Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/Mkpn7tHQSN46TeyBdxMh5ZmQTw0.roa
File: Mkpn7tHQSN46TeyBdxMh5ZmQTw0.roa (raw, json)
Hash identifier: IRsFjbH0y+avxqizjwc4Sf4PVmekgtRgBeQFJSYS3q4=
Subject key identifier: 32:4A:67:EE:D1:D0:48:DE:3A:4D:EC:81:77:13:21:E5:99:90:4F:0D
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 018CC94E3E5E1C9D04235A80363EDC3A73B2
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/Mkpn7tHQSN46TeyBdxMh5ZmQTw0.roa
Signing time: Tue 02 Jan 2024 08:33:17 +0000
ROA not before: Tue 02 Jan 2024 08:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205185
IP address blocks: 185.226.108.0/22 maxlen: 24
185.152.84.0/22 maxlen: 24
45.129.172.0/22 maxlen: 24
185.136.236.0/22 maxlen: 24
2a0d:8600::/29 maxlen: 48
2a0f:dc40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 07 Feb 2024 12:52:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:3e:5e:1c:9d:04:23:5a:80:36:3e:dc:3a:73:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: Jan 2 08:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=324a67eed1d048de3a4dec81771321e599904f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c1:6f:f7:d0:20:2a:f1:24:e6:19:48:90:b4:
a8:be:7a:3f:34:23:c6:bd:bc:bd:70:b5:88:44:3f:
61:f6:68:b8:2c:25:91:5d:43:24:e6:d6:54:08:25:
74:68:59:c9:1e:9a:27:b6:24:74:7a:50:45:0f:5c:
16:c1:8a:85:65:62:98:36:ac:51:5f:1d:b8:b3:ff:
94:11:31:10:ad:13:56:e1:b8:64:09:ec:d6:08:d9:
a5:5a:ea:81:69:85:a0:de:86:0a:7d:90:5e:94:7d:
5e:af:89:18:8f:77:a7:c1:40:09:32:bd:02:fb:cf:
54:40:20:2f:1c:25:07:0e:c9:94:23:ce:5e:e4:8f:
cc:58:7c:84:25:36:3e:04:ae:12:d9:b6:15:bd:e5:
7b:49:4d:fe:c1:dc:b0:b4:a8:f2:a9:8f:de:53:94:
35:15:82:80:27:3b:8e:8a:c4:10:0e:e6:1e:3b:78:
0a:e4:e6:a6:37:8e:11:e5:11:1b:a4:3b:94:53:30:
c4:c8:ad:e6:47:7b:67:e6:a9:68:5e:c4:f1:3a:d4:
0e:c1:22:0a:69:e4:0e:b5:48:e4:28:e2:d1:1c:d2:
56:7d:0a:9b:6e:0a:15:a5:e2:29:11:cd:49:60:ae:
cb:b2:ad:43:d0:c5:a9:80:a7:8c:e0:40:0d:cf:a4:
8b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4A:67:EE:D1:D0:48:DE:3A:4D:EC:81:77:13:21:E5:99:90:4F:0D
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/Mkpn7tHQSN46TeyBdxMh5ZmQTw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.172.0/22
185.136.236.0/22
185.152.84.0/22
185.226.108.0/22
IPv6:
2a0d:8600::/29
2a0f:dc40::/29
Signature Algorithm: sha256WithRSAEncryption
4c:8f:42:6b:94:af:50:79:64:56:d7:3b:f9:41:f5:11:6f:66:
bb:96:51:f0:48:85:9d:63:ae:5d:78:b5:ec:be:dc:98:f3:e6:
7f:0b:d8:87:63:aa:a3:bf:42:a6:a3:2e:5c:90:63:41:45:dd:
d5:11:5b:03:d5:eb:a7:e1:bc:f2:69:c2:46:a8:95:ea:e9:7d:
84:ab:88:69:47:c2:59:0a:fe:b8:c2:4e:43:98:80:0f:4a:a6:
b9:8a:34:72:2c:85:f3:8e:22:60:4d:4a:0d:d6:5f:54:ef:05:
7c:3c:70:d2:33:a4:37:1b:dc:f1:4c:fc:ed:cb:87:95:73:db:
a4:66:a2:53:d7:aa:81:c1:46:4b:d4:28:d6:6b:71:b5:f5:1f:
61:06:f6:06:b8:19:e2:f0:01:11:38:23:34:7f:a3:ae:01:b3:
c4:b1:c7:cb:17:b3:93:41:e1:c1:ba:c5:49:d8:af:ec:b6:94:
8e:31:1f:13:d5:bb:35:b4:86:a3:d6:55:de:8b:03:30:6d:d8:
f9:94:44:56:c6:3a:cb:f4:c6:d4:d1:58:38:00:67:80:8e:91:
e8:0e:73:6b:1e:83:72:63:83:b7:12:dc:ea:9d:66:2e:c5:3e:
86:27:90:c4:43:55:29:d7:e7:59:1a:ca:32:67:42:8f:96:c7:
ec:e2:02:85
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzJTj5eHJ0EI1qANj7cOnOyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjQwMTAyMDgzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRhNjdlZWQxZDA0OGRlM2E0ZGVjODE3NzEzMjFlNTk5OTA0ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcFv99AgKvEk5hlIkLSovno/NCPG
vby9cLWIRD9h9mi4LCWRXUMk5tZUCCV0aFnJHpontiR0elBFD1wWwYqFZWKYNqxR
Xx24s/+UETEQrRNW4bhkCezWCNmlWuqBaYWg3oYKfZBelH1er4kYj3enwUAJMr0C
+89UQCAvHCUHDsmUI85e5I/MWHyEJTY+BK4S2bYVveV7SU3+wdywtKjyqY/eU5Q1
FYKAJzuOisQQDuYeO3gK5OamN44R5REbpDuUUzDEyK3mR3tn5qloXsTxOtQOwSIK
aeQOtUjkKOLRHNJWfQqbbgoVpeIpEc1JYK7Lsq1D0MWpgKeM4EANz6SLtwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDJKZ+7R0EjeOk3sgXcTIeWZkE8NMB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvTWtwbjd0SFFTTjQ2VGV5QmR4TWg1Wm1RVHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCLYGsAwQC
uYjsAwQCuZhUAwQCueJsMBQEAgACMA4DBQMqDYYAAwUDKg/cQDANBgkqhkiG9w0B
AQsFAAOCAQEATI9Ca5SvUHlkVtc7+UH1EW9mu5ZR8EiFnWOuXXi17L7cmPPmfwvY
h2Oqo79CpqMuXJBjQUXd1RFbA9Xrp+G88mnCRqiV6ul9hKuIaUfCWQr+uMJOQ5iA
D0qmuYo0ciyF844iYE1KDdZfVO8FfDxw0jOkNxvc8Uz87cuHlXPbpGaiU9eqgcFG
S9Qo1mtxtfUfYQb2BrgZ4vABETgjNH+jrgGzxLHHyxezk0HhwbrFSdiv7LaUjjEf
E9W7NbSGo9ZV3osDMG3Y+ZREVsY6y/TG1NFYOABngI6R6A5zax6DcmODtxLc6p1m
LsU+hieQxENVKdfnWRrKMmdCj5bH7OIChQ==
-----END CERTIFICATE-----
Generated at Wed Feb 7 17:43:43 2024 by rpki-client on console-fra.rpki-client.org