Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/MP9XbDJA_SL2LdbxjPjBzWcVJks.roa
File: MP9XbDJA_SL2LdbxjPjBzWcVJks.roa (raw, json)
Hash identifier: Hsr6kod5KnwQ1aMQKWehdPE6KBizzJEMhIw07nf4wJc=
Subject key identifier: 30:FF:57:6C:32:40:FD:22:F6:2D:D6:F1:8C:F8:C1:CD:67:15:26:4B
Certificate issuer: /CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Certificate serial: 0191023D1C14021C0D746C655962BFE6EF5C
Authority key identifier: BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/MP9XbDJA_SL2LdbxjPjBzWcVJks.roa
Signing time: Tue 30 Jul 2024 06:04:04 +0000
ROA not before: Tue 30 Jul 2024 06:04:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59962
IP address blocks: 178.173.152.0/24 maxlen: 24
178.173.153.0/24 maxlen: 24
178.173.154.0/24 maxlen: 24
178.173.155.0/24 maxlen: 24
178.173.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 31 Jul 2024 05:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:02:3d:1c:14:02:1c:0d:74:6c:65:59:62:bf:e6:ef:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc15921f5ba6bd147ff400117aa9738633f1587d
Validity
Not Before: Jul 30 06:04:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30ff576c3240fd22f62dd6f18cf8c1cd6715264b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:91:36:4e:88:6c:9c:e6:74:21:fc:0a:12:ae:
9e:a0:6d:06:37:38:a0:36:0a:1b:2b:85:54:d6:f7:
ac:d1:71:f8:e0:a3:58:eb:74:6b:b8:0b:84:d8:22:
f2:7b:2b:ad:cd:11:27:84:46:e4:30:d2:0c:d9:13:
99:20:b0:01:44:b8:a8:fd:71:35:4a:6f:31:26:e2:
89:82:ee:3a:0c:85:8b:ea:97:5f:7f:d4:18:86:48:
a5:55:ac:0d:09:63:22:3c:b2:35:d8:98:02:cd:4b:
40:63:c5:15:2d:2e:c4:ec:f2:2e:01:85:ae:c0:81:
d9:23:f0:c8:08:b1:a0:71:86:d6:7d:a1:68:59:dc:
23:f1:5d:5f:29:e5:24:dc:3f:df:0e:91:c5:87:89:
1c:a3:3c:d1:37:1f:8e:25:68:08:96:15:26:ff:ec:
32:d6:90:1a:0d:f7:e8:18:2d:ff:97:b7:1b:66:ab:
48:d0:41:5d:7c:ce:0d:21:3d:97:37:72:75:08:18:
2c:a1:ee:b6:d2:46:89:c9:f0:1e:ba:b6:b5:66:c7:
98:27:f9:ca:d5:2f:c4:c8:07:51:2e:aa:8a:c8:de:
b2:dd:ba:2e:cb:25:b4:a9:d4:41:de:77:f1:db:0d:
35:87:ce:4f:96:48:5e:27:e8:20:07:31:3d:71:fe:
3b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FF:57:6C:32:40:FD:22:F6:2D:D6:F1:8C:F8:C1:CD:67:15:26:4B
X509v3 Authority Key Identifier:
keyid:BC:15:92:1F:5B:A6:BD:14:7F:F4:00:11:7A:A9:73:86:33:F1:58:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vBWSH1umvRR_9AAReqlzhjPxWH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/MP9XbDJA_SL2LdbxjPjBzWcVJks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8e79ab-ba83-44cb-aec0-0990ce7481e7/1/vBWSH1umvRR_9AAReqlzhjPxWH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.152.0-178.173.156.255
