Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/mGZom-0AOe4SUIHaNNz17kguJG0.roa
File: mGZom-0AOe4SUIHaNNz17kguJG0.roa (raw, json)
Hash identifier: 0LAoNcFvwwzMwChCU/JLWjW73hjbjYeQvDgBys0+Cm0=
Subject key identifier: 98:66:68:9B:ED:00:39:EE:12:50:81:DA:34:DC:F5:EE:48:2E:24:6D
Certificate issuer: /CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Certificate serial: 0188102794F25D81357082E0B568BFF544CA
Authority key identifier: C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/mGZom-0AOe4SUIHaNNz17kguJG0.roa
Signing time: Fri 12 May 2023 13:30:09 +0000
ROA not before: Fri 12 May 2023 13:30:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32338
IP address blocks: 185.213.88.0/22 maxlen: 24
45.84.30.0/24 maxlen: 24
45.84.31.0/24 maxlen: 24
45.84.28.0/23 maxlen: 23
185.149.132.0/23 maxlen: 23
185.149.134.0/23 maxlen: 23
185.73.220.0/22 maxlen: 24
2a0b:85c0::/29 maxlen: 32
2a05:44c0::/29 maxlen: 32
2a0e:9480::/29 maxlen: 32
2a07:68c0::/29 maxlen: 48
Validation: Failed, certificate revoked on Tue 19 Sep 2023 09:45:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:10:27:94:f2:5d:81:35:70:82:e0:b5:68:bf:f5:44:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7e9c7aa534b1300bf724fff0f0c1b0519d505bb
Validity
Not Before: May 12 13:30:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9866689bed0039ee125081da34dcf5ee482e246d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:48:e5:64:82:e8:69:8d:36:e1:2d:d8:3a:8c:
fb:19:00:3b:eb:89:d7:da:0b:cc:58:77:76:99:12:
ee:84:78:33:1e:47:04:49:33:8c:dc:90:75:4b:90:
ff:00:65:f3:de:2b:ca:f5:0d:f7:0a:82:49:90:e2:
c1:5e:ea:82:12:53:a7:8b:f9:b8:30:26:fe:7f:3d:
ce:73:e0:81:a4:9b:35:4d:ee:a9:b5:e9:8f:b8:b7:
6d:d6:11:bc:32:b5:8e:d2:00:5d:fd:6a:87:6d:7f:
51:ca:70:25:96:6c:fc:e1:2d:69:41:9e:23:85:de:
f4:65:e6:0d:83:bf:8a:2c:6b:0a:3f:ac:37:ad:8e:
ea:6b:4c:75:0f:ce:aa:15:7d:72:cf:75:e5:19:9c:
09:40:4f:8b:8b:40:32:54:4a:8f:80:5d:98:eb:49:
f6:71:15:bd:a7:14:c6:d9:0c:49:ff:c9:75:7e:41:
7e:13:15:67:0d:67:fb:5d:01:97:f3:46:9b:ca:5d:
3c:13:be:fb:de:57:70:16:b0:ed:75:2c:e1:76:d5:
78:f0:a3:1b:8a:a4:5f:77:52:0c:f5:72:ee:23:90:
be:1d:c2:3a:1d:85:36:70:61:62:0d:a0:d2:64:ff:
06:0c:c5:d5:4e:bc:a0:26:bf:12:67:9d:c8:26:51:
9c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:66:68:9B:ED:00:39:EE:12:50:81:DA:34:DC:F5:EE:48:2E:24:6D
X509v3 Authority Key Identifier:
keyid:C7:E9:C7:AA:53:4B:13:00:BF:72:4F:FF:0F:0C:1B:05:19:D5:05:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x-nHqlNLEwC_ck__DwwbBRnVBbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/mGZom-0AOe4SUIHaNNz17kguJG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/50abef-374c-4ea6-b7d4-ce500827ff7f/1/x-nHqlNLEwC_ck__DwwbBRnVBbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.28.0/22
