Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/MCGuu7vmwd0gm4URl4snj6R8G14.roa
File: MCGuu7vmwd0gm4URl4snj6R8G14.roa (raw, json)
Hash identifier: YF86go7zLpq/psgZYpEX3vjeWK7haIiIp4uW/0CA5zA=
Subject key identifier: 30:21:AE:BB:BB:E6:C1:DD:20:9B:85:11:97:8B:27:8F:A4:7C:1B:5E
Certificate issuer: /CN=f22bed3f37cd72826511c574560deb55542550e4
Certificate serial: 018CC26D11D5E82FE921E05F1F067D753364
Authority key identifier: F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/MCGuu7vmwd0gm4URl4snj6R8G14.roa
Signing time: Mon 01 Jan 2024 00:29:37 +0000
ROA not before: Mon 01 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29396
IP address blocks: 46.22.176.0/23 maxlen: 24
195.189.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:11:d5:e8:2f:e9:21:e0:5f:1f:06:7d:75:33:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f22bed3f37cd72826511c574560deb55542550e4
Validity
Not Before: Jan 1 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3021aebbbbe6c1dd209b8511978b278fa47c1b5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:59:93:41:90:32:83:43:a2:3c:07:c1:10:ac:
dd:79:4c:7c:4e:c5:a5:c5:25:12:92:a6:78:27:fb:
99:96:f3:ab:b1:d6:27:3e:c5:87:da:93:ad:f1:79:
0b:91:2d:7f:84:d5:9c:73:94:ae:97:5d:39:9a:0c:
f3:87:e4:a1:4c:71:fa:eb:f3:0a:92:59:d3:dd:f0:
c5:c9:bf:4b:1d:62:2e:39:a0:fd:df:a5:d7:ca:21:
72:55:6d:1d:9f:90:44:39:b1:75:75:65:80:cd:d0:
a0:49:8f:d2:a5:c0:87:f2:07:b6:ff:59:48:34:8e:
27:aa:b3:56:48:e9:64:92:8f:1f:71:c4:77:85:12:
d1:90:81:2d:e9:9a:cd:42:8d:bd:ea:6b:5e:11:06:
83:04:06:82:82:54:6e:39:81:c5:67:ce:93:c1:2f:
c9:76:eb:7b:77:4b:fc:46:ca:94:be:96:70:fc:7c:
cc:c3:9c:b9:5f:1a:5f:08:08:06:15:ad:d2:75:d4:
6d:d6:75:de:90:f7:6f:23:59:6d:2b:9b:71:a8:29:
dd:90:37:99:87:0c:fe:19:49:1b:7e:a9:79:ea:d4:
6e:41:bb:e3:c9:dd:5a:71:18:b9:50:84:97:41:e1:
69:0c:aa:09:69:12:41:15:46:a7:38:ad:ae:71:a0:
49:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:21:AE:BB:BB:E6:C1:DD:20:9B:85:11:97:8B:27:8F:A4:7C:1B:5E
X509v3 Authority Key Identifier:
keyid:F2:2B:ED:3F:37:CD:72:82:65:11:C5:74:56:0D:EB:55:54:25:50:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/MCGuu7vmwd0gm4URl4snj6R8G14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/294fa1-e938-4cd2-9a89-29062e870b64/1/8ivtPzfNcoJlEcV0Vg3rVVQlUOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.176.0/23
195.189.20.0/22
Signature Algorithm: sha256WithRSAEncryption
67:c5:fe:f2:e7:e9:cf:fc:b5:7b:96:2b:9d:83:75:14:f0:17:
