Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MPqLlzPZkckZ8HBQ-wifsRcIKS0.roa
File: MPqLlzPZkckZ8HBQ-wifsRcIKS0.roa (raw, json)
Hash identifier: k6UKE+Cud0XJBNjjFbnmCzWO+EXLzG38OEmvfDQYhYU=
Subject key identifier: 30:FA:8B:97:33:D9:91:C9:19:F0:70:50:FB:08:9F:B1:17:08:29:2D
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018CC64B2989BD72B7F6531EB1B1A28687C4
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MPqLlzPZkckZ8HBQ-wifsRcIKS0.roa
Signing time: Mon 01 Jan 2024 18:31:03 +0000
ROA not before: Mon 01 Jan 2024 18:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50979
IP address blocks: 195.123.208.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 07 Jun 2024 12:45:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:29:89:bd:72:b7:f6:53:1e:b1:b1:a2:86:87:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Jan 1 18:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=30fa8b9733d991c919f07050fb089fb11708292d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:49:e7:77:67:b4:00:11:a9:25:3d:3f:7f:5b:
b2:1d:d3:57:cd:5b:b3:0c:5d:f5:da:b8:0a:ca:82:
ae:bc:35:79:46:ae:43:e6:7f:ab:24:88:15:7a:53:
a3:2f:12:2e:bd:22:1b:ef:2f:92:77:ad:a6:2a:84:
38:6d:0e:48:7e:b0:f7:94:3c:06:58:f2:48:ac:37:
fb:1b:d7:26:12:dc:28:f5:20:86:6c:5a:4d:66:d5:
87:11:98:9d:29:d7:dd:a8:a5:d4:61:9c:cc:52:ad:
ab:89:bf:24:38:62:db:cb:82:dd:83:51:1b:84:9c:
7a:03:a9:59:c7:a0:53:50:cf:f9:9b:6b:85:8f:88:
af:0f:fe:06:d1:fa:dc:f5:3b:15:dd:7b:c2:a2:5d:
37:55:0a:3f:c7:61:e2:07:92:8e:b4:d3:d4:90:47:
1a:78:17:c8:80:3c:dc:cb:c0:c9:4b:36:d9:7e:3f:
45:7c:80:56:1f:fb:c9:8b:0f:a9:ac:39:4b:6e:6b:
55:be:59:df:df:14:13:97:d3:d6:b9:85:a1:2d:a3:
ef:8a:5a:0e:4b:12:d7:a7:7f:54:7e:ac:25:8b:c2:
fe:0d:06:42:0f:8c:55:b0:53:18:b1:0e:82:88:83:
ac:a0:99:8e:6e:cd:ac:2b:63:5e:fd:64:c8:7b:7f:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FA:8B:97:33:D9:91:C9:19:F0:70:50:FB:08:9F:B1:17:08:29:2D
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/MPqLlzPZkckZ8HBQ-wifsRcIKS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.208.0/21
Signature Algorithm: sha256WithRSAEncryption
26:40:d0:67:e7:36:66:77:54:fc:b3:b3:09:83:c4:1b:71:05:
ad:f2:39:66:b1:13:f3:b4:49:a2:ce:3e:ab:b9:ac:5b:34:88:
fb:ea:a2:d7:fd:a8:53:c0:03:7d:a4:50:38:50:01:a6:6b:92:
d3:cd:a8:a3:ce:49:4c:32:6b:f9:9d:ab:78:39:5e:17:4f:c3:
40:55:8c:d4:2d:34:50:1a:4b:13:43:f9:dd:62:be:c7:1d:6f:
9e:3d:69:08:37:ef:b9:4f:16:16:11:9c:f1:41:0b:59:63:e2:
60:fa:c6:7b:7e:71:4e:fd:f6:70:52:ad:ea:bb:1e:96:ca:8d:
57:10:2c:a0:e0:f1:3c:33:c5:d1:08:b5:83:bc:73:71:fe:c0:
de:36:f1:db:56:49:0d:83:16:b0:46:62:98:98:08:f9:23:e7:
0d:a6:05:ad:74:9b:e0:7e:fc:4e:04:09:c8:8c:09:c3:dd:c9:
95:11:50:c2:a9:38:66:d3:ae:d9:5c:77:86:c4:50:fa:63:43:
1d:64:b7:b0:eb:74:3e:a1:47:dd:4a:b7:9b:19:64:42:a0:3c:
f9:b5:2c:49:fd:00:8f:37:57:bb:75:f4:fe:ce:b4:5e:4b:e4:
f5:88:2c:ae:4e:8f:79:37:7c:a4:94:04:92:f5:23:ff:6c:26:
c9:68:e4:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSymJvXK39lMesbGihofEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjQwMTAxMTgzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZhOGI5NzMzZDk5MWM5MTlmMDcwNTBmYjA4OWZiMTE3MDgyOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00nnd2e0ABGpJT0/f1uyHdNXzVuz
DF312rgKyoKuvDV5Rq5D5n+rJIgVelOjLxIuvSIb7y+Sd62mKoQ4bQ5IfrD3lDwG
WPJIrDf7G9cmEtwo9SCGbFpNZtWHEZidKdfdqKXUYZzMUq2rib8kOGLby4Ldg1Eb
hJx6A6lZx6BTUM/5m2uFj4ivD/4G0frc9TsV3XvCol03VQo/x2HiB5KOtNPUkEca
eBfIgDzcy8DJSzbZfj9FfIBWH/vJiw+prDlLbmtVvlnf3xQTl9PWuYWhLaPviloO
SxLXp39Ufqwli8L+DQZCD4xVsFMYsQ6CiIOsoJmObs2sK2Ne/WTIe3+l5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDD6i5cz2ZHJGfBwUPsIn7EXCCktMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvTVBxTGx6UFprY2taOEhCUS13aWZzUmNJS1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDw3vQMA0G
CSqGSIb3DQEBCwUAA4IBAQAmQNBn5zZmd1T8s7MJg8QbcQWt8jlmsRPztEmizj6r
uaxbNIj76qLX/ahTwAN9pFA4UAGma5LTzaijzklMMmv5nat4OV4XT8NAVYzULTRQ
GksTQ/ndYr7HHW+ePWkIN++5TxYWEZzxQQtZY+Jg+sZ7fnFO/fZwUq3qux6Wyo1X
ECyg4PE8M8XRCLWDvHNx/sDeNvHbVkkNgxawRmKYmAj5I+cNpgWtdJvgfvxOBAnI
jAnD3cmVEVDCqThm067ZXHeGxFD6Y0MdZLew63Q+oUfdSrebGWRCoDz5tSxJ/QCP
N1e7dfT+zrReS+T1iCyuTo95N3yklASS9SP/bCbJaOQG
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:03:48 2024 by rpki-client on console-fra.rpki-client.org