Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/mGUcdlDqCzQaUkdTqoYcebmsHog.roa
File: mGUcdlDqCzQaUkdTqoYcebmsHog.roa (raw, json)
Hash identifier: xBIB9lASYK94sYkM/4abqtH6vTBaEoyEED019lzA/qY=
Subject key identifier: 98:65:1C:76:50:EA:0B:34:1A:52:47:53:AA:86:1C:79:B9:AC:1E:88
Certificate issuer: /CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Certificate serial: 018BDCFB584AD8C1F9D6DA314E8EF55A4098
Authority key identifier: 85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/mGUcdlDqCzQaUkdTqoYcebmsHog.roa
Signing time: Fri 17 Nov 2023 11:12:21 +0000
ROA not before: Fri 17 Nov 2023 11:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29505
IP address blocks: 149.249.127.0/24 maxlen: 24
149.249.64.0/18 maxlen: 18
185.111.68.0/22 maxlen: 22
85.233.0.0/19 maxlen: 19
85.233.8.0/24 maxlen: 24
2a07:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dc:fb:58:4a:d8:c1:f9:d6:da:31:4e:8e:f5:5a:40:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8520b77d035b912ffa406dfddf29e3a2963e6904
Validity
Not Before: Nov 17 11:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98651c7650ea0b341a524753aa861c79b9ac1e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:df:74:ad:f6:90:c8:f5:92:72:eb:6c:d0:57:
ab:cc:aa:26:26:98:f9:7f:32:59:67:15:71:52:5b:
f9:22:96:ef:47:49:5e:b6:6b:4f:ec:4e:5b:59:53:
98:02:5d:55:f4:b8:c1:a7:03:b3:f0:df:68:bb:1d:
84:80:a3:d5:7f:d3:ff:35:cc:a2:0b:37:73:ef:77:
8a:fb:cc:eb:8c:76:9b:68:50:92:59:a0:64:5d:40:
c9:e7:56:8d:89:09:eb:a5:5f:16:09:98:5c:5f:71:
e6:92:0b:44:9f:ef:ba:f1:cb:3f:75:06:5b:03:52:
93:ce:f7:03:74:43:f8:96:f3:83:41:26:75:86:66:
e9:8d:04:ff:42:4d:a4:1f:9d:29:33:f9:8d:78:cb:
09:d8:3e:9e:d5:bb:be:b1:fe:b9:86:74:45:e1:41:
bb:03:fc:0c:d0:f1:8d:36:30:b5:f4:ad:a0:6b:2a:
6c:44:93:7e:2e:b8:d8:7b:4b:db:80:dc:5e:d7:4d:
29:18:30:0e:6d:74:93:93:79:ca:ab:f3:15:bd:2d:
7d:26:0b:64:e2:fb:71:5f:fd:21:6e:21:ec:5e:2e:
40:84:b7:cf:88:9d:a4:2f:2b:e7:78:5a:58:52:d2:
8b:27:f6:83:06:90:f2:b0:98:0f:3d:e9:ac:dd:fe:
0e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:65:1C:76:50:EA:0B:34:1A:52:47:53:AA:86:1C:79:B9:AC:1E:88
X509v3 Authority Key Identifier:
keyid:85:20:B7:7D:03:5B:91:2F:FA:40:6D:FD:DF:29:E3:A2:96:3E:69:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hSC3fQNbkS_6QG393ynjopY-aQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/mGUcdlDqCzQaUkdTqoYcebmsHog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f04686-359b-4744-b930-1af279625fd0/1/hSC3fQNbkS_6QG393ynjopY-aQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.233.0.0/19
