Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/MKQ5ZOTKurksjy7ZU0V9nIObQcI.roa
File: MKQ5ZOTKurksjy7ZU0V9nIObQcI.roa (raw, json)
Hash identifier: nnKKACXpNkn1N8j3TLLKajipGuCxE0scYi311EyGzRs=
Subject key identifier: 30:A4:39:64:E4:CA:BA:B9:2C:8F:2E:D9:53:45:7D:9C:83:9B:41:C2
Certificate issuer: /CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Certificate serial: 0187E777FD2890ED2DD037DABF93CDE1E87D
Authority key identifier: 1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/MKQ5ZOTKurksjy7ZU0V9nIObQcI.roa
Signing time: Thu 04 May 2023 15:53:33 +0000
ROA not before: Thu 04 May 2023 15:53:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 91.213.174.0/24 maxlen: 24
91.213.186.0/24 maxlen: 24
91.213.189.0/24 maxlen: 24
91.213.200.0/24 maxlen: 24
91.208.109.0/24 maxlen: 24
45.150.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 May 2023 10:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:77:fd:28:90:ed:2d:d0:37:da:bf:93:cd:e1:e8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f4738389cb3b998ec4fa6d4272f8dd799fbc4a9
Validity
Not Before: May 4 15:53:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30a43964e4cabab92c8f2ed953457d9c839b41c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0f:7b:74:f5:d5:f3:76:3d:48:09:64:0e:ad:
9a:9b:20:92:07:d1:dd:85:0d:97:66:2f:70:83:a2:
2d:88:28:29:d2:1f:c1:05:b6:a7:bf:89:3b:c8:ac:
70:99:b6:7c:41:3c:9e:06:80:22:7a:eb:92:43:e1:
5c:ff:c3:bc:db:39:6a:d6:5a:88:33:1b:bd:97:c7:
19:4e:71:59:ae:5d:5e:45:d1:e4:b1:82:c7:5c:8b:
81:0f:aa:e1:44:78:a2:c2:cc:8e:27:18:37:90:3b:
65:64:44:3c:ad:47:fd:f3:46:ff:bf:b4:37:f0:24:
48:07:70:4a:65:94:d4:0f:8c:70:13:2a:18:5b:6e:
83:7b:d2:dd:b3:ab:a4:7a:a3:30:15:8a:81:93:3c:
7b:b3:3a:02:ee:f0:75:ea:9d:df:cf:b6:c2:ef:2b:
c7:ec:e9:6e:37:c1:df:3a:9a:54:42:cd:c1:45:e7:
14:a4:5f:ec:cc:d4:cf:72:41:3d:9d:b6:21:af:3e:
7b:67:91:59:15:cb:45:70:e8:aa:d7:b3:9b:ae:46:
62:36:f0:b4:e7:92:12:18:91:c8:b8:a9:b5:f5:24:
ca:c7:fd:e9:fb:96:33:ee:1b:9f:d3:86:8e:8b:17:
93:a6:6f:50:0a:39:06:d0:ac:9a:df:88:37:51:43:
87:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:A4:39:64:E4:CA:BA:B9:2C:8F:2E:D9:53:45:7D:9C:83:9B:41:C2
X509v3 Authority Key Identifier:
keyid:1F:47:38:38:9C:B3:B9:98:EC:4F:A6:D4:27:2F:8D:D7:99:FB:C4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0c4OJyzuZjsT6bUJy-N15n7xKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/MKQ5ZOTKurksjy7ZU0V9nIObQcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/517694-c8a1-458b-9cf2-6c7e5685890c/1/H0c4OJyzuZjsT6bUJy-N15n7xKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.197.0/24
