Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MxYIKBTtb1tS-zwSbncqTECS3pE.roa
File: MxYIKBTtb1tS-zwSbncqTECS3pE.roa (raw, json)
Hash identifier: pAXPehmUd3TI4ZK+0gVN/oEtvo49B5MAh4SdE9U+jhE=
Subject key identifier: 33:16:08:28:14:ED:6F:5B:52:FB:3C:12:6E:77:2A:4C:40:92:DE:91
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A6A516A499FDCDC0C8173A7FD24BA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MxYIKBTtb1tS-zwSbncqTECS3pE.roa
Signing time: Tue 02 Jan 2024 12:33:46 +0000
ROA not before: Tue 02 Jan 2024 12:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31732
IP address blocks: 5.34.216.0/21 maxlen: 21
188.209.155.0/24 maxlen: 24
2001:16c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 19 Feb 2024 12:13:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6a:51:6a:49:9f:dc:dc:0c:81:73:a7:fd:24:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3316082814ed6f5b52fb3c126e772a4c4092de91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:92:89:56:05:9c:04:cd:f0:10:88:a2:1c:97:
48:51:3c:d4:52:a9:e5:ad:eb:b6:26:03:70:df:4c:
81:e6:f6:77:46:b1:6d:a1:23:8d:c8:b6:ad:7d:66:
64:b7:f3:c3:07:35:8f:d5:86:88:e9:8a:4d:3c:ed:
50:68:f4:4a:a8:77:22:e6:2b:25:86:ad:4e:6e:d1:
76:f5:b5:df:0d:9f:94:2f:ec:43:d4:26:73:10:12:
a5:d2:4d:79:2d:cf:45:5c:9d:f1:18:77:c6:5a:b0:
94:58:ac:55:e5:98:80:04:12:6e:6e:64:08:69:2f:
79:ad:fb:b2:16:af:36:78:7f:a4:a0:e5:ef:a5:6f:
3c:83:ec:cb:59:de:13:99:b4:32:b5:60:47:0d:57:
08:8e:fa:56:1e:f3:9e:24:5f:3d:70:fa:81:8e:bf:
f2:dc:67:46:dc:f0:e5:f0:e8:51:4c:ac:47:fa:67:
7b:61:81:f5:30:c1:11:a3:7c:8c:54:92:12:2a:07:
90:e2:7f:f3:52:41:a9:7a:43:49:60:d7:8b:86:31:
63:a0:b6:08:b0:f2:60:d4:f5:1f:92:a0:76:d9:b2:
26:a2:6a:15:6c:89:39:f3:4b:40:6c:d3:80:cc:7d:
2f:76:58:be:59:af:54:d3:f4:5f:80:05:40:4c:35:
9d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:16:08:28:14:ED:6F:5B:52:FB:3C:12:6E:77:2A:4C:40:92:DE:91
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/MxYIKBTtb1tS-zwSbncqTECS3pE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
188.209.155.0/24
IPv6:
2001:16c0::/29
Signature Algorithm: sha256WithRSAEncryption
d0:1d:60:18:f1:8b:37:09:52:2c:9a:c8:45:a7:8b:3c:b9:21:
e2:00:eb:95:bc:85:34:23:bd:b9:1e:99:9f:41:7e:e0:8c:a3:
6e:20:6d:ea:5a:62:92:5b:5c:6c:7e:8e:75:e9:a6:51:ce:0a:
12:24:0c:8f:8b:67:15:e8:1c:48:a1:0a:bd:66:7f:44:a1:40:
f3:7c:a9:b1:e1:46:22:e1:89:b2:02:e6:d0:c8:ba:ea:d1:eb:
a1:46:41:99:28:17:b9:09:ac:11:87:73:4a:a0:18:19:36:78:
23:a3:e6:30:b2:9d:f7:12:80:c2:cd:8d:bc:aa:40:0e:37:46:
32:c7:4c:be:7f:e4:b0:3c:0d:c3:bc:74:f9:86:9a:60:14:f1:
bb:37:ee:48:3f:59:34:b0:7b:fa:51:1f:6b:28:6b:6e:8a:cb:
36:f7:74:cf:1f:02:40:92:ba:0b:f9:b7:67:ac:04:28:d5:01:
ed:cf:c3:b8:f2:47:84:99:34:19:f5:bd:04:37:78:13:6d:21:
cd:e0:d5:c3:42:95:35:05:2b:7a:15:7a:23:ff:5a:3c:41:d4:
c1:e2:be:5c:b8:f2:2b:57:9a:17:51:4f:f0:ac:d4:c6:9d:9c:
aa:66:79:25:b2:04:b3:23:b3:c0:2e:b1:1a:64:9d:c8:3b:fe:
31:3b:c8:b1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKmpRakmf3NwMgXOn/SS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzE2MDgyODE0ZWQ2ZjViNTJmYjNjMTI2ZTc3MmE0YzQwOTJkZTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJKJVgWcBM3wEIiiHJdIUTzUUqnl
reu2JgNw30yB5vZ3RrFtoSONyLatfWZkt/PDBzWP1YaI6YpNPO1QaPRKqHci5isl
hq1ObtF29bXfDZ+UL+xD1CZzEBKl0k15Lc9FXJ3xGHfGWrCUWKxV5ZiABBJubmQI
aS95rfuyFq82eH+koOXvpW88g+zLWd4TmbQytWBHDVcIjvpWHvOeJF89cPqBjr/y
3GdG3PDl8OhRTKxH+md7YYH1MMERo3yMVJISKgeQ4n/zUkGpekNJYNeLhjFjoLYI
sPJg1PUfkqB22bImomoVbIk580tAbNOAzH0vdli+Wa9U0/RfgAVATDWdFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDMWCCgU7W9bUvs8Em53KkxAkt6RMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvTXhZSUtCVHRiMXRTLXp3U2JuY3FURUNTM3BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBSLYAwQA
vNGbMA0EAgACMAcDBQMgARbAMA0GCSqGSIb3DQEBCwUAA4IBAQDQHWAY8Ys3CVIs
mshFp4s8uSHiAOuVvIU0I725HpmfQX7gjKNuIG3qWmKSW1xsfo516aZRzgoSJAyP
i2cV6BxIoQq9Zn9EoUDzfKmx4UYi4YmyAubQyLrq0euhRkGZKBe5CawRh3NKoBgZ
Nngjo+Ywsp33EoDCzY28qkAON0Yyx0y+f+SwPA3DvHT5hppgFPG7N+5IP1k0sHv6
UR9rKGtuiss293TPHwJAkroL+bdnrAQo1QHtz8O48keEmTQZ9b0EN3gTbSHN4NXD
QpU1BSt6FXoj/1o8QdTB4r5cuPIrV5oXUU/wrNTGnZyqZnklsgSzI7PALrEaZJ3I
O/4xO8ix
-----END CERTIFICATE-----
Generated at Mon Feb 19 15:21:41 2024 by rpki-client on console-fra.rpki-client.org