Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MgCv9xanNDxhykCQGongVQVaSsk.roa
File: MgCv9xanNDxhykCQGongVQVaSsk.roa (raw, json)
Hash identifier: S2PiT/QUeU5mggZc3ujOmCNLX5+lzN63bxZclE+li+8=
Subject key identifier: 32:00:AF:F7:16:A7:34:3C:61:CA:40:90:1A:89:E0:55:05:5A:4A:C9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01886C183154117719FB6875C0270FD6A1EE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MgCv9xanNDxhykCQGongVQVaSsk.roa
Signing time: Tue 30 May 2023 09:58:24 +0000
ROA not before: Tue 30 May 2023 09:58:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
188.241.136.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 03 Jun 2023 12:57:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6c:18:31:54:11:77:19:fb:68:75:c0:27:0f:d6:a1:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: May 30 09:58:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3200aff716a7343c61ca40901a89e055055a4ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:80:f9:6b:98:e0:77:ee:7b:ca:65:2d:c0:36:
79:70:2f:d7:1b:15:de:65:87:1c:4d:5b:14:6d:84:
56:69:e1:2e:1d:d2:cc:df:e7:c7:5d:1b:98:01:53:
b3:38:87:3b:9d:ad:07:30:cd:c0:0d:1c:9c:df:22:
7d:92:6a:e8:e5:d8:c7:8e:90:09:69:9f:01:27:4a:
1a:ab:fe:8c:52:5b:07:48:7b:5e:3e:f0:8e:e9:78:
64:00:c1:1a:64:d9:dc:02:85:ee:41:19:50:03:f3:
4d:40:0c:36:33:53:d1:8b:4d:c2:78:0a:51:97:09:
37:3a:4d:4e:50:19:29:66:ff:81:36:5a:e5:a5:ab:
46:8d:1e:71:25:73:72:82:15:49:77:d0:a3:25:07:
49:81:8d:dc:d3:29:e6:54:71:13:3d:32:c9:f4:d6:
17:86:16:c9:3e:12:0a:47:39:8b:da:5d:1d:a3:90:
88:21:73:a8:02:38:b6:55:7d:c8:ab:9f:dd:18:0d:
75:d4:f0:15:e8:73:b8:93:40:27:0f:f8:74:92:85:
bd:1b:d8:3e:5f:57:a2:85:f2:6d:61:7a:9e:52:3a:
a5:10:eb:c8:4f:6a:60:7c:03:ab:d6:2d:27:5a:36:
36:ff:61:67:82:c6:d3:8c:92:f5:46:19:d5:1d:f9:
f5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:00:AF:F7:16:A7:34:3C:61:CA:40:90:1A:89:E0:55:05:5A:4A:C9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/MgCv9xanNDxhykCQGongVQVaSsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.88.0/24
86.107.51.0/24
89.35.130.0/23
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.136.0/23
Signature Algorithm: sha256WithRSAEncryption
25:90:f1:e1:55:b0:46:87:1f:05:d5:7c:ef:b0:7a:d2:2a:96:
04:bb:24:f1:6c:c8:cc:71:e4:98:fb:53:28:8d:af:b8:ec:19:
83:0c:bb:e1:06:fd:a0:99:ad:f7:c6:bd:a3:bb:e2:7a:e4:0b:
dc:01:a5:72:cc:4b:7c:ea:59:e9:0a:92:92:4e:e3:e9:7c:2d:
11:81:e4:51:9c:62:6a:8f:46:cd:f6:b0:83:ec:77:30:69:6d:
c5:c6:94:55:94:d8:e3:07:21:4c:5c:54:20:ba:92:3a:e1:a4:
6c:33:36:5a:9b:95:4a:da:30:0e:2b:d2:41:cd:35:6a:63:7c:
10:5f:83:3a:71:40:a6:0e:34:90:5c:17:bc:67:58:f4:36:0c:
a9:f2:83:81:2d:3c:ce:6c:27:26:76:1d:8b:47:a5:87:24:e5:
d9:e5:78:e1:be:6f:e9:b7:00:4e:d2:4b:e4:6b:ad:bc:78:be:
dd:31:dd:53:46:d5:02:96:38:0e:11:fc:85:1f:de:52:a5:b9:
74:04:58:7e:97:74:f4:1c:11:45:db:49:55:9d:f4:04:0f:bf:
e6:68:a0:e2:3a:f9:df:bf:f3:d0:a9:4a:de:20:80:45:bf:8c:
c7:cb:eb:27:88:8d:c6:72:60:6e:fa:24:fe:ab:a6:08:94:b3:
16:69:e3:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYhsGDFUEXcZ+2h1wCcP1qHuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNTMwMDk1ODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAwYWZmNzE2YTczNDNjNjFjYTQwOTAxYTg5ZTA1NTA1NWE0YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYD5a5jgd+57ymUtwDZ5cC/XGxXe
ZYccTVsUbYRWaeEuHdLM3+fHXRuYAVOzOIc7na0HMM3ADRyc3yJ9kmro5djHjpAJ
aZ8BJ0oaq/6MUlsHSHtePvCO6XhkAMEaZNncAoXuQRlQA/NNQAw2M1PRi03CeApR
lwk3Ok1OUBkpZv+BNlrlpatGjR5xJXNyghVJd9CjJQdJgY3c0ynmVHETPTLJ9NYX
hhbJPhIKRzmL2l0do5CIIXOoAji2VX3Iq5/dGA111PAV6HO4k0AnD/h0koW9G9g+
X1eihfJtYXqeUjqlEOvIT2pgfAOr1i0nWjY2/2FngsbTjJL1RhnVHfn1kQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDIAr/cWpzQ8YcpAkBqJ4FUFWkrJMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTWdDdjl4YW5ORHhoeWtDUUdvbmdWUVZhU3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATVFYAwQA
VmszAwQBWSOCAwQAXsarAwQAsN+8AwQAvNZrAwQBvPGIMA0GCSqGSIb3DQEBCwUA
A4IBAQAlkPHhVbBGhx8F1XzvsHrSKpYEuyTxbMjMceSY+1Moja+47BmDDLvhBv2g
ma33xr2ju+J65AvcAaVyzEt86lnpCpKSTuPpfC0RgeRRnGJqj0bN9rCD7HcwaW3F
xpRVlNjjByFMXFQgupI64aRsMzZam5VK2jAOK9JBzTVqY3wQX4M6cUCmDjSQXBe8
Z1j0Ngyp8oOBLTzObCcmdh2LR6WHJOXZ5Xjhvm/ptwBO0kvka628eL7dMd1TRtUC
ljgOEfyFH95Spbl0BFh+l3T0HBFF20lVnfQED7/maKDiOvnfv/PQqUreIIBFv4zH
y+sniI3GcmBu+iT+q6YIlLMWaeNr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:06 2024 by rpki-client on console-fra.rpki-client.org