Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MUId204BXDJ_B336D-QGd78vz9c.roa
File: MUId204BXDJ_B336D-QGd78vz9c.roa (raw, json)
Hash identifier: qBXZCIWCdnQSoBFbf2X2sKzT+VTeMhM6ncdIheKdj/E=
Subject key identifier: 31:42:1D:DB:4E:01:5C:32:7F:07:7D:FA:0F:E4:06:77:BF:2F:CF:D7
Certificate issuer: /CN=b7733e9de9485b44671c8e511da221e4153c711b
Certificate serial: 018CBC2EE23E69F886CDEA7C5C16CD297707
Authority key identifier: B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MUId204BXDJ_B336D-QGd78vz9c.roa
Signing time: Sat 30 Dec 2023 19:23:58 +0000
ROA not before: Sat 30 Dec 2023 19:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209828
IP address blocks: 91.241.50.0/24 maxlen: 24
91.241.49.0/24 maxlen: 24
194.5.236.0/24 maxlen: 24
194.5.237.0/24 maxlen: 24
2a0c:8dc6::/32 maxlen: 32
2a0c:8dc5::/32 maxlen: 32
2a0c:8dc4::/32 maxlen: 32
2a0c:8dc0::/30 maxlen: 30
Validation: Failed, certificate revoked on Sat 30 Dec 2023 22:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:bc:2e:e2:3e:69:f8:86:cd:ea:7c:5c:16:cd:29:77:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7733e9de9485b44671c8e511da221e4153c711b
Validity
Not Before: Dec 30 19:23:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=31421ddb4e015c327f077dfa0fe40677bf2fcfd7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:07:78:1e:f8:4d:29:99:07:80:94:50:0e:48:
8c:90:fb:99:09:01:ab:e1:3b:d2:d0:99:9f:2d:ff:
ba:a8:86:fc:fd:e0:82:b5:4a:f7:e0:02:9b:1d:a4:
5a:76:c6:55:16:d1:d6:e8:15:5b:ae:8b:3d:40:58:
cc:e4:e2:78:3b:f4:09:d3:52:80:2e:fa:21:13:1f:
75:eb:68:03:66:ca:a5:81:bd:26:1e:75:ca:12:36:
8e:f1:ea:72:c2:a7:65:de:e4:a4:59:34:ff:2a:50:
d9:74:e8:47:b2:07:3f:03:2b:03:72:32:c2:e2:5c:
f4:da:5a:fd:4c:68:af:8f:3b:68:7c:ba:10:b3:78:
ff:6b:16:96:2f:01:e5:61:40:ce:ff:b5:53:8e:7d:
29:7f:86:19:28:43:dd:83:e2:04:bf:61:d2:22:9f:
74:1c:66:49:f5:40:97:ae:09:c2:eb:f8:24:e4:e7:
07:80:38:38:7f:37:c1:77:a3:75:71:03:04:8b:c5:
7e:21:d3:e1:e6:08:16:7a:0d:86:c5:e7:67:85:0c:
d4:68:b7:6d:ec:a7:a3:22:d0:4f:81:60:5c:cb:e8:
98:ba:8d:b1:5b:e1:74:fb:01:58:61:0f:73:dd:5b:
39:9c:73:e2:3d:b5:21:dd:a0:c6:7c:ff:b9:4b:85:
73:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:42:1D:DB:4E:01:5C:32:7F:07:7D:FA:0F:E4:06:77:BF:2F:CF:D7
X509v3 Authority Key Identifier:
keyid:B7:73:3E:9D:E9:48:5B:44:67:1C:8E:51:1D:A2:21:E4:15:3C:71:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t3M-nelIW0RnHI5RHaIh5BU8cRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/MUId204BXDJ_B336D-QGd78vz9c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/17e450-8818-4a27-9f35-518cd14713eb/1/t3M-nelIW0RnHI5RHaIh5BU8cRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.49.0-91.241.50.255