91.208.109.0/24
91.213.174.0/24
91.213.186.0/24
91.213.189.0/24
91.213.200.0/24
Signature Algorithm: sha256WithRSAEncryption
37:80:a3:28:b0:22:ee:7d:55:a9:39:50:94:dd:e0:fe:57:26:
46:b6:1b:7b:67:06:43:35:0f:26:eb:52:b8:a8:4b:53:62:14:
2d:90:c2:9e:25:cd:67:73:13:e6:f4:40:c3:88:80:48:89:cc:
b8:5b:ff:a4:9d:be:8d:1f:a1:b1:64:21:32:bc:0c:cd:55:3c:
e1:0f:75:61:cf:a3:b3:cc:cd:5c:5e:4a:51:1e:f5:57:91:e6:
3a:d3:f9:d9:40:14:da:f9:c2:d7:cc:89:3a:1d:17:fc:63:d2:
c3:5e:1a:33:74:e7:de:11:82:9d:21:e9:bb:bd:00:84:a6:d6:
03:95:79:fe:d2:d2:57:18:80:c0:b6:75:e8:8d:38:44:8f:1c:
f6:58:61:cb:19:b7:16:46:eb:ec:40:2b:c6:39:82:82:66:2f:
85:fa:d1:fd:04:61:cf:69:a7:1c:c1:54:2a:a9:83:70:4e:12:
fa:0e:6d:7d:65:4a:5f:f1:59:22:de:2e:41:dd:93:b4:9e:c7:
bf:06:53:a4:37:1e:54:0d:79:d7:66:2d:31:c5:58:a7:c3:8c:
04:ae:51:3d:04:a9:5b:d4:63:ff:65:e2:44:22:d7:06:75:2b:
69:8b:38:9f:4b:b6:3a:64:2f:37:43:9e:62:6d:cd:e6:e0:53:
cd:4a:b3:cf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYfnd/0okO0t0Dfav5PN4eh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDczODM4OWNiM2I5OThlYzRmYTZkNDI3MmY4ZGQ3OTlm
YmM0YTkwHhcNMjMwNTA0MTU1MzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGE0Mzk2NGU0Y2FiYWI5MmM4ZjJlZDk1MzQ1N2Q5YzgzOWI0MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig97dPXV83Y9SAlkDq2amyCSB9Hd
hQ2XZi9wg6ItiCgp0h/BBbanv4k7yKxwmbZ8QTyeBoAieuuSQ+Fc/8O82zlq1lqI
Mxu9l8cZTnFZrl1eRdHksYLHXIuBD6rhRHiiwsyOJxg3kDtlZEQ8rUf980b/v7Q3
8CRIB3BKZZTUD4xwEyoYW26De9Lds6ukeqMwFYqBkzx7szoC7vB16p3fz7bC7yvH
7OluN8HfOppUQs3BRecUpF/szNTPckE9nbYhrz57Z5FZFctFcOiq17ObrkZiNvC0
55ISGJHIuKm19STKx/3p+5Yz7huf04aOixeTpm9QCjkG0Kya34g3UUOHzwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDCkOWTkyrq5LI8u2VNFfZyDm0HCMB8GA1UdIwQY
MBaAFB9HODics7mY7E+m1CcvjdeZ+8SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjIt
NmM3ZTU2ODU4OTBjLzEvTUtRNVpPVEt1cmtzank3WlUwVjluSU9iUWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81MTc2OTQtYzhhMS00NThiLTljZjItNmM3ZTU2ODU4OTBj
LzEvSDBjNE9KeXp1WmpzVDZiVUp5LU4xNW43eEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZbFAwQA
W9BtAwQAW9WuAwQAW9W6AwQAW9W9AwQAW9XIMA0GCSqGSIb3DQEBCwUAA4IBAQA3
gKMosCLufVWpOVCU3eD+VyZGtht7ZwZDNQ8m61K4qEtTYhQtkMKeJc1ncxPm9EDD
iIBIicy4W/+knb6NH6GxZCEyvAzNVTzhD3Vhz6OzzM1cXkpRHvVXkeY60/nZQBTa
+cLXzIk6HRf8Y9LDXhozdOfeEYKdIem7vQCEptYDlXn+0tJXGIDAtnXojThEjxz2
WGHLGbcWRuvsQCvGOYKCZi+F+tH9BGHPaaccwVQqqYNwThL6Dm19ZUpf8Vki3i5B
3ZO0nse/BlOkNx5UDXnXZi0xxVinw4wErlE9BKlb1GP/ZeJEItcGdStpizifS7Y6
ZC83Q55ibc3m4FPNSrPP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:13 2024 by rpki-client on console-fra.rpki-client.org