Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/MP28zP7IqRJNC_Eew6mEi7wssdQ.roa
File: MP28zP7IqRJNC_Eew6mEi7wssdQ.roa (raw, json)
Hash identifier: FQz2RYvbqG/Mih7xmtGPkRNAlUP9b9rRdtl7qe36Is4=
Subject key identifier: 30:FD:BC:CC:FE:C8:A9:12:4D:0B:F1:1E:C3:A9:84:8B:BC:2C:B1:D4
Certificate issuer: /CN=33c5b0d7c0a9cd24b73cdcb92c8746e85a4a5b8f
Certificate serial: 01856C9388307B720E0507A33BE61358C16F
Authority key identifier: 33:C5:B0:D7:C0:A9:CD:24:B7:3C:DC:B9:2C:87:46:E8:5A:4A:5B:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8Ww18CpzSS3PNy5LIdG6FpKW48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/MP28zP7IqRJNC_Eew6mEi7wssdQ.roa
Signing time: Sun 01 Jan 2023 09:04:46 +0000
ROA not before: Sun 01 Jan 2023 09:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396073
IP address blocks: 195.149.107.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:93:88:30:7b:72:0e:05:07:a3:3b:e6:13:58:c1:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c5b0d7c0a9cd24b73cdcb92c8746e85a4a5b8f
Validity
Not Before: Jan 1 09:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30fdbcccfec8a9124d0bf11ec3a9848bbc2cb1d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:51:81:b9:d4:75:fb:f6:ae:a7:48:78:d2:35:
a5:06:49:c5:83:1a:b9:19:96:a7:1e:08:7d:45:ce:
35:e7:80:9f:27:8a:56:1d:69:3d:ec:c6:6e:19:46:
23:70:ac:a3:9b:a8:1e:4e:44:c4:19:3e:ea:7d:19:
e2:cd:cb:82:66:a7:8b:c6:02:fa:ac:94:54:51:f1:
20:84:8e:55:ae:0f:26:6b:49:57:d3:ce:7d:b9:07:
d7:d3:c6:a7:c9:d2:6b:2f:98:a5:84:fe:fd:cf:97:
7e:38:9e:d3:ce:85:b3:ae:20:fa:60:98:5f:a9:d3:
c2:41:36:42:4d:58:92:b4:76:e9:9b:6c:58:6b:5e:
d6:a6:8c:c8:d6:f0:eb:da:4c:e7:67:19:06:8d:14:
99:1e:10:ad:3a:67:33:0e:40:76:9e:51:6a:d4:e0:
6f:8f:c0:f7:ed:42:47:72:c8:0e:d4:25:00:f9:f5:
c1:6e:07:c6:22:77:a3:8b:ee:d8:61:08:aa:e7:3d:
77:63:a7:a4:bd:54:64:84:14:63:ed:bb:e7:2b:cc:
1a:bc:94:23:81:81:46:7d:c3:16:9d:2f:4f:c3:a3:
10:b0:56:4b:4e:7a:24:6c:04:4e:0c:6a:12:3f:b4:
4a:d1:29:a8:af:2e:f9:39:b1:82:5e:cc:fb:33:9d:
fb:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FD:BC:CC:FE:C8:A9:12:4D:0B:F1:1E:C3:A9:84:8B:BC:2C:B1:D4
X509v3 Authority Key Identifier:
keyid:33:C5:B0:D7:C0:A9:CD:24:B7:3C:DC:B9:2C:87:46:E8:5A:4A:5B:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8Ww18CpzSS3PNy5LIdG6FpKW48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/MP28zP7IqRJNC_Eew6mEi7wssdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/2581f4-8410-4a43-9186-0fab2269ea8e/1/M8Ww18CpzSS3PNy5LIdG6FpKW48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:a3:cc:9d:f5:47:d3:34:e4:1e:0f:41:be:62:1c:b4:ac:1e:
