Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MewY-MVzeuj2BrE_RLIjbBBSmlw.roa
File: MewY-MVzeuj2BrE_RLIjbBBSmlw.roa (raw, json)
Hash identifier: OX15YzidwwkefnMK0y6FpyF+NnBVRquE2TD/Pj8HuZA=
Subject key identifier: 31:EC:18:F8:C5:73:7A:E8:F6:06:B1:3F:44:B2:23:6C:10:52:9A:5C
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018F7C4BFCE3A3FB987CDEF9F9216DB25ADA
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MewY-MVzeuj2BrE_RLIjbBBSmlw.roa
Signing time: Wed 15 May 2024 12:48:25 +0000
ROA not before: Wed 15 May 2024 12:48:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42910
IP address blocks: 31.210.50.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
188.132.211.0/24 maxlen: 24
188.132.215.0/24 maxlen: 24
188.132.227.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
212.68.36.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 11:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:7c:4b:fc:e3:a3:fb:98:7c:de:f9:f9:21:6d:b2:5a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 15 12:48:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=31ec18f8c5737ae8f606b13f44b2236c10529a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:84:fb:97:22:9a:59:5b:01:11:1a:a1:b4:
ed:25:49:55:2e:02:64:c0:7e:d9:f1:ef:13:ec:c5:
b3:ac:66:a3:e1:24:8d:c1:0f:b4:3d:bf:9b:be:8a:
08:ac:aa:98:ee:45:0d:51:40:61:25:21:4f:a7:a4:
30:5c:b8:e1:2d:47:7b:8b:82:36:6c:45:6a:27:5e:
d8:42:b1:61:9d:02:e5:4e:3d:31:f3:73:8f:3f:6a:
04:cf:06:04:00:f9:e2:e2:47:73:56:9c:7d:70:53:
b5:db:ef:2c:51:71:6b:40:96:ca:da:c2:59:63:3d:
9b:d4:80:1d:3b:41:25:e6:da:90:36:ee:ab:7a:c5:
ff:8c:d1:63:24:8b:55:6c:df:c3:26:9e:ac:7d:0e:
1c:66:f9:f3:c6:7e:10:38:0d:8e:5c:34:9b:01:d5:
1e:aa:d5:d4:e8:bd:22:b3:af:b8:0a:9a:e4:0b:88:
90:27:ab:ff:13:58:c3:84:aa:4f:74:3b:2f:09:8f:
54:fc:2e:5a:c5:bd:af:45:78:65:e2:d0:24:32:cd:
1b:24:80:27:a6:44:9b:7c:34:4e:95:ce:48:94:6d:
01:91:9d:4c:21:43:d8:6e:bb:4e:23:1f:53:fe:d3:
12:a3:ce:9c:94:bd:14:6d:dd:da:52:26:5b:ff:9c:
57:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EC:18:F8:C5:73:7A:E8:F6:06:B1:3F:44:B2:23:6C:10:52:9A:5C
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/MewY-MVzeuj2BrE_RLIjbBBSmlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.50.0/23
31.210.53.0/24
78.135.78.0/24
188.132.170.0/24
188.132.211.0/24
188.132.215.0/24
188.132.227.0-188.132.228.255
212.68.36.0/24
212.68.38.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:83:18:20:c4:13:fa:1c:3c:e1:3f:a3:e6:07:01:fa:0c:70:
b7:5f:bd:13:c6:0e:21:7c:06:da:60:69:a2:1b:df:6b:b4:71:
3e:63:64:5f:17:4b:28:65:0e:78:5f:ff:ea:61:ee:7f:4d:8b:
27:78:5a:4d:21:58:a6:94:91:0c:58:db:65:ed:97:18:7f:2c:
64:f0:f1:f7:dd:9e:90:e8:39:d5:c4:39:68:0f:00:ae:50:d9:
86:fd:53:75:8e:85:14:4c:4e:54:b4:0c:0a:d8:77:60:72:8d:
75:b7:ba:93:b7:37:4b:4d:8d:4b:31:76:28:d3:84:fc:c5:92:
71:09:9a:36:bd:b5:2c:f9:5c:4c:9b:40:0a:9e:d8:1e:6e:33:
59:b5:dc:c7:65:d1:65:5b:bc:af:b9:bb:7e:b5:c3:64:a7:6b:
ee:16:cd:2f:61:27:a6:99:79:66:50:29:71:7c:cc:18:31:53:
b4:b3:eb:ed:11:51:b3:d3:04:0a:fe:90:0b:27:cb:84:55:c2:
97:64:a6:2f:0e:66:35:d4:2c:1f:4f:f1:03:8c:80:f6:a1:2f:
3a:ef:ef:c8:8f:a7:6a:39:06:b9:ea:50:d5:8f:a4:35:cf:10:
a7:f0:c5:27:c2:1b:63:09:09:bf:1a:dc:fa:48:8e:8c:da:66:
6e:96:81:6f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY98S/zjo/uYfN75+SFtslraMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwNTE1MTI0ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWVjMThmOGM1NzM3YWU4ZjYwNmIxM2Y0NGIyMjM2YzEwNTI5YTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcuE+5cimllbAREaobTtJUlVLgJk
wH7Z8e8T7MWzrGaj4SSNwQ+0Pb+bvooIrKqY7kUNUUBhJSFPp6QwXLjhLUd7i4I2
bEVqJ17YQrFhnQLlTj0x83OPP2oEzwYEAPni4kdzVpx9cFO12+8sUXFrQJbK2sJZ
Yz2b1IAdO0El5tqQNu6resX/jNFjJItVbN/DJp6sfQ4cZvnzxn4QOA2OXDSbAdUe
qtXU6L0is6+4CprkC4iQJ6v/E1jDhKpPdDsvCY9U/C5axb2vRXhl4tAkMs0bJIAn
pkSbfDROlc5IlG0BkZ1MIUPYbrtOIx9T/tMSo86clL0Ubd3aUiZb/5xXhQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDHsGPjFc3ro9gaxP0SyI2wQUppcMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvTWV3WS1NVnpldWoyQnJFX1JMSWpiQkJTbWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQBH9IyAwQA
H9I1AwQATodOAwQAvISqAwQAvITTAwQAvITXMAwDBAC8hOMDBAC8hOQDBADURCQD
BADURCYDBADURDEwDQYJKoZIhvcNAQELBQADggEBAH2DGCDEE/ocPOE/o+YHAfoM
cLdfvRPGDiF8BtpgaaIb32u0cT5jZF8XSyhlDnhf/+ph7n9Niyd4Wk0hWKaUkQxY
22Xtlxh/LGTw8ffdnpDoOdXEOWgPAK5Q2Yb9U3WOhRRMTlS0DArYd2ByjXW3upO3
N0tNjUsxdijThPzFknEJmja9tSz5XEybQAqe2B5uM1m13Mdl0WVbvK+5u361w2Sn
a+4WzS9hJ6aZeWZQKXF8zBgxU7Sz6+0RUbPTBAr+kAsny4RVwpdkpi8OZjXULB9P
8QOMgPahLzrv78iPp2o5BrnqUNWPpDXPEKfwxSfCG2MJCb8a3PpIjozaZm6WgW8=
-----END CERTIFICATE-----
Generated at Sat Jun 8 13:42:33 2024 by rpki-client on console-fra.rpki-client.org