Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mRzWt8GcoVOPYt6xcDXeOEjOesY.roa
File: mRzWt8GcoVOPYt6xcDXeOEjOesY.roa (raw, json)
Hash identifier: +RSnpfs0ko/uJW8g0XjkrcCkkkn60XZheWOTgaH3QME=
Subject key identifier: 99:1C:D6:B7:C1:9C:A1:53:8F:62:DE:B1:70:35:DE:38:48:CE:7A:C6
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0191F5AEA4AF75326234BD1BEB396D0792E9
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mRzWt8GcoVOPYt6xcDXeOEjOesY.roa
Signing time: Sun 15 Sep 2024 12:35:48 +0000
ROA not before: Sun 15 Sep 2024 12:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198160
IP address blocks: 89.36.32.0/24 maxlen: 24
185.121.133.0/24 maxlen: 24
185.121.135.0/24 maxlen: 24
2a14:6780::/29 maxlen: 48
2a14:6780::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Oct 2024 12:33:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f5:ae:a4:af:75:32:62:34:bd:1b:eb:39:6d:07:92:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Sep 15 12:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991cd6b7c19ca1538f62deb17035de3848ce7ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d3:e3:69:68:bc:e5:3b:e3:68:96:2f:1c:02:
cc:bd:d8:c1:0a:a1:80:6b:82:a2:f8:67:60:40:63:
60:36:ac:44:77:d4:1a:b2:ee:01:ee:0a:2a:4d:9a:
a1:05:13:9d:53:ce:e2:10:9c:34:4c:d3:9a:85:b8:
fa:3a:26:4a:c4:55:d3:f1:41:e8:33:10:31:35:5d:
ff:99:70:38:f9:91:19:f6:17:ed:12:b9:f3:f7:70:
90:01:49:61:5a:5a:67:6f:6b:08:ff:44:48:17:cf:
a1:c3:fc:46:f3:9e:3c:ab:2e:e2:e4:af:38:b5:3a:
d1:07:f3:33:51:41:9b:ff:d9:6a:c5:ee:3d:45:e2:
b1:65:73:ab:4a:e8:5f:47:65:06:f4:ab:ad:74:b1:
37:83:55:f7:9e:8e:01:f3:d8:92:04:53:09:a7:70:
c5:19:b3:d7:e3:c6:10:6e:9b:d2:62:b1:a5:3d:f7:
81:64:21:ee:4c:f0:e6:1a:69:79:ba:a4:d9:ad:13:
c8:fa:07:d9:dd:37:2c:2a:14:a4:45:73:23:0f:90:
eb:02:6d:a9:79:6c:f8:bd:f3:01:9b:70:dc:0d:12:
34:f0:0f:ad:4e:35:05:43:7e:6f:c6:a3:7e:2b:19:
72:6a:48:c3:30:cb:0c:c8:b6:a1:c4:1a:ca:b9:24:
1a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1C:D6:B7:C1:9C:A1:53:8F:62:DE:B1:70:35:DE:38:48:CE:7A:C6
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/mRzWt8GcoVOPYt6xcDXeOEjOesY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.32.0/24
185.121.133.0/24
185.121.135.0/24
IPv6:
2a14:6780::/29
Signature Algorithm: sha256WithRSAEncryption
35:6f:2b:19:f4:76:53:5a:a6:9b:9c:79:b7:8d:7c:50:1d:3e:
6e:ed:8f:a0:8d:df:38:5e:4b:bb:c5:a2:92:7f:3d:54:68:79:
3e:0a:f5:9b:cb:e2:ad:09:b3:5a:8f:dd:87:44:7f:4e:9d:9d:
30:a1:ce:fe:fb:bd:d4:79:3f:f3:81:8b:b5:ca:22:b5:91:ee:
f7:75:63:d7:82:15:46:fc:fa:21:17:37:03:93:a0:42:04:8c:
b0:d3:30:53:5f:9f:0b:39:35:bd:6d:1c:de:61:d4:f8:fb:fb:
eb:1d:25:8d:a6:e0:81:0f:2e:27:b1:6e:26:ad:43:12:6f:bf:
38:d6:6d:36:3f:3a:e2:fa:bf:29:f0:93:49:d7:40:ea:93:29:
86:58:b6:ef:1a:7d:29:0b:89:5c:65:94:08:8d:4b:24:77:50:
6e:ad:a1:19:87:39:a8:94:f3:b4:f4:54:5c:9a:ac:c6:97:68:
ff:3b:de:ec:ce:ad:e8:9d:73:0e:f6:f8:ac:7f:13:67:19:49:
05:35:e0:98:d7:e6:91:2c:85:89:15:5d:21:44:ed:ae:f5:de:
3d:e7:8b:9f:86:2e:f0:4c:f1:62:ff:f2:7d:6a:a3:b3:98:ee:
33:97:66:3c:2d:70:2f:f5:d8:b1:88:f2:34:10:a0:61:b6:15:
e7:cf:4c:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZH1rqSvdTJiNL0b6zltB5LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjQwOTE1MTIzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFjZDZiN2MxOWNhMTUzOGY2MmRlYjE3MDM1ZGUzODQ4Y2U3YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39PjaWi85TvjaJYvHALMvdjBCqGA
a4Ki+GdgQGNgNqxEd9Qasu4B7goqTZqhBROdU87iEJw0TNOahbj6OiZKxFXT8UHo
MxAxNV3/mXA4+ZEZ9hftErnz93CQAUlhWlpnb2sI/0RIF8+hw/xG8548qy7i5K84
tTrRB/MzUUGb/9lqxe49ReKxZXOrSuhfR2UG9KutdLE3g1X3no4B89iSBFMJp3DF
GbPX48YQbpvSYrGlPfeBZCHuTPDmGml5uqTZrRPI+gfZ3TcsKhSkRXMjD5DrAm2p
eWz4vfMBm3DcDRI08A+tTjUFQ35vxqN+KxlyakjDMMsMyLahxBrKuSQabwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJkc1rfBnKFTj2LesXA13jhIznrGMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvbVJ6V3Q4R2NvVk9QWXQ2eGNEWGVPRWpPZXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWSQgAwQA
uXmFAwQAuXmHMA0EAgACMAcDBQMqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQA1bysZ
9HZTWqabnHm3jXxQHT5u7Y+gjd84Xku7xaKSfz1UaHk+CvWby+KtCbNaj92HRH9O
nZ0woc7++73UeT/zgYu1yiK1ke73dWPXghVG/PohFzcDk6BCBIyw0zBTX58LOTW9
bRzeYdT4+/vrHSWNpuCBDy4nsW4mrUMSb7841m02Pzri+r8p8JNJ10DqkymGWLbv
Gn0pC4lcZZQIjUskd1BuraEZhzmolPO09FRcmqzGl2j/O97szq3onXMO9visfxNn
GUkFNeCY1+aRLIWJFV0hRO2u9d4954ufhi7wTPFi//J9aqOzmO4zl2Y8LXAv9dix
iPI0EKBhthXnz0xK
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:53 2024 by rpki-client on console-ams.rpki-client.org