149.249.64.0/18
185.111.68.0/22
IPv6:
2a07:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
73:f5:e4:56:76:1b:79:5f:4b:d9:f8:7b:0e:81:aa:36:24:90:
a6:d4:57:c2:23:28:b4:30:11:04:6a:80:39:f6:5a:3d:87:d9:
84:ba:3a:11:dc:d0:6d:46:38:4e:ad:27:6b:69:f0:fc:1b:f5:
79:af:b8:1a:5c:29:e5:e9:46:52:11:94:2f:af:31:53:82:5f:
9e:ee:d8:c9:ec:6d:f7:78:e9:b7:b4:ea:cd:c1:92:e1:f1:10:
90:0c:bf:3f:7b:c9:cf:20:94:99:28:0f:52:b5:aa:e0:c4:a6:
81:90:67:8f:27:7a:20:09:a3:7d:ba:21:17:53:b7:a4:ea:6c:
8e:ed:66:4f:85:e8:1d:81:e4:c8:c2:94:55:dc:0a:92:02:a4:
e0:55:4f:34:95:2f:33:95:84:73:75:31:72:fa:82:63:07:fc:
c5:14:14:89:13:86:99:7f:4c:d8:67:15:7b:74:48:19:95:6b:
fc:b1:b0:df:f2:ba:dc:2f:17:a3:04:e4:a5:40:79:c5:7c:05:
a2:67:7a:5b:34:7f:e3:8a:3b:5e:e6:b1:d0:1d:59:d2:24:54:
b9:64:53:a5:87:3d:9e:da:39:77:f5:79:46:77:7b:a8:b9:59:
85:05:1e:42:3c:20:dd:42:81:cc:e3:70:b4:29:90:fa:ac:8a:
4f:08:22:ab
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYvc+1hK2MH51toxTo71WkCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MjBiNzdkMDM1YjkxMmZmYTQwNmRmZGRmMjllM2EyOTYz
ZTY5MDQwHhcNMjMxMTE3MTExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY1MWM3NjUwZWEwYjM0MWE1MjQ3NTNhYTg2MWM3OWI5YWMxZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN90rfaQyPWScuts0FerzKomJpj5
fzJZZxVxUlv5IpbvR0letmtP7E5bWVOYAl1V9LjBpwOz8N9oux2EgKPVf9P/Ncyi
Czdz73eK+8zrjHabaFCSWaBkXUDJ51aNiQnrpV8WCZhcX3HmkgtEn++68cs/dQZb
A1KTzvcDdEP4lvODQSZ1hmbpjQT/Qk2kH50pM/mNeMsJ2D6e1bu+sf65hnRF4UG7
A/wM0PGNNjC19K2gaypsRJN+LrjYe0vbgNxe100pGDAObXSTk3nKq/MVvS19Jgtk
4vtxX/0hbiHsXi5AhLfPiJ2kLyvneFpYUtKLJ/aDBpDysJgPPems3f4OpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJhlHHZQ6gs0GlJHU6qGHHm5rB6IMB8GA1UdIwQY
MBaAFIUgt30DW5Ev+kBt/d8p46KWPmkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAt
MWFmMjc5NjI1ZmQwLzEvbUdVY2RsRHFDelFhVWtkVHFvWWNlYm1zSG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mMDQ2ODYtMzU5Yi00NzQ0LWI5MzAtMWFmMjc5NjI1ZmQw
LzEvaFNDM2ZRTmJrU182UUczOTN5bmpvcFktYVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFVekAAwQG
lflAAwQCuW9EMA0EAgACMAcDBQMqB2xAMA0GCSqGSIb3DQEBCwUAA4IBAQBz9eRW
dht5X0vZ+HsOgao2JJCm1FfCIyi0MBEEaoA59lo9h9mEujoR3NBtRjhOrSdrafD8
G/V5r7gaXCnl6UZSEZQvrzFTgl+e7tjJ7G33eOm3tOrNwZLh8RCQDL8/e8nPIJSZ
KA9StargxKaBkGePJ3ogCaN9uiEXU7ek6myO7WZPhegdgeTIwpRV3AqSAqTgVU80
lS8zlYRzdTFy+oJjB/zFFBSJE4aZf0zYZxV7dEgZlWv8sbDf8rrcLxejBOSlQHnF
fAWiZ3pbNH/jijte5rHQHVnSJFS5ZFOlhz2e2jl39XlGd3uouVmFBR5CPCDdQoHM
43C0KZD6rIpPCCKr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:23 2024 by rpki-client on console-fra.rpki-client.org