Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/mdgk524TA4VGWG2qx7AcEzCZT4I.roa
File: mdgk524TA4VGWG2qx7AcEzCZT4I.roa (raw, json)
Hash identifier: txtWDJeJFGUmnOa02K1j10kPqVW+oVQT43vErEgKe10=
Subject key identifier: 99:D8:24:E7:6E:13:03:85:46:58:6D:AA:C7:B0:1C:13:30:99:4F:82
Certificate issuer: /CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Certificate serial: 0185701539963578BC3D24A7EFB9A131A0D5
Authority key identifier: 04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/mdgk524TA4VGWG2qx7AcEzCZT4I.roa
Signing time: Mon 02 Jan 2023 01:25:17 +0000
ROA not before: Mon 02 Jan 2023 01:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41590
IP address blocks: 195.34.88.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:15:39:96:35:78:bc:3d:24:a7:ef:b9:a1:31:a0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04d29211f92e560f0b7834bb2932ac63cabfa14a
Validity
Not Before: Jan 2 01:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=99d824e76e13038546586daac7b01c1330994f82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:dc:86:14:9d:a6:2c:2d:84:85:aa:1b:98:7d:
b2:52:ae:63:f5:81:69:5a:40:ef:97:1b:06:82:1d:
ef:87:37:ef:5f:de:06:03:60:ec:07:60:fb:74:dc:
d7:09:d8:bb:3d:3f:e5:6b:6b:2e:c6:8e:8f:b0:6a:
00:de:29:00:ab:9c:01:f9:f7:65:b9:1d:f3:12:1b:
01:ff:05:12:e9:f5:2f:0c:93:79:00:d3:e1:5a:59:
f9:f8:ef:a3:7b:fb:91:28:6f:a5:f4:27:d9:24:07:
7d:91:50:8a:61:97:52:f1:5f:5e:e8:23:b1:1d:35:
ec:ab:44:33:79:ff:2b:9f:38:5f:34:88:49:47:a3:
07:d7:07:2b:ff:5f:26:ba:8a:07:c3:6b:77:08:fc:
8e:31:45:d8:eb:a9:41:a5:79:f2:98:74:d0:5b:3e:
94:47:f4:fe:4d:04:60:be:67:0a:9b:24:66:84:56:
c3:b8:34:5e:4e:e2:ad:cf:fb:5b:da:81:81:f7:45:
bd:74:58:d8:7b:9d:cc:76:7a:70:d5:bc:ed:0d:63:
d4:59:60:6c:5c:36:cb:b2:c0:59:25:20:bc:d4:54:
02:3e:da:b0:83:24:82:07:b0:3a:67:ba:07:e9:9a:
c1:34:0b:d4:a9:f1:65:7e:bc:b9:48:88:58:a7:a9:
96:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:D8:24:E7:6E:13:03:85:46:58:6D:AA:C7:B0:1C:13:30:99:4F:82
X509v3 Authority Key Identifier:
keyid:04:D2:92:11:F9:2E:56:0F:0B:78:34:BB:29:32:AC:63:CA:BF:A1:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BNKSEfkuVg8LeDS7KTKsY8q_oUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/mdgk524TA4VGWG2qx7AcEzCZT4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f6ac34-6bc3-417b-814d-e8d19296395c/1/BNKSEfkuVg8LeDS7KTKsY8q_oUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.34.88.0/23
