7c:13:69:a5:d4:6f:93:55:90:92:12:
ab:ad:20:aa:8b:3d:5a:6a:48:d4:56:9e:eb:a0:9a:
65:7f:8f:a2:42:9d:31:58:a1:83:26:ec:9b:1f:95:
b7:fe:27:87:d3:7b:9e:c5:81:52:0c:da:a0:17:90:
f6:ae:45:5f:f4:80:4e:9b:02:cc:b6:ee:77:0b:16:
50:e1:9c:29:a6:02:70:bb:79:e2:2a:eb:a2:a2:33:
69:2f:03:d9:7d:4e:28:e6:fc:f2:f2:91:4d:7c:64:
93:bc:a3:66:d6:91:db:b0:87:32:6d:ba:cd:0e:46:
51:59:81:10:56:b0:45:47:c4:42:a8:e8:6f:4a:99:
74:14:eb:12:f4:e2:35:34:97:c9:2f:15:a6:f5:b3:
90:c2:37:da:32:fa:1f:37:a2:ee:4a:0e:e2:f8:35:
3c:2c:87:78:90:ef:ab:fa:25:ed:fb:a4:b8:fa:9c:
50:e1:ce:d8:55:47:b2:6c:3e:88:2d:f4:62:08:2d:
79:8c:36:b0:8a:67:69:fb:cd:3d:37:08:1b:40:ae:
eb:6c:9d:46:c1:2b:9f:0c:41:3e:ef:d9:4a:0f:7a:
9a:a6:fa:67:64:e6:60:39:59:ab:d2:79:42:17:aa:
65:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F7:33:B6:50:14:7A:73:41:02:CC:8F:84:7F:5E:A7:07:65:50:39
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/MPcztlAUenNBAsyPhH9epwdlUDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.180.0/24
91.209.234.0/24
185.193.68.0/22
Signature Algorithm: sha256WithRSAEncryption
85:11:06:bd:02:1a:65:ba:85:36:84:17:fa:53:e3:e3:fc:23:
3b:68:8a:ed:bb:60:3e:91:5d:47:b6:45:ac:58:5f:9f:27:c5:
b4:ed:24:96:1b:fc:70:65:80:a7:4e:b1:91:74:2e:29:0d:2e:
42:39:4f:33:5c:a2:dd:d6:44:c1:39:30:26:ed:43:3d:11:5c:
8b:9c:84:fe:2e:9a:4d:62:7c:61:21:2f:65:c3:36:8b:91:23:
ae:cf:94:9c:6a:f5:40:5a:90:53:a5:44:dc:75:1b:cf:b7:e3:
66:fd:e6:80:39:d0:ec:22:b5:cc:5e:66:6a:69:05:cb:29:62:
e8:ea:0a:c7:b1:0f:63:d8:19:21:66:97:49:60:93:13:e0:d1:
ed:24:d8:f3:0b:f5:15:90:af:74:9b:7e:e9:07:d0:7a:e5:7b:
98:d6:74:68:5f:86:cb:95:39:d3:17:52:01:0f:ca:3a:fe:53:
a9:f8:1e:32:6d:ba:c2:87:82:45:dd:0d:e9:96:74:0f:d0:24:
d1:12:90:3f:f6:37:75:1f:06:e2:13:a9:1f:9c:76:5e:8b:49:
e4:39:49:e2:8b:22:d9:e6:d0:4f:da:ac:40:00:ce:10:43:5c:
4d:c4:56:80:c0:f3:75:4e:ea:d0:b0:64:2e:e2:2f:1d:f9:82:
0c:41:6a:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqndc7irdTmqejPekPhI+dyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjMwOTE4MDg0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGY3MzNiNjUwMTQ3YTczNDEwMmNjOGY4NDdmNWVhNzA3NjU1MDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAou1eQFKMa3sTxS0U4Os8T48cfBNp
pdRvk1WQkhKrrSCqiz1aakjUVp7roJplf4+iQp0xWKGDJuybH5W3/ieH03uexYFS
DNqgF5D2rkVf9IBOmwLMtu53CxZQ4ZwppgJwu3niKuuiojNpLwPZfU4o5vzy8pFN
fGSTvKNm1pHbsIcybbrNDkZRWYEQVrBFR8RCqOhvSpl0FOsS9OI1NJfJLxWm9bOQ
wjfaMvofN6LuSg7i+DU8LId4kO+r+iXt+6S4+pxQ4c7YVUeybD6ILfRiCC15jDaw
imdp+809NwgbQK7rbJ1GwSufDEE+79lKD3qapvpnZOZgOVmr0nlCF6pl1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDD3M7ZQFHpzQQLMj4R/XqcHZVA5MB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvTVBjenRsQVVlbk5CQXN5UGhIOWVwd2RsVURrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATUu0AwQA
W9HqAwQCucFEMA0GCSqGSIb3DQEBCwUAA4IBAQCFEQa9AhpluoU2hBf6U+Pj/CM7
aIrtu2A+kV1HtkWsWF+fJ8W07SSWG/xwZYCnTrGRdC4pDS5COU8zXKLd1kTBOTAm
7UM9EVyLnIT+LppNYnxhIS9lwzaLkSOuz5ScavVAWpBTpUTcdRvPt+Nm/eaAOdDs
IrXMXmZqaQXLKWLo6grHsQ9j2BkhZpdJYJMT4NHtJNjzC/UVkK90m37pB9B65XuY
1nRoX4bLlTnTF1IBD8o6/lOp+B4ybbrCh4JF3Q3plnQP0CTREpA/9jd1HwbiE6kf
nHZei0nkOUniiyLZ5tBP2qxAAM4QQ1xNxFaAwPN1TurQsGQu4i8d+YIMQWqJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:19 2024 by rpki-client on console-fra.rpki-client.org