b9:f5:c2:de:02:40:16:d9:34:a0:7d:df:50:2b:0f:1d:f5:73:
91:46:17:54:8e:bd:a1:87:06:db:90:e6:0a:d0:70:9c:16:f0:
36:70:07:49:04:6b:4b:74:30:cc:e5:fa:f8:f8:99:a8:49:05:
2a:95:19:e9:d7:81:10:dc:da:c2:20:1d:3f:42:98:e1:f3:b0:
3f:72:4a:96:ff:ce:b3:aa:8e:08:dc:e8:bd:72:ae:7b:c2:40:
25:36:e2:4f:26:e7:56:f6:9e:3f:77:91:25:a7:98:d6:39:85:
19:c2:5b:69:e7:c7:3b:a8:51:50:0a:7b:00:38:c5:27:2f:bb:
bf:e7:54:f2:d6:d2:33:48:8b:a8:0d:0c:60:0c:71:5b:b7:52:
ef:0f:15:1f:4a:ca:0b:2b:97:27:df:83:b9:a3:38:27:28:2b:
d1:26:fb:55:ea:70:ab:de:56:fa:95:40:12:6b:b7:7d:f4:d9:
60:7a:98:c4:93:0e:d6:f3:d5:03:10:12:59:b0:de:e9:c3:be:
d2:0f:2a:21:7a:07:65:c1:b3:92:07:a5:b1:c3:82:8f:74:a4:
74:68:e3:6b:2b:25:36:3e:49:65:0e:5f:26:2f:5f:a6:d1:3a:
82:19:86:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbRHV6C/pIeBfHwZ9dTNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyMmJlZDNmMzdjZDcyODI2NTExYzU3NDU2MGRlYjU1NTQy
NTUwZTQwHhcNMjQwMTAxMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDIxYWViYmJiZTZjMWRkMjA5Yjg1MTE5NzhiMjc4ZmE0N2MxYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVmTQZAyg0OiPAfBEKzdeUx8TsWl
xSUSkqZ4J/uZlvOrsdYnPsWH2pOt8XkLkS1/hNWcc5Sul105mgzzh+ShTHH66/MK
klnT3fDFyb9LHWIuOaD936XXyiFyVW0dn5BEObF1dWWAzdCgSY/SpcCH8ge2/1lI
NI4nqrNWSOlkko8fccR3hRLRkIEt6ZrNQo296mteEQaDBAaCglRuOYHFZ86TwS/J
dut7d0v8RsqUvpZw/HzMw5y5XxpfCAgGFa3SddRt1nXekPdvI1ltK5txqCndkDeZ
hwz+GUkbfql56tRuQbvjyd1acRi5UISXQeFpDKoJaRJBFUanOK2ucaBJzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAhrru75sHdIJuFEZeLJ4+kfBteMB8GA1UdIwQY
MBaAFPIr7T83zXKCZRHFdFYN61VUJVDkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGl2dFB6Zk5jb0psRWNWMFZnM3JWVlFsVU9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8yOTRmYTEtZTkzOC00Y2QyLTlhODkt
MjkwNjJlODcwYjY0LzEvTUNHdXU3dm13ZDBnbTRVUmw0c25qNlI4RzE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8yOTRmYTEtZTkzOC00Y2QyLTlhODktMjkwNjJlODcwYjY0
LzEvOGl2dFB6Zk5jb0psRWNWMFZnM3JWVlFsVU9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLhawAwQC
w70UMA0GCSqGSIb3DQEBCwUAA4IBAQBnxf7y5+nP/LV7liudg3UU8Be59cLeAkAW
2TSgfd9QKw8d9XORRhdUjr2hhwbbkOYK0HCcFvA2cAdJBGtLdDDM5fr4+JmoSQUq
lRnp14EQ3NrCIB0/Qpjh87A/ckqW/86zqo4I3Oi9cq57wkAlNuJPJudW9p4/d5El
p5jWOYUZwltp58c7qFFQCnsAOMUnL7u/51Ty1tIzSIuoDQxgDHFbt1LvDxUfSsoL
K5cn34O5ozgnKCvRJvtV6nCr3lb6lUASa7d99NlgepjEkw7W89UDEBJZsN7pw77S
DyohegdlwbOSB6Wxw4KPdKR0aONrKyU2PkllDl8mL1+m0TqCGYb/
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:05 2025 by rpki-client