194.5.236.0/23
IPv6:
2a0c:8dc0::-2a0c:8dc6:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
50:2f:36:03:24:20:25:99:7a:92:73:7d:33:60:ca:66:88:b0:
fb:85:89:c8:d6:a0:c8:15:3a:92:9d:3e:fe:0c:5a:b5:a1:bc:
e8:2c:62:e9:b9:8b:d6:97:7b:f8:ce:65:3e:75:d7:d8:ff:6c:
18:53:2d:cb:d5:f3:65:4f:f1:0d:e6:25:ef:d5:d5:75:19:3f:
9d:f1:35:65:fe:02:a2:45:8e:62:0a:3e:81:fe:db:8c:6a:ed:
1d:8f:da:5b:06:76:26:9d:61:1a:ce:de:53:fd:be:32:70:ef:
46:ce:58:65:62:37:e6:0a:7d:f8:4d:5c:7c:93:ad:20:e0:b9:
03:6f:49:83:74:6b:0b:52:99:56:3e:ee:a5:42:52:d0:ce:5c:
34:18:1f:a0:e1:e3:9c:b4:ad:b5:bd:c2:72:0e:f6:d4:c7:28:
a0:6a:88:21:c5:19:f0:ec:f1:f1:97:e2:d7:e0:76:f7:c3:3c:
83:57:48:ef:16:0e:57:ca:ef:4f:59:f0:65:b5:e6:06:49:e1:
ee:3c:b5:f5:70:33:9b:90:7f:c3:ee:8c:6a:43:8a:b9:6e:76:
7d:77:ce:17:5d:7f:9d:30:d2:91:c0:aa:e1:8e:5c:28:a9:17:
e2:26:bb:e4:f4:01:27:43:14:64:a7:36:4f:e1:18:9f:e2:82:
1a:cd:8f:0f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYy8LuI+afiGzep8XBbNKXcHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NzMzZTlkZTk0ODViNDQ2NzFjOGU1MTFkYTIyMWU0MTUz
YzcxMWIwHhcNMjMxMjMwMTkyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTQyMWRkYjRlMDE1YzMyN2YwNzdkZmEwZmU0MDY3N2JmMmZjZmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAd4HvhNKZkHgJRQDkiMkPuZCQGr
4TvS0JmfLf+6qIb8/eCCtUr34AKbHaRadsZVFtHW6BVbros9QFjM5OJ4O/QJ01KA
LvohEx9162gDZsqlgb0mHnXKEjaO8epywqdl3uSkWTT/KlDZdOhHsgc/AysDcjLC
4lz02lr9TGivjztofLoQs3j/axaWLwHlYUDO/7VTjn0pf4YZKEPdg+IEv2HSIp90
HGZJ9UCXrgnC6/gk5OcHgDg4fzfBd6N1cQMEi8V+IdPh5ggWeg2GxednhQzUaLdt
7KejItBPgWBcy+iYuo2xW+F0+wFYYQ9z3Vs5nHPiPbUh3aDGfP+5S4VzKQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDFCHdtOAVwyfwd9+g/kBne/L8/XMB8GA1UdIwQY
MBaAFLdzPp3pSFtEZxyOUR2iIeQVPHEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUt
NTE4Y2QxNDcxM2ViLzEvTVVJZDIwNEJYREpfQjMzNkQtUUdkNzh2ejljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8xN2U0NTAtODgxOC00YTI3LTlmMzUtNTE4Y2QxNDcxM2Vi
LzEvdDNNLW5lbElXMFJuSEk1UkhhSWg1QlU4Y1JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBABb8TED
BABb8TIDBAHCBewwFgQCAAIwEDAOAwUGKgyNwAMFACoMjcYwDQYJKoZIhvcNAQEL
BQADggEBAFAvNgMkICWZepJzfTNgymaIsPuFicjWoMgVOpKdPv4MWrWhvOgsYum5
i9aXe/jOZT5119j/bBhTLcvV82VP8Q3mJe/V1XUZP53xNWX+AqJFjmIKPoH+24xq
7R2P2lsGdiadYRrO3lP9vjJw70bOWGViN+YKffhNXHyTrSDguQNvSYN0awtSmVY+
7qVCUtDOXDQYH6Dh45y0rbW9wnIO9tTHKKBqiCHFGfDs8fGX4tfgdvfDPINXSO8W
DlfK709Z8GW15gZJ4e48tfVwM5uQf8PujGpDirludn13zhddf50w0pHAquGOXCip
F+Imu+T0ASdDFGSnNk/hGJ/ighrNjw8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:03 2024 by rpki-client on console-ams.rpki-client.org