Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/MCKMqn88zmLGQ7gvzR9cx2vPzWY.roa
File: MCKMqn88zmLGQ7gvzR9cx2vPzWY.roa (raw, json)
Hash identifier: oX03CF3dwSvaf2pz+HzywHsHKy61S0jO6eUY7j92WAc=
Subject key identifier: 30:22:8C:AA:7F:3C:CE:62:C6:43:B8:2F:CD:1F:5C:C7:6B:CF:CD:66
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 01856D81AC2D3BDBCF0C7ADB5806A8D19A6B
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/MCKMqn88zmLGQ7gvzR9cx2vPzWY.roa
Signing time: Sun 01 Jan 2023 13:24:52 +0000
ROA not before: Sun 01 Jan 2023 13:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56947
IP address blocks: 185.7.116.0/23 maxlen: 24
91.229.108.0/22 maxlen: 24
188.68.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:ac:2d:3b:db:cf:0c:7a:db:58:06:a8:d1:9a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Jan 1 13:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30228caa7f3cce62c643b82fcd1f5cc76bcfcd66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:19:b9:8d:67:c6:93:c1:44:97:53:19:b6:1b:
8a:6e:76:ad:e3:c4:40:2d:82:eb:7a:11:b1:79:bc:
37:6a:30:02:d9:a7:92:7e:69:c9:ba:6e:b3:44:69:
a2:c1:00:00:00:76:8d:91:69:fc:10:a4:c4:65:e9:
3a:f4:09:99:27:da:49:1a:f9:d8:24:b5:5e:eb:00:
47:5a:e7:96:93:83:13:bf:9a:ae:20:a4:52:0c:2d:
be:92:64:5e:a2:a2:45:5b:b4:52:7f:03:f5:5c:94:
49:9f:1d:39:d1:83:da:0b:b1:43:ce:71:1b:91:95:
85:46:8f:83:cd:62:96:54:33:ca:d3:fe:a1:21:62:
1e:95:6a:32:38:ed:0b:90:da:47:95:74:9e:13:5d:
a4:6e:9f:4b:d3:18:4e:31:72:14:c6:9b:8b:ad:c1:
52:90:a6:d9:4f:2d:97:0f:45:3f:ee:49:61:da:24:
58:03:db:65:b3:73:80:f5:d1:f0:3e:0d:39:d6:7a:
d0:3b:4b:9e:12:e0:e6:6d:a2:b3:07:0b:91:a7:ac:
49:fb:2f:a7:c0:1b:98:41:28:60:45:82:73:a3:01:
e6:c0:17:72:07:88:27:e8:57:dd:50:07:0f:3d:5a:
be:a0:78:cb:7c:af:99:fb:11:62:80:53:ed:16:cc:
42:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:22:8C:AA:7F:3C:CE:62:C6:43:B8:2F:CD:1F:5C:C7:6B:CF:CD:66
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/MCKMqn88zmLGQ7gvzR9cx2vPzWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.108.0/22
185.7.116.0/23
188.68.81.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:e7:6e:5c:17:97:31:bf:51:0b:37:b6:d5:e5:55:37:00:d0:
f0:e1:25:58:18:83:df:63:56:99:38:24:84:23:3c:e0:a7:17:
22:3a:e6:61:c9:9b:1d:d7:02:f4:82:f0:77:8a:18:cc:d4:00:
fd:d2:ab:fc:7a:0a:da:01:9b:32:7b:ea:18:8a:4f:4f:3e:2a:
bb:ab:b2:75:7b:c7:e8:00:39:48:cf:b6:64:7b:3d:77:5a:c1:
3d:61:a8:05:36:0a:4a:3c:e0:90:b4:b7:b7:76:54:e4:ed:ab:
57:57:0c:54:1a:29:22:40:12:1b:b2:c9:b3:54:01:23:98:b6:
5a:e6:6b:48:14:d7:40:70:cd:8c:32:04:61:3e:53:f2:bf:35:
42:2e:b8:09:c0:83:6b:df:e6:6f:8b:47:f4:36:2b:10:60:f4:
0b:39:d0:93:25:60:7c:cc:79:08:6c:82:d3:4f:ac:ff:5e:49:
ff:b0:88:12:04:f8:9a:a0:fd:2e:8d:a3:6d:7a:93:84:6d:ae:
3a:d4:bd:db:ff:a0:f2:55:75:0e:e6:b1:e8:a2:59:8f:ee:52:
ea:d3:28:e5:11:df:58:fd:b1:94:de:70:79:0e:5e:fa:7d:59:
21:d3:b5:86:9d:22:e8:8d:ec:c7:fc:b2:3c:38:86:21:82:09:
ca:4e:ab:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtgawtO9vPDHrbWAao0ZprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjMwMTAxMTMyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDIyOGNhYTdmM2NjZTYyYzY0M2I4MmZjZDFmNWNjNzZiY2ZjZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxm5jWfGk8FEl1MZthuKbnat48RA
LYLrehGxebw3ajAC2aeSfmnJum6zRGmiwQAAAHaNkWn8EKTEZek69AmZJ9pJGvnY
JLVe6wBHWueWk4MTv5quIKRSDC2+kmReoqJFW7RSfwP1XJRJnx050YPaC7FDznEb
kZWFRo+DzWKWVDPK0/6hIWIelWoyOO0LkNpHlXSeE12kbp9L0xhOMXIUxpuLrcFS
kKbZTy2XD0U/7klh2iRYA9tls3OA9dHwPg051nrQO0ueEuDmbaKzBwuRp6xJ+y+n
wBuYQShgRYJzowHmwBdyB4gn6FfdUAcPPVq+oHjLfK+Z+xFigFPtFsxCbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDAijKp/PM5ixkO4L80fXMdrz81mMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvTUNLTXFuODh6bUxHUTdndnpSOWN4MnZQeldZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+VsAwQB
uQd0AwQAvERRMA0GCSqGSIb3DQEBCwUAA4IBAQBq525cF5cxv1ELN7bV5VU3ANDw
4SVYGIPfY1aZOCSEIzzgpxciOuZhyZsd1wL0gvB3ihjM1AD90qv8egraAZsye+oY
ik9PPiq7q7J1e8foADlIz7Zkez13WsE9YagFNgpKPOCQtLe3dlTk7atXVwxUGiki
QBIbssmzVAEjmLZa5mtIFNdAcM2MMgRhPlPyvzVCLrgJwINr3+Zvi0f0NisQYPQL
OdCTJWB8zHkIbILTT6z/Xkn/sIgSBPiaoP0ujaNtepOEba461L3b/6DyVXUO5rHo
olmP7lLq0yjlEd9Y/bGU3nB5Dl76fVkh07WGnSLojezH/LI8OIYhggnKTqsu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:02 2024 by rpki-client on console-fra.rpki-client.org