Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MNStlojlK6LaCE0nw_BRqRVK5us.roa
File: MNStlojlK6LaCE0nw_BRqRVK5us.roa (raw, json)
Hash identifier: OK8VO4DVXYEwOT9vxhccQtF9FfXk6pvuWcDX/N33dHs=
Subject key identifier: 30:D4:AD:96:88:E5:2B:A2:DA:08:4D:27:C3:F0:51:A9:15:4A:E6:EB
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018CC8DF903EF6AC6ADCEC9648AC8D0FFAD1
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MNStlojlK6LaCE0nw_BRqRVK5us.roa
Signing time: Tue 02 Jan 2024 06:32:23 +0000
ROA not before: Tue 02 Jan 2024 06:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216356
IP address blocks: 185.17.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:90:3e:f6:ac:6a:dc:ec:96:48:ac:8d:0f:fa:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 06:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30d4ad9688e52ba2da084d27c3f051a9154ae6eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:58:02:d7:fe:73:ca:bf:f0:25:4c:8e:4f:7a:
c8:9b:90:a0:05:ac:f8:e2:6a:18:dc:9e:3d:1a:c3:
e6:e6:a4:69:02:7c:04:3f:22:9c:bb:c2:29:bc:ab:
11:a9:b0:a2:d4:65:86:af:1f:3c:a8:c3:8a:b1:5d:
55:ab:f5:18:42:86:4c:7d:4c:43:05:c5:c2:9c:2f:
8f:47:38:15:a2:52:53:5c:a1:d4:e0:bc:cf:3e:cc:
77:84:d9:8b:63:d2:e8:9a:13:89:02:c2:c5:4c:98:
c8:30:85:00:f6:a2:72:77:51:5c:40:46:04:e5:24:
04:8e:01:24:e7:18:92:77:ac:84:76:ca:d5:16:7e:
f0:4e:24:7f:75:be:3a:47:32:73:56:ef:44:2f:d0:
28:2c:7e:4b:3b:ce:9d:a2:c8:d5:fd:4d:85:6f:e2:
e1:17:dc:5b:40:c2:54:53:3d:0c:77:ce:09:e2:85:
35:0e:56:35:0f:39:76:60:76:e2:5b:e6:a2:d3:9a:
60:8f:22:ab:f9:f7:7e:46:79:2d:36:e3:07:7d:44:
22:83:68:f7:92:82:80:98:8e:bf:fd:e0:f8:30:c2:
59:3a:51:95:b7:f9:5b:1c:3d:aa:7c:9d:35:74:4b:
4e:53:24:82:95:0b:a8:08:e5:c9:64:34:73:33:00:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D4:AD:96:88:E5:2B:A2:DA:08:4D:27:C3:F0:51:A9:15:4A:E6:EB
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MNStlojlK6LaCE0nw_BRqRVK5us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.137.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:5c:73:c5:7f:6f:f8:64:6f:ed:d7:e7:dd:80:d0:c5:63:11:
c8:d7:40:a9:bc:64:c4:6f:37:19:af:23:e4:71:46:c0:62:0b:
c7:bd:ea:90:fa:66:26:57:d8:0f:62:fc:92:a3:b1:fa:60:bb:
f2:53:61:83:03:b7:65:1c:48:86:66:08:1c:96:d4:bc:a0:c0:
74:bf:cd:d4:1c:86:b8:f2:07:41:b3:e1:18:d5:02:8d:fc:58:
dd:12:75:7d:f4:ff:a6:bf:80:04:b2:95:a1:7c:70:ba:2b:9d:
9e:58:8b:44:2e:9c:07:f0:9a:51:d0:dc:82:48:a3:d6:6c:fe:
98:24:81:fc:4a:ce:e3:0d:36:56:fa:50:9c:12:36:fe:38:b2:
f3:69:4e:37:d1:10:dd:e6:8a:d2:4a:a1:f7:61:bb:30:12:bf:
8d:dc:1b:7d:db:42:b5:5a:f0:0c:1e:19:23:f9:e1:28:79:6f:
b9:b0:9b:47:34:a7:09:67:d0:80:87:26:ae:d0:ab:0f:6b:ec:
30:a5:d4:79:f2:85:b3:5a:0d:b8:cd:de:5a:b1:c7:a4:90:c5:
c4:70:38:82:c2:83:cc:ed:75:2c:5c:77:08:2a:c0:97:b2:81:
da:50:e4:16:d6:bf:db:ba:ad:32:ee:b1:00:f4:a2:04:35:8b:
b6:88:66:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI35A+9qxq3OyWSKyND/rRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwMTAyMDYzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ0YWQ5Njg4ZTUyYmEyZGEwODRkMjdjM2YwNTFhOTE1NGFlNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lgC1/5zyr/wJUyOT3rIm5CgBaz4
4moY3J49GsPm5qRpAnwEPyKcu8IpvKsRqbCi1GWGrx88qMOKsV1Vq/UYQoZMfUxD
BcXCnC+PRzgVolJTXKHU4LzPPsx3hNmLY9LomhOJAsLFTJjIMIUA9qJyd1FcQEYE
5SQEjgEk5xiSd6yEdsrVFn7wTiR/db46RzJzVu9EL9AoLH5LO86dosjV/U2Fb+Lh
F9xbQMJUUz0Md84J4oU1DlY1Dzl2YHbiW+ai05pgjyKr+fd+RnktNuMHfUQig2j3
koKAmI6//eD4MMJZOlGVt/lbHD2qfJ01dEtOUySClQuoCOXJZDRzMwA4mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDDUrZaI5Sui2ghNJ8PwUakVSubrMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTU5TdGxvamxLNkxhQ0UwbndfQlJxUlZLNXVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRGJMA0G
CSqGSIb3DQEBCwUAA4IBAQBLXHPFf2/4ZG/t1+fdgNDFYxHI10CpvGTEbzcZryPk
cUbAYgvHveqQ+mYmV9gPYvySo7H6YLvyU2GDA7dlHEiGZggcltS8oMB0v83UHIa4
8gdBs+EY1QKN/FjdEnV99P+mv4AEspWhfHC6K52eWItELpwH8JpR0NyCSKPWbP6Y
JIH8Ss7jDTZW+lCcEjb+OLLzaU430RDd5orSSqH3YbswEr+N3Bt920K1WvAMHhkj
+eEoeW+5sJtHNKcJZ9CAhyau0KsPa+wwpdR58oWzWg24zd5ascekkMXEcDiCwoPM
7XUsXHcIKsCXsoHaUOQW1r/buq0y7rEA9KIENYu2iGaZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:28 2025 by rpki-client