Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/MgFpzCTrlQnqoP1-s9emzKXCAE8.roa
File: MgFpzCTrlQnqoP1-s9emzKXCAE8.roa (raw, json)
Hash identifier: X1JKACef8cwjEyuaTVnwFzYYs3TkftHRLLgPUsTX8nk=
Subject key identifier: 32:01:69:CC:24:EB:95:09:EA:A0:FD:7E:B3:D7:A6:CC:A5:C2:00:4F
Certificate issuer: /CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Certificate serial: 018CC5DC28B424827BCACEC232CB96707A4C
Authority key identifier: DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/MgFpzCTrlQnqoP1-s9emzKXCAE8.roa
Signing time: Mon 01 Jan 2024 16:29:49 +0000
ROA not before: Mon 01 Jan 2024 16:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43019
IP address blocks: 77.75.91.0/24 maxlen: 24
77.75.89.0/24 maxlen: 24
77.75.90.0/24 maxlen: 24
77.75.88.0/24 maxlen: 24
185.206.201.212/30 maxlen: 30
77.75.94.0/24 maxlen: 24
77.75.95.0/24 maxlen: 24
77.75.93.0/24 maxlen: 24
77.75.92.0/24 maxlen: 24
185.206.203.0/24 maxlen: 24
185.206.201.0/24 maxlen: 24
185.206.202.0/24 maxlen: 24
185.206.200.0/24 maxlen: 24
185.206.201.144/28 maxlen: 28
77.75.95.128/27 maxlen: 27
2a0b:3f80:0:204::/64 maxlen: 64
2a0b:3f87:fc1b::/48 maxlen: 48
2a0b:3f87::/32 maxlen: 32
2a0b:3f87:fc20::/48 maxlen: 48
2a0b:3f80::/32 maxlen: 32
2a0b:3f86::/32 maxlen: 32
2a0b:3f87:fc19::/48 maxlen: 48
2a0b:3f85::/32 maxlen: 32
2a0b:3f82::/32 maxlen: 32
2a0b:3f80:0:203::/64 maxlen: 64
2a0b:3f80:3::/126 maxlen: 126
2a0b:3f80:2::/126 maxlen: 126
2a0b:3f83::/32 maxlen: 32
2a0b:3f80::/29 maxlen: 29
2a0b:3f80:15::/48 maxlen: 48
2a0b:3f87:fc1a::/48 maxlen: 48
2a0b:3f80:0:201::/64 maxlen: 64
2a0b:3f81::/32 maxlen: 32
2a0b:3f80:0:202::/64 maxlen: 64
2a0b:3f87:fc18::/48 maxlen: 48
2a0b:3f84::/32 maxlen: 32
2a0b:3f81::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 29 Jul 2024 20:45:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:28:b4:24:82:7b:ca:ce:c2:32:cb:96:70:7a:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Validity
Not Before: Jan 1 16:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320169cc24eb9509eaa0fd7eb3d7a6cca5c2004f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:94:0b:2f:5b:75:85:bd:6a:c5:0a:8d:de:50:
92:5a:b7:27:f4:8d:8c:a5:99:c5:b4:1c:f0:cd:28:
1f:41:f1:58:1c:8e:2b:ea:98:28:b2:31:00:00:db:
e0:ee:71:9c:49:67:a9:04:24:e0:a4:35:9b:b8:1d:
db:c6:39:5f:d3:34:b0:67:3e:df:92:89:05:f0:24:
30:66:d7:8a:28:29:75:9e:04:8b:c2:56:2d:67:06:
cf:10:b8:3a:08:f2:84:a0:2b:d0:11:fb:c1:b7:de:
9e:25:d7:89:25:ec:57:d6:2c:89:02:61:b5:f1:a3:
e8:09:e4:cf:5a:ab:17:4c:e4:70:c1:11:e4:4b:28:
cd:39:5d:ab:91:4d:03:ce:7d:26:ae:88:08:0c:f8:
ef:cf:52:a1:30:4c:54:95:b1:5c:8c:3c:aa:a6:21:
ea:0e:cb:09:25:33:ad:d3:8a:dc:f6:28:df:20:8d:
9f:e0:4e:43:a7:39:87:7f:3a:7b:19:86:86:ef:53:
18:ae:89:98:a8:b0:7b:db:50:a2:ed:1c:b1:fb:1c:
a6:65:a4:2b:4b:28:c7:41:63:81:87:a6:49:85:7a:
ab:05:2d:d0:73:33:50:29:d3:95:42:4e:c7:39:06:
38:29:ee:11:76:fb:1d:f9:0f:33:20:3d:a5:c9:13:
d0:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:01:69:CC:24:EB:95:09:EA:A0:FD:7E:B3:D7:A6:CC:A5:C2:00:4F
X509v3 Authority Key Identifier:
keyid:DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/MgFpzCTrlQnqoP1-s9emzKXCAE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.88.0/21
185.206.200.0/22
IPv6:
2a0b:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:38:eb:5a:84:ec:87:14:35:50:80:8f:fd:d5:8e:1a:7b:38:
3d:fc:50:19:c8:39:fe:35:29:d2:8a:02:3c:46:3a:3c:42:79:
31:aa:42:aa:5a:f2:82:1f:b3:14:27:97:a6:c5:b9:51:26:35:
e4:33:06:18:45:63:21:01:ea:f0:e1:23:f9:21:8d:29:ee:5d:
fe:94:82:ed:2a:6d:30:4d:c4:97:75:b3:9c:5a:1a:e2:e7:88:
55:7d:2f:e3:3a:6c:3d:94:89:8a:6a:42:cb:b3:4b:bf:b3:e2:
59:33:aa:7d:c1:22:d5:b5:45:36:80:9d:a9:a8:c8:35:6c:79:
6b:41:41:cf:be:a2:22:51:9a:c9:11:45:52:3b:f2:39:a7:27:
b1:07:7c:8d:37:77:d4:b0:3c:df:a8:c2:05:cb:3c:47:de:17:
c6:59:44:1e:be:15:c1:49:cd:01:fa:5b:45:04:c0:05:7b:97:
27:30:3a:5b:fe:b3:42:74:6d:2b:9c:fd:d3:4a:1e:0d:68:5f:
ef:a9:88:c3:be:28:5f:11:bf:96:87:2a:42:48:8b:d8:7f:2d:
c8:ba:d8:62:6c:63:d1:f5:a8:7b:7e:bc:15:3c:b7:9b:07:22:
e6:57:31:d6:e4:85:c8:1a:8f:63:53:13:1c:60:75:2d:1d:87:
fc:69:87:24
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3Ci0JIJ7ys7CMsuWcHpMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYTQ2YjFmY2Q5MmI0N2Y0ZjU1ZmFkMDM4Yzk1ODEzNDBh
OWQzNzAwHhcNMjQwMTAxMTYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAxNjljYzI0ZWI5NTA5ZWFhMGZkN2ViM2Q3YTZjY2E1YzIwMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5QLL1t1hb1qxQqN3lCSWrcn9I2M
pZnFtBzwzSgfQfFYHI4r6pgosjEAANvg7nGcSWepBCTgpDWbuB3bxjlf0zSwZz7f
kokF8CQwZteKKCl1ngSLwlYtZwbPELg6CPKEoCvQEfvBt96eJdeJJexX1iyJAmG1
8aPoCeTPWqsXTORwwRHkSyjNOV2rkU0Dzn0mrogIDPjvz1KhMExUlbFcjDyqpiHq
DssJJTOt04rc9ijfII2f4E5DpzmHfzp7GYaG71MYromYqLB721Ci7Ryx+xymZaQr
SyjHQWOBh6ZJhXqrBS3QczNQKdOVQk7HOQY4Ke4Rdvsd+Q8zID2lyRPQJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDIBacwk65UJ6qD9frPXpsylwgBPMB8GA1UdIwQY
MBaAFNykax/NkrR/T1X60DjJWBNAqdNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmIt
YzZkMmI4ZDFmNTY2LzEvTWdGcHpDVHJsUW5xb1AxLXM5ZW16S1hDQUU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmItYzZkMmI4ZDFmNTY2
LzEvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTUtYAwQC
uc7IMA0EAgACMAcDBQMqCz+AMA0GCSqGSIb3DQEBCwUAA4IBAQALOOtahOyHFDVQ
gI/91Y4aezg9/FAZyDn+NSnSigI8Rjo8QnkxqkKqWvKCH7MUJ5emxblRJjXkMwYY
RWMhAerw4SP5IY0p7l3+lILtKm0wTcSXdbOcWhri54hVfS/jOmw9lImKakLLs0u/
s+JZM6p9wSLVtUU2gJ2pqMg1bHlrQUHPvqIiUZrJEUVSO/I5pyexB3yNN3fUsDzf
qMIFyzxH3hfGWUQevhXBSc0B+ltFBMAFe5cnMDpb/rNCdG0rnP3TSh4NaF/vqYjD
vihfEb+WhypCSIvYfy3IuthibGPR9ah7frwVPLebByLmVzHW5IXIGo9jUxMcYHUt
HYf8aYck
-----END CERTIFICATE-----
Generated at Mon Jul 29 22:50:40 2024 by rpki-client on console-fra.rpki-client.org