Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Mt6M43Hh95rIVscEjgkh61weg44.roa
File: Mt6M43Hh95rIVscEjgkh61weg44.roa (raw, json)
Hash identifier: Cot1az8y/3STC2tCpOvKU3CNm7yXGTH6IbAVcfB+7Cc=
Subject key identifier: 32:DE:8C:E3:71:E1:F7:9A:C8:56:C7:04:8E:09:21:EB:5C:1E:83:8E
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A93AFDB700F062276742FF2BC4A856867
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Mt6M43Hh95rIVscEjgkh61weg44.roa
Signing time: Thu 14 Sep 2023 12:34:50 +0000
ROA not before: Thu 14 Sep 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3356
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:93:af:db:70:0f:06:22:76:74:2f:f2:bc:4a:85:68:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 14 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=32de8ce371e1f79ac856c7048e0921eb5c1e838e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:e1:12:86:8a:54:12:d5:6c:ae:d7:82:b9:
6e:53:62:6d:12:84:e9:87:73:0e:fb:95:c6:8f:f0:
95:85:7a:ed:96:60:d0:95:e0:01:61:84:84:6f:14:
c8:a8:87:5f:18:e7:7c:62:d6:56:b8:6c:df:e7:00:
cc:3c:78:5b:c6:6e:97:92:c4:b3:d7:41:9e:4b:47:
6d:e8:0f:e8:99:7e:50:08:01:a8:02:39:00:3a:23:
17:f1:87:d5:24:40:fd:d4:4a:fb:78:07:6d:c8:b2:
27:51:41:48:0c:3e:fe:5d:be:bb:3c:fe:52:c1:26:
5d:f0:a6:e1:21:3b:7a:ae:12:e8:59:fa:f5:30:57:
12:b5:e5:5d:81:30:bc:6b:49:6f:69:6f:92:53:88:
6d:98:f0:ba:c4:0a:bf:6f:ca:56:f6:93:52:5d:98:
0d:5e:81:0e:a1:14:28:48:f6:87:6c:87:2b:2f:ab:
1a:30:57:3d:20:9a:18:88:71:d5:9d:e3:d1:3f:72:
9d:bf:d6:e7:53:12:11:ec:3f:1d:19:5a:23:0f:4d:
b5:3e:6a:ac:7c:f3:01:14:c7:ff:2d:ce:c7:c1:b9:
ed:4d:e6:b3:cd:8e:94:31:50:95:02:9b:33:12:ca:
8c:0e:5f:2e:f5:ae:b0:c9:80:96:70:21:1a:92:03:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DE:8C:E3:71:E1:F7:9A:C8:56:C7:04:8E:09:21:EB:5C:1E:83:8E
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/Mt6M43Hh95rIVscEjgkh61weg44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
39:9f:a1:a8:e0:71:66:92:15:dc:3f:57:82:99:7b:db:39:67:
ff:33:08:8c:b9:62:b3:1f:a8:e3:d2:83:d2:4b:95:c3:0d:5b:
2c:ee:67:d9:80:40:a7:d8:e4:94:ee:7a:ee:58:49:5c:66:6b:
25:74:3d:a4:29:7a:3e:c2:87:94:ff:43:bf:d6:2a:5e:37:e9:
78:2c:a8:70:03:cb:52:3b:a1:ae:0a:27:79:86:03:01:09:1e:
f3:fb:92:20:7d:59:85:9e:71:29:47:45:00:f0:b4:c0:1c:13:
f7:6b:d9:6f:eb:a7:c5:88:95:eb:c0:31:55:63:28:71:6f:86:
1d:5d:96:12:3a:27:ba:8e:08:e9:67:6e:52:13:58:82:de:90:
ff:b1:d4:75:24:10:f1:38:5d:50:16:42:a0:d1:ff:c7:f0:98:
90:9e:0d:d7:78:d4:59:92:11:aa:45:94:38:44:7a:04:d7:a3:
d6:89:39:3a:6e:1d:a5:1d:ae:d0:e9:fd:1a:98:9a:8a:b4:a8:
70:dc:eb:72:cb:07:ca:2e:4c:c8:59:04:73:a8:a3:fc:65:3e:
a5:06:4b:5b:3b:3b:8c:c9:44:3e:af:a3:66:9a:f3:b7:2c:2a:
4c:d8:a0:5d:7b:7e:f8:8b:f5:0b:68:ef:4c:a6:2d:41:80:a0:
e6:fc:7e:1a
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYqTr9twDwYidnQv8rxKhWhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTE0MTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRlOGNlMzcxZTFmNzlhYzg1NmM3MDQ4ZTA5MjFlYjVjMWU4MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+fhEoaKVBLVbK7XgrluU2JtEoTp
h3MO+5XGj/CVhXrtlmDQleABYYSEbxTIqIdfGOd8YtZWuGzf5wDMPHhbxm6XksSz
10GeS0dt6A/omX5QCAGoAjkAOiMX8YfVJED91Er7eAdtyLInUUFIDD7+Xb67PP5S
wSZd8KbhITt6rhLoWfr1MFcSteVdgTC8a0lvaW+SU4htmPC6xAq/b8pW9pNSXZgN
XoEOoRQoSPaHbIcrL6saMFc9IJoYiHHVnePRP3Kdv9bnUxIR7D8dGVojD021Pmqs
fPMBFMf/Lc7HwbntTeazzY6UMVCVApszEsqMDl8u9a6wyYCWcCEakgPJhQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFDLejONx4feayFbHBI4JIetcHoOOMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvTXQ2TTQzSGg5NXJJVnNjRWpna2g2MXdlZzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBADmfoajgcWaSFdw/V4KZe9s5Z/8zCIy5YrMfqOPSg9JLlcMNWyzuZ9mAQKfY
5JTueu5YSVxmayV0PaQpej7Ch5T/Q7/WKl436XgsqHADy1I7oa4KJ3mGAwEJHvP7
kiB9WYWecSlHRQDwtMAcE/dr2W/rp8WIlevAMVVjKHFvhh1dlhI6J7qOCOlnblIT
WILekP+x1HUkEPE4XVAWQqDR/8fwmJCeDdd41FmSEapFlDhEegTXo9aJOTpuHaUd
rtDp/RqYmoq0qHDc63LLB8ouTMhZBHOoo/xlPqUGS1s7O4zJRD6vo2aa87csKkzY
oF17fviL9Qto70ymLUGAoOb8fho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:51 2024 by rpki-client on console-fra.rpki-client.org