0c:40:f6:f9:56:41:08:a6:25:cb:04:54:d3:82:15:4c:f3:43:
5c:3b:9a:8f:04:27:4a:22:a5:f7:8a:4f:bc:fa:cb:60:5c:d0:
a3:05:f7:38:2d:e6:23:5a:90:c9:48:fb:93:62:b0:dc:09:9e:
c4:24:8e:1a:d6:0e:6e:2c:6b:61:c5:e8:4e:18:c3:cd:ac:66:
61:c1:1d:16:64:a6:15:4a:7d:d0:43:b5:2b:79:14:45:e5:3d:
40:9f:dd:6f:19:f1:e9:c2:fc:e4:cd:2b:a4:0b:bb:1f:8f:f9:
c9:67:98:e2:27:38:62:6f:d4:76:d9:5b:54:ca:44:be:bf:73:
57:d1:d2:b8:00:53:8f:96:04:83:ad:c9:03:e1:5c:ff:07:ab:
58:8a:60:b2:68:67:fa:e8:82:b1:21:c6:47:ec:85:07:04:89:
00:35:48:f6:97:b6:8b:f0:5f:58:7a:05:f8:61:08:cb:9f:db:
7a:03:33:c9:2b:71:1a:b9:58:d6:a4:a3:ee:12:25:d9:c6:3e:
50:04:fe:23:7b:67:44:4d:04:91:1a:09:0a:c4:8c:99:38:bc:
aa:ce:1e:91:04:71:46:25:41:1b:86:83:85:9c:5e:91:62:dd:
c3:30:3e:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsk4gwe3IOBQejO+YTWMFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzViMGQ3YzBhOWNkMjRiNzNjZGNiOTJjODc0NmU4NWE0
YTViOGYwHhcNMjMwMTAxMDkwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZkYmNjY2ZlYzhhOTEyNGQwYmYxMWVjM2E5ODQ4YmJjMmNiMWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlGBudR1+/aup0h40jWlBknFgxq5
GZanHgh9Rc4154CfJ4pWHWk97MZuGUYjcKyjm6geTkTEGT7qfRnizcuCZqeLxgL6
rJRUUfEghI5Vrg8ma0lX0859uQfX08anydJrL5ilhP79z5d+OJ7TzoWzriD6YJhf
qdPCQTZCTViStHbpm2xYa17WpozI1vDr2kznZxkGjRSZHhCtOmczDkB2nlFq1OBv
j8D37UJHcsgO1CUA+fXBbgfGIneji+7YYQiq5z13Y6ekvVRkhBRj7bvnK8wavJQj
gYFGfcMWnS9Pw6MQsFZLTnokbARODGoSP7RK0Smory75ObGCXsz7M537VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD9vMz+yKkSTQvxHsOphIu8LLHUMB8GA1UdIwQY
MBaAFDPFsNfAqc0ktzzcuSyHRuhaSluPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThXdzE4Q3B6U1MzUE55NUxJZEc2RnBLVzQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8yNTgxZjQtODQxMC00YTQzLTkxODYt
MGZhYjIyNjllYThlLzEvTVAyOHpQN0lxUkpOQ19FZXc2bUVpN3dzc2RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8yNTgxZjQtODQxMC00YTQzLTkxODYtMGZhYjIyNjllYThl
LzEvTThXdzE4Q3B6U1MzUE55NUxJZEc2RnBLVzQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VrMA0G
CSqGSIb3DQEBCwUAA4IBAQCgo8yd9UfTNOQeD0G+Yhy0rB4MQPb5VkEIpiXLBFTT
ghVM80NcO5qPBCdKIqX3ik+8+stgXNCjBfc4LeYjWpDJSPuTYrDcCZ7EJI4a1g5u
LGthxehOGMPNrGZhwR0WZKYVSn3QQ7UreRRF5T1An91vGfHpwvzkzSukC7sfj/nJ
Z5jiJzhib9R22VtUykS+v3NX0dK4AFOPlgSDrckD4Vz/B6tYimCyaGf66IKxIcZH
7IUHBIkANUj2l7aL8F9YegX4YQjLn9t6AzPJK3EauVjWpKPuEiXZxj5QBP4je2dE
TQSRGgkKxIyZOLyqzh6RBHFGJUEbhoOFnF6RYt3DMD65
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:48 2024 by rpki-client on console-fra.rpki-client.org