Signature Algorithm: sha256WithRSAEncryption
10:9e:88:bc:b1:f1:0b:66:be:32:1d:fb:57:a0:51:24:ee:6f:
6f:e6:62:75:cc:22:5e:98:5c:c9:77:26:58:e8:79:b1:99:8c:
86:54:82:6f:6c:c9:4e:40:cf:97:ad:7d:a4:e8:af:fd:d1:22:
77:cd:27:ae:43:2a:4a:6d:cc:00:69:65:30:e7:b1:a0:a2:39:
f4:f9:40:bb:53:62:63:d5:15:ef:09:f6:57:18:d6:21:53:91:
56:e4:b1:b6:c4:04:90:cf:2a:54:4f:23:71:b6:b7:35:f8:99:
06:45:d6:23:7a:10:88:5e:53:5a:a3:58:a7:39:5d:f8:9b:7d:
e8:af:f8:37:eb:7e:00:e3:3c:75:18:16:17:dd:ef:05:c5:85:
15:ff:9a:1a:09:92:86:fb:e5:0f:75:fd:e4:40:32:90:67:d9:
00:6a:ac:1e:3e:6c:41:ac:13:d0:27:b3:3f:ce:5b:bc:bb:55:
6a:b7:99:5d:83:af:22:cf:1e:fa:b4:6f:2a:d1:53:5d:f7:e6:
57:92:a6:65:50:2e:7d:31:66:b7:c8:b3:f6:f7:db:af:51:a9:
fc:f1:98:83:7a:14:dc:b4:c6:cb:c9:d9:84:38:f7:2c:37:94:
56:e0:e3:8d:da:43:4d:82:4b:4e:e3:6a:98:70:40:23:50:6e:
c8:4b:89:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwFTmWNXi8PSSn77mhMaDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0ZDI5MjExZjkyZTU2MGYwYjc4MzRiYjI5MzJhYzYzY2Fi
ZmExNGEwHhcNMjMwMTAyMDEyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWQ4MjRlNzZlMTMwMzg1NDY1ODZkYWFjN2IwMWMxMzMwOTk0ZjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNyGFJ2mLC2EhaobmH2yUq5j9YFp
WkDvlxsGgh3vhzfvX94GA2DsB2D7dNzXCdi7PT/la2suxo6PsGoA3ikAq5wB+fdl
uR3zEhsB/wUS6fUvDJN5ANPhWln5+O+je/uRKG+l9CfZJAd9kVCKYZdS8V9e6COx
HTXsq0Qzef8rnzhfNIhJR6MH1wcr/18muooHw2t3CPyOMUXY66lBpXnymHTQWz6U
R/T+TQRgvmcKmyRmhFbDuDReTuKtz/tb2oGB90W9dFjYe53Mdnpw1bztDWPUWWBs
XDbLssBZJSC81FQCPtqwgySCB7A6Z7oH6ZrBNAvUqfFlfry5SIhYp6mWhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJnYJOduEwOFRlhtqsewHBMwmU+CMB8GA1UdIwQY
MBaAFATSkhH5LlYPC3g0uykyrGPKv6FKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQt
ZThkMTkyOTYzOTVjLzEvbWRnazUyNFRBNFZHV0cycXg3QWNFekNaVDRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mNmFjMzQtNmJjMy00MTdiLTgxNGQtZThkMTkyOTYzOTVj
LzEvQk5LU0Vma3VWZzhMZURTN0tUS3NZOHFfb1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyJYMA0G
CSqGSIb3DQEBCwUAA4IBAQAQnoi8sfELZr4yHftXoFEk7m9v5mJ1zCJemFzJdyZY
6HmxmYyGVIJvbMlOQM+XrX2k6K/90SJ3zSeuQypKbcwAaWUw57Ggojn0+UC7U2Jj
1RXvCfZXGNYhU5FW5LG2xASQzypUTyNxtrc1+JkGRdYjehCIXlNao1inOV34m33o
r/g3634A4zx1GBYX3e8FxYUV/5oaCZKG++UPdf3kQDKQZ9kAaqwePmxBrBPQJ7M/
zlu8u1Vqt5ldg68izx76tG8q0VNd9+ZXkqZlUC59MWa3yLP299uvUan88ZiDehTc
tMbLydmEOPcsN5RW4OON2kNNgktO42qYcEAjUG7IS4nX
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:44 2024 by rpki-client on console-fra.rpki-client.org