Signature Algorithm: sha256WithRSAEncryption
1c:71:5d:6c:95:71:50:8d:cc:dd:2a:6c:19:de:0d:58:45:2f:
b1:db:d4:8a:7b:8f:00:9b:d0:19:19:91:fc:e7:a3:14:9d:27:
95:2c:e2:8f:1d:4a:f3:e9:68:2d:3a:07:f6:d7:5a:67:06:39:
c5:4f:8a:8b:78:8a:0a:24:5e:7b:67:28:22:a0:57:68:db:25:
90:f9:52:5f:73:b6:9b:98:fb:e0:43:2c:39:c0:39:0a:5a:88:
0f:08:21:0a:d1:31:d3:b5:30:ea:3b:27:80:a5:08:e8:d2:04:
85:85:33:c1:1f:b4:4c:1c:c0:9a:83:03:4c:49:aa:04:43:4c:
82:3c:90:53:60:54:c0:fb:7b:5a:f1:47:2b:0b:74:45:80:9b:
81:28:f3:9b:6d:6a:da:b1:a8:cf:87:6c:25:5f:d4:83:bb:22:
34:7a:cb:19:6a:20:7a:e8:21:fc:5a:de:26:f9:bc:ff:50:bb:
87:d0:a7:d4:b9:11:2b:fd:d7:08:72:4b:59:59:4f:f3:75:a0:
00:07:df:d2:0a:d4:2a:6b:a2:44:d1:5f:23:36:d3:43:60:2a:
8d:ea:c2:20:38:4e:55:10:78:bd:b7:85:90:07:f1:15:7a:94:
a4:57:ae:3b:d3:b7:53:b5:84:77:e8:14:a1:72:e5:ee:02:65:
25:73:18:2b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZECPRwUAhwNdGxlWWK/5u9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMTU5MjFmNWJhNmJkMTQ3ZmY0MDAxMTdhYTk3Mzg2MzNm
MTU4N2QwHhcNMjQwNzMwMDYwNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZmNTc2YzMyNDBmZDIyZjYyZGQ2ZjE4Y2Y4YzFjZDY3MTUyNjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZE2TohsnOZ0IfwKEq6eoG0GNzig
NgobK4VU1ves0XH44KNY63RruAuE2CLyeyutzREnhEbkMNIM2ROZILABRLio/XE1
Sm8xJuKJgu46DIWL6pdff9QYhkilVawNCWMiPLI12JgCzUtAY8UVLS7E7PIuAYWu
wIHZI/DICLGgcYbWfaFoWdwj8V1fKeUk3D/fDpHFh4kcozzRNx+OJWgIlhUm/+wy
1pAaDffoGC3/l7cbZqtI0EFdfM4NIT2XN3J1CBgsoe620kaJyfAeura1ZseYJ/nK
1S/EyAdRLqqKyN6y3bouyyW0qdRB3nfx2w01h85PlkheJ+ggBzE9cf47JQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDD/V2wyQP0i9i3W8Yz4wc1nFSZLMB8GA1UdIwQY
MBaAFLwVkh9bpr0Uf/QAEXqpc4Yz8Vh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAt
MDk5MGNlNzQ4MWU3LzEvTVA5WGJESkFfU0wyTGRieGpQakJ6V2NWSmtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84ZTc5YWItYmE4My00NGNiLWFlYzAtMDk5MGNlNzQ4MWU3
LzEvdkJXU0gxdW12UlJfOUFBUmVxbHpoalB4V0gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOyrZgD
BACyrZwwDQYJKoZIhvcNAQELBQADggEBABxxXWyVcVCNzN0qbBneDVhFL7Hb1Ip7
jwCb0BkZkfznoxSdJ5Us4o8dSvPpaC06B/bXWmcGOcVPiot4igokXntnKCKgV2jb
JZD5Ul9ztpuY++BDLDnAOQpaiA8IIQrRMdO1MOo7J4ClCOjSBIWFM8EftEwcwJqD
A0xJqgRDTII8kFNgVMD7e1rxRysLdEWAm4Eo85ttatqxqM+HbCVf1IO7IjR6yxlq
IHroIfxa3ib5vP9Qu4fQp9S5ESv91whyS1lZT/N1oAAH39IK1CprokTRXyM200Ng
Ko3qwiA4TlUQeL23hZAH8RV6lKRXrjvTt1O1hHfoFKFy5e4CZSVzGCs=
-----END CERTIFICATE-----
Generated at Wed Jul 31 07:10:54 2024 by rpki-client on console-fra.rpki-client.org