185.73.220.0/22
185.149.132.0/22
185.213.88.0/22
IPv6:
2a05:44c0::/29
2a07:68c0::/29
2a0b:85c0::/29
2a0e:9480::/29
Signature Algorithm: sha256WithRSAEncryption
4d:6f:e3:4b:7e:64:55:ea:94:a7:06:60:1a:19:12:9b:78:f8:
2a:b1:8a:a5:b6:ad:a7:fd:03:bb:fb:b7:2e:dd:30:2a:43:16:
6f:68:96:e6:31:76:55:43:d5:78:ac:8a:7d:ad:7b:95:44:b5:
8c:9e:c4:f0:d3:81:48:c7:11:6a:55:9a:d5:85:d4:09:58:7a:
16:cc:9c:b3:23:4d:81:7d:38:53:96:f6:5b:b3:3f:71:22:fe:
51:b8:ae:09:0c:7b:de:f3:cc:42:e2:1a:b2:d7:00:be:4c:6e:
95:97:44:78:a1:56:31:8d:e2:16:35:4f:a8:e6:f7:cf:f7:72:
dc:45:de:d7:25:33:f8:ae:ab:92:dd:b5:ac:bf:f1:75:93:1a:
bf:c1:9c:62:05:a4:a5:20:70:9d:22:25:bc:ea:08:a2:18:06:
f4:df:fd:d6:8b:f0:b1:3b:4e:3d:94:f6:fb:37:80:8f:63:d9:
0e:8d:34:f3:29:43:95:19:5a:b4:fb:99:cb:9a:24:f4:2e:23:
e8:5c:e5:9e:66:93:69:c7:68:42:a7:42:a6:d3:80:5a:31:8f:
04:e9:e6:d5:de:0b:9e:a9:40:7c:be:7e:5f:09:c8:b6:95:28:
e3:6e:c4:69:60:56:91:01:78:b8:a7:6b:09:5f:d6:ed:77:f1:
95:8c:b7:30
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYgQJ5TyXYE1cILgtWi/9UTKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ZTljN2FhNTM0YjEzMDBiZjcyNGZmZjBmMGMxYjA1MTlk
NTA1YmIwHhcNMjMwNTEyMTMzMDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY2Njg5YmVkMDAzOWVlMTI1MDgxZGEzNGRjZjVlZTQ4MmUyNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEjlZILoaY024S3YOoz7GQA764nX
2gvMWHd2mRLuhHgzHkcESTOM3JB1S5D/AGXz3ivK9Q33CoJJkOLBXuqCElOni/m4
MCb+fz3Oc+CBpJs1Te6ptemPuLdt1hG8MrWO0gBd/WqHbX9RynAllmz84S1pQZ4j
hd70ZeYNg7+KLGsKP6w3rY7qa0x1D86qFX1yz3XlGZwJQE+Li0AyVEqPgF2Y60n2
cRW9pxTG2QxJ/8l1fkF+ExVnDWf7XQGX80abyl08E7773ldwFrDtdSzhdtV48KMb
iqRfd1IM9XLuI5C+HcI6HYU2cGFiDaDSZP8GDMXVTrygJr8SZ53IJlGcaQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJhmaJvtADnuElCB2jTc9e5ILiRtMB8GA1UdIwQY
MBaAFMfpx6pTSxMAv3JP/w8MGwUZ1QW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQt
Y2U1MDA4MjdmZjdmLzEvbUdab20tMEFPZTRTVUlIYU5OejE3a2d1SkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC81MGFiZWYtMzc0Yy00ZWE2LWI3ZDQtY2U1MDA4MjdmZjdm
LzEveC1uSHFsTkxFd0NfY2tfX0R3d2JCUm5WQmJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAeBAIAATAYAwQCLVQcAwQC
uUncAwQCuZWEAwQCudVYMCIEAgACMBwDBQMqBUTAAwUDKgdowAMFAyoLhcADBQMq
DpSAMA0GCSqGSIb3DQEBCwUAA4IBAQBNb+NLfmRV6pSnBmAaGRKbePgqsYqltq2n
/QO7+7cu3TAqQxZvaJbmMXZVQ9V4rIp9rXuVRLWMnsTw04FIxxFqVZrVhdQJWHoW
zJyzI02BfThTlvZbsz9xIv5RuK4JDHve88xC4hqy1wC+TG6Vl0R4oVYxjeIWNU+o
5vfP93LcRd7XJTP4rquS3bWsv/F1kxq/wZxiBaSlIHCdIiW86giiGAb03/3Wi/Cx
O049lPb7N4CPY9kOjTTzKUOVGVq0+5nLmiT0LiPoXOWeZpNpx2hCp0Km04BaMY8E
6ebV3gueqUB8vn5fCci2lSjjbsRpYFaRAXi4p2sJX9btd/GVjLcw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:09 2024 by rpki-client on console-fra.rpki-client.org