Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/MVcde3wUuvm9kMMt9myPgHfOscc.roa
File: MVcde3wUuvm9kMMt9myPgHfOscc.roa (raw, json)
Hash identifier: M+Wz42O7dd9Xcud/GA7CHk3uPkfKH43K28cvyVN2LXA=
Subject key identifier: 31:57:1D:7B:7C:14:BA:F9:BD:90:C3:2D:F6:6C:8F:80:77:CE:B1:C7
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01856BDCA93715D1C2557893F9BAF18521F9
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/MVcde3wUuvm9kMMt9myPgHfOscc.roa
Signing time: Sun 01 Jan 2023 05:45:01 +0000
ROA not before: Sun 01 Jan 2023 05:45:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 88.218.42.0/24 maxlen: 24
45.151.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jan 2023 13:43:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a9:37:15:d1:c2:55:78:93:f9:ba:f1:85:21:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 1 05:45:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31571d7b7c14baf9bd90c32df66c8f8077ceb1c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c7:14:5d:db:4c:ab:4b:86:aa:30:0c:ad:e8:
12:86:70:d6:c9:a5:3c:03:93:49:78:93:57:a1:21:
b7:95:ae:d9:44:b8:d6:73:8e:9e:db:57:a3:b1:06:
78:66:4b:af:f0:93:7e:a4:5c:9c:c1:fb:18:0e:9c:
94:45:21:fb:54:80:4a:5e:9b:03:66:44:9d:99:7d:
aa:57:7b:d6:1c:a1:c5:df:24:33:bf:41:60:fa:b3:
90:bc:42:39:65:ef:96:12:9e:1e:3b:5c:ae:de:1b:
6e:5d:f9:2a:be:60:df:d0:7d:8a:95:d8:fb:d1:dc:
0a:2e:3f:10:4e:f3:43:23:bc:94:0d:68:7b:92:a4:
24:09:91:15:1f:68:de:67:6a:0c:57:ee:42:84:c5:
26:9f:bb:2e:d5:a6:7a:f0:5b:96:bc:7f:ba:f4:4f:
d3:b2:5d:83:94:7b:f5:9d:dc:05:f3:32:bf:22:13:
70:7a:83:2b:c0:8d:27:a4:72:1a:0e:c1:23:4d:ce:
d6:e7:37:90:a6:62:94:7b:80:8c:d4:5b:18:ca:d3:
c3:7f:83:79:60:45:e0:cf:4b:db:e0:02:03:ba:76:
38:c5:24:bb:07:73:5f:d8:50:02:02:96:ae:3e:f3:
43:64:f7:f8:37:94:28:49:77:fa:26:0e:6c:0a:3e:
da:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:57:1D:7B:7C:14:BA:F9:BD:90:C3:2D:F6:6C:8F:80:77:CE:B1:C7
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/MVcde3wUuvm9kMMt9myPgHfOscc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.70.0/24
88.218.42.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:d8:16:74:cd:58:8e:cf:c7:db:08:fd:ff:df:8b:0d:2e:75:
3d:99:b3:93:83:31:52:d2:ff:ab:dd:ec:ed:d7:7c:87:b8:59:
70:18:7f:c0:e6:87:cf:04:2a:f5:e3:38:e3:6e:f1:bf:86:93:
2c:a3:0f:f5:bf:e7:0e:0c:b4:b0:ce:18:73:53:cb:a1:45:de:
61:f4:b5:5b:fa:c3:4f:40:81:89:22:a6:ed:71:bd:51:8d:5d:
b0:9b:b2:cf:55:72:3a:07:1b:72:d3:30:d4:55:32:a2:65:6b:
a6:c1:1f:63:dd:b1:6c:12:ea:7c:91:f8:2c:6d:7f:cf:8d:05:
44:60:a5:aa:22:77:9e:de:81:70:59:c2:ed:bf:f8:d1:47:4f:
9d:2a:c6:91:0d:dd:42:37:db:2d:0b:e2:16:0b:a4:72:a8:cd:
b2:27:81:4a:7c:9b:72:c5:b5:95:60:43:6f:7d:c5:a6:ef:ac:
47:01:0c:3b:0d:c3:df:05:00:8a:56:f5:c1:21:40:ab:9b:90:
29:b7:93:84:03:1f:d0:2a:d0:e5:32:30:3f:87:45:ba:f4:a3:
52:d2:d7:19:99:a8:77:dd:37:b8:66:7d:d6:7c:9d:b1:c6:0d:
ed:91:87:d7:19:6d:6e:c5:2e:ae:24:13:47:41:66:6e:8c:2e:
5b:c5:bf:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVr3Kk3FdHCVXiT+brxhSH5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjMwMTAxMDU0NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTU3MWQ3YjdjMTRiYWY5YmQ5MGMzMmRmNjZjOGY4MDc3Y2ViMWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4scUXdtMq0uGqjAMregShnDWyaU8
A5NJeJNXoSG3la7ZRLjWc46e21ejsQZ4Zkuv8JN+pFycwfsYDpyURSH7VIBKXpsD
ZkSdmX2qV3vWHKHF3yQzv0Fg+rOQvEI5Ze+WEp4eO1yu3htuXfkqvmDf0H2Kldj7
0dwKLj8QTvNDI7yUDWh7kqQkCZEVH2jeZ2oMV+5ChMUmn7su1aZ68FuWvH+69E/T
sl2DlHv1ndwF8zK/IhNweoMrwI0npHIaDsEjTc7W5zeQpmKUe4CM1FsYytPDf4N5
YEXgz0vb4AIDunY4xSS7B3Nf2FACApauPvNDZPf4N5QoSXf6Jg5sCj7aswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDFXHXt8FLr5vZDDLfZsj4B3zrHHMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvTVZjZGUzd1V1dm05a01NdDlteVBnSGZPc2NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZdGAwQA
WNoqMA0GCSqGSIb3DQEBCwUAA4IBAQCh2BZ0zViOz8fbCP3/34sNLnU9mbOTgzFS
0v+r3ezt13yHuFlwGH/A5ofPBCr14zjjbvG/hpMsow/1v+cODLSwzhhzU8uhRd5h
9LVb+sNPQIGJIqbtcb1RjV2wm7LPVXI6Bxty0zDUVTKiZWumwR9j3bFsEup8kfgs
bX/PjQVEYKWqInee3oFwWcLtv/jRR0+dKsaRDd1CN9stC+IWC6RyqM2yJ4FKfJty
xbWVYENvfcWm76xHAQw7DcPfBQCKVvXBIUCrm5Apt5OEAx/QKtDlMjA/h0W69KNS
0tcZmah33Te4Zn3WfJ2xxg3tkYfXGW1uxS6uJBNHQWZujC5bxb8/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:03 2024 by rpki-client on console-fra.rpki-client.org