Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/MPPa7WtuA2DKS3ndmqP2EVUvvw0.roa
File: MPPa7WtuA2DKS3ndmqP2EVUvvw0.roa (raw, json)
Hash identifier: AuW5239nmSBhng+hq/8zDSJf8hVfzx1I+GHOQ4VU5Z8=
Subject key identifier: 30:F3:DA:ED:6B:6E:03:60:CA:4B:79:DD:9A:A3:F6:11:55:2F:BF:0D
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 018572BA672CC491B4081E3B386115DC523A
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/MPPa7WtuA2DKS3ndmqP2EVUvvw0.roa
Signing time: Mon 02 Jan 2023 13:44:56 +0000
ROA not before: Mon 02 Jan 2023 13:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.14.238.0/24 maxlen: 24
185.14.236.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:67:2c:c4:91:b4:08:1e:3b:38:61:15:dc:52:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 2 13:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=30f3daed6b6e0360ca4b79dd9aa3f611552fbf0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:94:ce:d7:c6:b4:ff:36:4d:f2:8e:23:06:00:
e1:1f:56:ee:39:cb:e7:51:f0:a6:b4:57:9f:8e:cb:
7a:92:75:db:6d:13:bf:e2:35:4b:23:c2:04:63:bc:
47:35:88:a5:d4:36:35:24:41:8b:91:21:51:00:a1:
d4:71:d3:78:10:ec:6f:d3:dc:98:8f:0c:03:c1:4e:
d2:0d:65:56:67:6f:c5:c7:70:74:1a:96:98:60:10:
74:05:d7:b3:aa:8c:1d:16:54:10:59:f0:c3:80:37:
6d:f1:03:3a:08:61:2d:bb:5d:f0:3b:52:75:e5:24:
85:0a:1e:a0:57:69:64:bc:a2:24:94:c7:e8:65:3b:
8b:a4:77:e1:d2:13:12:2c:59:91:d7:3c:46:f6:14:
2e:7a:9b:fa:89:fe:3a:8c:7a:4b:00:a8:ea:fb:e3:
f1:82:9c:07:63:6c:4d:d8:17:7c:f0:07:40:d5:53:
ee:61:11:d0:e5:19:f9:fa:ed:31:70:34:25:9f:a2:
cd:e7:6c:8a:84:63:b3:28:59:b8:e1:b1:4b:a2:64:
71:12:1d:22:d3:bd:1d:0e:31:62:0d:6e:32:ff:6d:
e3:39:51:b7:b2:3d:9c:a9:a1:1e:76:63:1f:4f:d3:
b8:0c:d2:e3:67:9f:5a:42:45:1e:7a:ec:ae:5c:a7:
35:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F3:DA:ED:6B:6E:03:60:CA:4B:79:DD:9A:A3:F6:11:55:2F:BF:0D
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/MPPa7WtuA2DKS3ndmqP2EVUvvw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.236.0/24
185.14.238.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:12:2c:c6:5f:11:2e:fd:fa:e3:2e:58:46:69:bb:2c:70:f0:
f8:85:d5:9f:5d:94:7e:01:49:93:c7:7e:f0:4f:a6:2f:59:c7:
42:a0:b4:30:95:52:b9:20:c6:69:a4:01:a1:cc:98:ad:99:34:
3e:64:b6:7b:04:eb:f1:29:f3:49:08:a7:a7:80:a7:32:cf:22:
9e:c3:5b:5b:82:78:92:bc:d0:72:2a:b9:ab:f8:41:51:02:2d:
4c:a5:55:61:9c:ea:73:de:23:02:58:16:f2:c1:dd:56:dc:64:
89:f5:b7:b6:9a:4d:ab:0c:0b:ef:e7:7d:90:de:7a:43:2b:ee:
90:8d:d9:77:14:1a:7d:b3:0b:21:8f:86:e7:40:88:8c:e7:e5:
64:9a:2b:4f:f1:45:7e:5d:a9:1d:21:fa:43:7c:b7:29:f7:52:
66:7e:5f:0b:45:81:a0:d6:7b:37:1b:6f:b8:9c:19:ff:b5:99:
e5:fd:e9:a0:35:ef:bd:ac:56:52:25:5c:18:36:46:d4:1f:93:
04:e1:42:63:68:04:7d:69:79:e1:2e:69:15:99:3e:fe:2c:0b:
c1:f8:f2:8c:4d:cb:da:78:e8:0a:49:51:f7:bc:7a:82:78:cf:
4e:40:eb:fc:00:12:a5:33:e8:f9:57:42:3f:a1:30:2d:e0:bc:
8d:b1:87:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyumcsxJG0CB47OGEV3FI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjMwMTAyMTM0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYzZGFlZDZiNmUwMzYwY2E0Yjc5ZGQ5YWEzZjYxMTU1MmZiZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5TO18a0/zZN8o4jBgDhH1buOcvn
UfCmtFefjst6knXbbRO/4jVLI8IEY7xHNYil1DY1JEGLkSFRAKHUcdN4EOxv09yY
jwwDwU7SDWVWZ2/Fx3B0GpaYYBB0BdezqowdFlQQWfDDgDdt8QM6CGEtu13wO1J1
5SSFCh6gV2lkvKIklMfoZTuLpHfh0hMSLFmR1zxG9hQuepv6if46jHpLAKjq++Px
gpwHY2xN2Bd88AdA1VPuYRHQ5Rn5+u0xcDQln6LN52yKhGOzKFm44bFLomRxEh0i
070dDjFiDW4y/23jOVG3sj2cqaEedmMfT9O4DNLjZ59aQkUeeuyuXKc1iwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDDz2u1rbgNgykt53Zqj9hFVL78NMB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvTVBQYTdXdHVBMkRLUzNuZG1xUDJFVlV2dncwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuQ7sAwQA
uQ7uMA0GCSqGSIb3DQEBCwUAA4IBAQA8EizGXxEu/frjLlhGabsscPD4hdWfXZR+
AUmTx37wT6YvWcdCoLQwlVK5IMZppAGhzJitmTQ+ZLZ7BOvxKfNJCKengKcyzyKe
w1tbgniSvNByKrmr+EFRAi1MpVVhnOpz3iMCWBbywd1W3GSJ9be2mk2rDAvv532Q
3npDK+6Qjdl3FBp9swshj4bnQIiM5+VkmitP8UV+XakdIfpDfLcp91Jmfl8LRYGg
1ns3G2+4nBn/tZnl/emgNe+9rFZSJVwYNkbUH5ME4UJjaAR9aXnhLmkVmT7+LAvB
+PKMTcvaeOgKSVH3vHqCeM9OQOv8ABKlM+j5V0I/oTAt4LyNsYff
-----END CERTIFICATE-----
Generated at Tue Oct 24 10:04:04 2023 by rpki-client on console-fra.rpki-client.org