Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa
File: MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa (raw, json)
Hash identifier: wGizp5tBR8jiSXp56ecjPpCUI65c0kqVqU5EFCLnhC0=
Subject key identifier: 32:0B:43:A5:C3:75:5F:8C:5D:60:22:42:2D:D5:A0:C5:B6:50:2F:B0
Certificate issuer: /CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
Certificate serial: 0185706752F74F0F6777C0D0F6CFA02C02A4
Authority key identifier: 11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa
Signing time: Mon 02 Jan 2023 02:54:57 +0000
ROA not before: Mon 02 Jan 2023 02:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 185.152.21.0/24 maxlen: 24
185.152.22.0/24 maxlen: 24
185.152.23.0/24 maxlen: 24
185.152.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 02:29:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:52:f7:4f:0f:67:77:c0:d0:f6:cf:a0:2c:02:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11efdbd727fb5bd53cec6957a29b47c2c34a834c
Validity
Not Before: Jan 2 02:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=320b43a5c3755f8c5d6022422dd5a0c5b6502fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3a:8c:a7:ba:db:66:2f:49:6b:60:77:2d:f1:
b3:c9:07:57:29:a5:fc:36:5f:4d:1d:09:ab:a9:3c:
de:4e:69:c3:3b:50:84:14:ef:54:01:19:38:f5:e8:
0b:09:55:08:ef:0c:d6:34:8b:b3:a5:41:3d:7b:b3:
fd:80:24:e4:ed:1f:4d:58:f8:8a:10:dd:40:4c:13:
48:be:43:de:e7:f8:0a:67:ec:60:dc:8e:75:37:3e:
03:31:d3:d6:c3:19:cb:2f:d2:f2:04:88:40:6d:31:
c3:69:6b:05:41:e2:f0:3f:e9:80:5d:f9:8e:7e:43:
ec:38:d5:9e:f7:3f:54:72:6c:0b:bc:5c:62:dd:97:
26:93:46:24:c1:ae:35:1d:ab:b9:f4:8b:7f:85:5e:
af:08:e1:dd:3f:ca:e5:cc:a2:ab:0a:07:80:9d:06:
f7:01:a6:61:66:0a:49:77:a5:c9:72:b1:41:71:96:
ed:58:b2:25:93:70:bb:58:87:6a:3c:32:56:a3:e1:
84:b7:0b:ea:b9:bf:3e:97:9e:0b:a0:86:f0:f9:5d:
3b:26:d1:72:68:ce:c9:ea:78:1e:4d:60:2f:1c:fb:
5f:31:9e:3d:76:43:3b:bf:03:b1:51:1e:97:d4:57:
76:62:d2:e1:d6:db:b3:9c:88:99:87:6b:54:57:f8:
54:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:0B:43:A5:C3:75:5F:8C:5D:60:22:42:2D:D5:A0:C5:B6:50:2F:B0
X509v3 Authority Key Identifier:
keyid:11:EF:DB:D7:27:FB:5B:D5:3C:EC:69:57:A2:9B:47:C2:C3:4A:83:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee_b1yf7W9U87GlXoptHwsNKg0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/MgtDpcN1X4xdYCJCLdWgxbZQL7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/047ce4-44ae-4273-94fa-dc634e8aa2a3/1/Ee_b1yf7W9U87GlXoptHwsNKg0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.20.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:d8:b9:e8:98:2c:4c:df:be:44:98:8d:b7:f6:8c:cd:c6:8b:
23:94:82:82:8c:33:d9:fe:e7:0d:81:cf:c6:c2:4f:38:ef:73:
ff:1c:73:87:d4:ca:26:e4:4f:66:47:43:2f:73:76:0a:78:c4:
ba:5a:6b:80:32:8b:38:17:45:af:fe:12:5a:a9:01:ac:f9:e6:
d2:5e:12:cc:4f:21:b5:ee:d9:07:f7:53:bd:30:1b:2e:c8:e8:
26:49:86:d3:a9:3d:a6:9d:59:5a:5a:e9:52:63:ea:28:41:2f:
47:8a:b9:38:0f:d0:98:8b:68:32:25:91:e5:3f:c8:9a:e9:60:
22:f3:90:69:44:35:bd:14:27:58:90:22:2a:a6:d5:68:c5:d6:
80:84:c7:ff:a7:11:fa:c9:c2:72:9b:d2:8d:28:05:28:57:48:
64:75:cb:58:72:f3:f9:0c:7a:f8:ed:cd:e8:cc:d7:fe:60:24:
17:9e:65:58:90:e7:f8:93:61:f6:7c:63:08:28:d3:c9:37:d1:
66:4f:6b:b6:2c:39:3f:fa:14:a3:80:01:72:4e:3b:3a:91:d1:
7a:88:27:54:ce:80:91:50:32:b8:0c:23:79:9a:57:95:26:c4:
ba:7f:f2:b2:ae:1c:01:2b:0b:45:e0:27:6d:3a:72:3f:78:60:
29:fb:82:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwZ1L3Tw9nd8DQ9s+gLAKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWZkYmQ3MjdmYjViZDUzY2VjNjk1N2EyOWI0N2MyYzM0
YTgzNGMwHhcNMjMwMTAyMDI1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjBiNDNhNWMzNzU1ZjhjNWQ2MDIyNDIyZGQ1YTBjNWI2NTAyZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDqMp7rbZi9Ja2B3LfGzyQdXKaX8
Nl9NHQmrqTzeTmnDO1CEFO9UARk49egLCVUI7wzWNIuzpUE9e7P9gCTk7R9NWPiK
EN1ATBNIvkPe5/gKZ+xg3I51Nz4DMdPWwxnLL9LyBIhAbTHDaWsFQeLwP+mAXfmO
fkPsONWe9z9UcmwLvFxi3Zcmk0Ykwa41Hau59It/hV6vCOHdP8rlzKKrCgeAnQb3
AaZhZgpJd6XJcrFBcZbtWLIlk3C7WIdqPDJWo+GEtwvqub8+l54LoIbw+V07JtFy
aM7J6ngeTWAvHPtfMZ49dkM7vwOxUR6X1Fd2YtLh1tuznIiZh2tUV/hUKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDILQ6XDdV+MXWAiQi3VoMW2UC+wMB8GA1UdIwQY
MBaAFBHv29cn+1vVPOxpV6KbR8LDSoNMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEt
ZGM2MzRlOGFhMmEzLzEvTWd0RHBjTjFYNHhkWUNKQ0xkV2d4YlpRTDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8wNDdjZTQtNDRhZS00MjczLTk0ZmEtZGM2MzRlOGFhMmEz
LzEvRWVfYjF5ZjdXOVU4N0dsWG9wdEh3c05LZzB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZgUMA0G
CSqGSIb3DQEBCwUAA4IBAQBd2LnomCxM375EmI239ozNxosjlIKCjDPZ/ucNgc/G
wk8473P/HHOH1Mom5E9mR0Mvc3YKeMS6WmuAMos4F0Wv/hJaqQGs+ebSXhLMTyG1
7tkH91O9MBsuyOgmSYbTqT2mnVlaWulSY+ooQS9Hirk4D9CYi2gyJZHlP8ia6WAi
85BpRDW9FCdYkCIqptVoxdaAhMf/pxH6ycJym9KNKAUoV0hkdctYcvP5DHr47c3o
zNf+YCQXnmVYkOf4k2H2fGMIKNPJN9FmT2u2LDk/+hSjgAFyTjs6kdF6iCdUzoCR
UDK4DCN5mleVJsS6f/KyrhwBKwtF4CdtOnI/eGAp+4KB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:30 2024 by rpki-client on console-ams.rpki-client.org