Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/MguNwEBwxj-EOJ00LbDdUQhILmI.roa
File: MguNwEBwxj-EOJ00LbDdUQhILmI.roa (raw, json)
Hash identifier: 5ilL/gacKDNdE2BYunJoAjXtlkCxyqpCm5pzk4oa7xA=
Subject key identifier: 32:0B:8D:C0:40:70:C6:3F:84:38:9D:34:2D:B0:DD:51:08:48:2E:62
Certificate issuer: /CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Certificate serial: 018EC24346355423875F793DE1609CC2D4B2
Authority key identifier: 55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/MguNwEBwxj-EOJ00LbDdUQhILmI.roa
Signing time: Tue 09 Apr 2024 09:49:32 +0000
ROA not before: Tue 09 Apr 2024 09:49:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201364
IP address blocks: 85.202.202.0/24 maxlen: 24
2a07:9180::/32 maxlen: 32
2a07:9181::/32 maxlen: 32
2a07:9182::/32 maxlen: 32
2a07:9183::/32 maxlen: 32
2a07:9184::/32 maxlen: 32
2a07:9185::/32 maxlen: 32
2a07:9186::/32 maxlen: 32
2a07:9187::/32 maxlen: 32
2a09:5980::/32 maxlen: 32
2a09:5981::/32 maxlen: 32
2a09:5982::/32 maxlen: 32
2a09:5983::/32 maxlen: 32
2a09:5984::/32 maxlen: 32
2a09:5985::/32 maxlen: 32
2a09:5986::/32 maxlen: 32
2a09:5987::/32 maxlen: 32
2a09:f340::/32 maxlen: 32
2a09:f341::/32 maxlen: 32
2a09:f342::/32 maxlen: 32
2a09:f343::/32 maxlen: 32
2a09:f344::/32 maxlen: 32
2a09:f345::/32 maxlen: 32
2a09:f346::/32 maxlen: 32
2a09:f347::/32 maxlen: 32
2a0d:8040::/32 maxlen: 32
2a0d:8041::/32 maxlen: 32
2a0d:8042::/32 maxlen: 32
2a0d:8043::/32 maxlen: 32
2a0d:8044::/32 maxlen: 32
2a0d:8045::/32 maxlen: 32
2a0d:8046::/32 maxlen: 32
2a0d:8047::/32 maxlen: 32
2a0f:a1c0::/32 maxlen: 32
2a0f:a1c1::/32 maxlen: 32
2a0f:a1c2::/32 maxlen: 32
2a0f:a1c3::/32 maxlen: 32
2a0f:a1c4::/32 maxlen: 32
2a0f:a1c5::/32 maxlen: 32
2a0f:a1c6::/32 maxlen: 32
2a0f:a1c7::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 06 Nov 2024 22:16:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:43:46:35:54:23:87:5f:79:3d:e1:60:9c:c2:d4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5550e06ee02c5a32e54dc89853b4aa378f8604f7
Validity
Not Before: Apr 9 09:49:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=320b8dc04070c63f84389d342db0dd5108482e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:44:19:a9:82:46:dc:6b:e6:53:70:49:31:39:
9d:10:3c:48:17:d3:b2:44:44:fe:bb:1d:0e:26:f8:
60:14:9b:13:11:97:c4:f2:bf:8c:9d:81:ab:7f:18:
d3:ca:93:ac:b9:4d:67:9b:27:75:8b:cd:69:4e:c6:
07:9b:b3:e9:c4:60:78:ea:ca:05:02:37:5a:dd:a0:
b0:57:65:31:2b:d7:a0:ed:15:83:13:1a:87:7d:bf:
48:df:19:fa:f1:d7:91:0e:f7:8a:60:fc:18:10:08:
41:11:aa:1e:34:0d:f0:d8:e5:76:0b:58:7f:67:70:
6e:9f:36:2e:86:a0:11:c2:82:53:ca:fc:a5:0d:cb:
f3:f9:c2:55:13:6a:85:1b:e3:c2:dc:a4:38:e1:17:
5e:50:0a:72:4b:a3:74:4c:5c:bc:93:e8:f5:44:a7:
be:6b:d6:61:03:94:dc:0e:ad:e3:2d:cb:d6:e5:ff:
9d:3b:4f:b5:8a:01:5f:79:b9:45:ff:c1:dc:02:cd:
2b:64:98:70:bd:1f:4b:93:10:e5:e9:0e:99:c8:db:
c7:c4:f1:6b:e0:45:89:6b:35:65:23:a8:f2:d2:e9:
ad:43:27:f3:11:06:c3:9b:79:0d:10:3f:b5:79:52:
a9:92:aa:ef:ff:a4:fd:ed:cf:80:e5:5f:6b:57:c0:
06:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0B:8D:C0:40:70:C6:3F:84:38:9D:34:2D:B0:DD:51:08:48:2E:62
X509v3 Authority Key Identifier:
keyid:55:50:E0:6E:E0:2C:5A:32:E5:4D:C8:98:53:B4:AA:37:8F:86:04:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VVDgbuAsWjLlTciYU7SqN4-GBPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/MguNwEBwxj-EOJ00LbDdUQhILmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/deeb4c-99d6-4a9e-8200-7caa97927142/1/VVDgbuAsWjLlTciYU7SqN4-GBPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.202.0/24
IPv6:
2a07:9180::/29
2a09:5980::/29
2a09:f340::/29
2a0d:8040::/29
2a0f:a1c0::/29
Signature Algorithm: sha256WithRSAEncryption
27:60:50:87:00:fa:8e:8a:d6:9f:c4:26:cf:35:87:00:b1:40:
a9:ff:6f:70:56:6a:ba:e9:43:d0:5c:ec:d2:c5:64:47:f7:e9:
a8:cd:42:ae:bd:9e:28:84:46:f5:3a:25:79:4c:d6:3a:b0:51:
27:97:8c:f1:9e:a8:95:da:f8:df:f8:db:a9:e9:6e:79:33:73:
40:52:99:7a:87:fb:96:e4:c9:b6:ee:4d:3b:80:b5:30:b0:d0:
55:b2:61:e4:11:fa:e0:cf:3a:77:1f:f2:0d:be:b8:23:48:cf:
2b:ae:70:a0:0c:b8:52:fe:4c:e1:6d:04:9e:6f:05:47:c4:3c:
64:e1:8f:8d:86:89:87:09:7d:8c:07:d5:92:1d:e5:9c:0f:e5:
d7:b7:c1:de:98:74:e9:b8:78:f6:3d:1e:a0:98:b5:b3:da:df:
01:f4:68:91:21:a8:7e:fc:45:1a:d2:66:b9:e2:49:77:15:e6:
54:58:15:e9:11:43:c3:4e:c2:3f:bb:36:ea:47:2c:19:ef:21:
cb:1d:79:6c:09:07:d6:fc:2c:a7:f6:3a:3c:bc:aa:88:2b:d5:
b7:bb:16:84:9e:51:a7:73:33:e4:cf:d4:e5:61:f8:93:6f:c3:
98:29:52:f9:ba:b3:f9:30:fa:05:f4:6d:9c:61:38:5d:10:06:
5f:4f:75:0c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAY7CQ0Y1VCOHX3k94WCcwtSyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NTBlMDZlZTAyYzVhMzJlNTRkYzg5ODUzYjRhYTM3OGY4
NjA0ZjcwHhcNMjQwNDA5MDk0OTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBiOGRjMDQwNzBjNjNmODQzODlkMzQyZGIwZGQ1MTA4NDgyZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0QZqYJG3GvmU3BJMTmdEDxIF9Oy
RET+ux0OJvhgFJsTEZfE8r+MnYGrfxjTypOsuU1nmyd1i81pTsYHm7PpxGB46soF
Ajda3aCwV2UxK9eg7RWDExqHfb9I3xn68deRDveKYPwYEAhBEaoeNA3w2OV2C1h/
Z3BunzYuhqARwoJTyvylDcvz+cJVE2qFG+PC3KQ44RdeUApyS6N0TFy8k+j1RKe+
a9ZhA5TcDq3jLcvW5f+dO0+1igFfeblF/8HcAs0rZJhwvR9LkxDl6Q6ZyNvHxPFr
4EWJazVlI6jy0umtQyfzEQbDm3kNED+1eVKpkqrv/6T97c+A5V9rV8AGEQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDILjcBAcMY/hDidNC2w3VEISC5iMB8GA1UdIwQY
MBaAFFVQ4G7gLFoy5U3ImFO0qjePhgT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAt
N2NhYTk3OTI3MTQyLzEvTWd1TndFQnd4ai1FT0owMExiRGRVUWhJTG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9kZWViNGMtOTlkNi00YTllLTgyMDAtN2NhYTk3OTI3MTQy
LzEvVlZEZ2J1QXNXakxsVGNpWVU3U3FONC1HQlBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAMBAIAATAGAwQAVcrKMCkE
AgACMCMDBQMqB5GAAwUDKglZgAMFAyoJ80ADBQMqDYBAAwUDKg+hwDANBgkqhkiG
9w0BAQsFAAOCAQEAJ2BQhwD6jorWn8QmzzWHALFAqf9vcFZquulD0Fzs0sVkR/fp
qM1Crr2eKIRG9ToleUzWOrBRJ5eM8Z6oldr43/jbqelueTNzQFKZeof7luTJtu5N
O4C1MLDQVbJh5BH64M86dx/yDb64I0jPK65woAy4Uv5M4W0Enm8FR8Q8ZOGPjYaJ
hwl9jAfVkh3lnA/l17fB3ph06bh49j0eoJi1s9rfAfRokSGofvxFGtJmueJJdxXm
VFgV6RFDw07CP7s26kcsGe8hyx15bAkH1vwsp/Y6PLyqiCvVt7sWhJ5Rp3Mz5M/U
5WH4k2/DmClS+bqz+TD6BfRtnGE4XRAGX091DA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:44 2025 by rpki-client