Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/MXY5rG5BkB9dkcqfcneSyTwmRro.roa
File: MXY5rG5BkB9dkcqfcneSyTwmRro.roa (raw, json)
Hash identifier: xH9NjDhcbfzPak6d7wIL3N/myqO9nsJ9wKtWhAtM73k=
Subject key identifier: 31:76:39:AC:6E:41:90:1F:5D:91:CA:9F:72:77:92:C9:3C:26:46:BA
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01856FCB83FC0774CD72B9AD3BE7C5EB18B0
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/MXY5rG5BkB9dkcqfcneSyTwmRro.roa
Signing time: Mon 02 Jan 2023 00:04:46 +0000
ROA not before: Mon 02 Jan 2023 00:04:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8967
IP address blocks: 95.158.156.0/22 maxlen: 24
46.35.182.0/23 maxlen: 24
95.158.172.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 10:29:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:83:fc:07:74:cd:72:b9:ad:3b:e7:c5:eb:18:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 00:04:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=317639ac6e41901f5d91ca9f727792c93c2646ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ae:76:35:fc:0e:30:bb:84:1f:99:56:18:a8:
ba:52:0d:a6:d1:59:07:d5:1e:89:dc:e6:f4:fa:28:
30:10:49:31:34:33:49:10:c6:4d:fd:ce:71:cf:3f:
75:b5:43:a3:ac:6a:98:c5:e7:ab:6c:33:e8:14:99:
e3:94:45:07:f3:2e:c8:78:db:86:1f:07:e0:2e:e2:
7d:a4:f2:9e:33:ff:df:b1:e4:36:53:12:88:8d:1e:
ba:38:70:a1:e6:6d:a9:f1:f2:27:2d:45:5b:28:77:
5d:e5:d8:91:cc:37:28:4a:5a:99:12:ac:60:8e:ac:
e6:29:99:49:e8:89:02:dd:d6:bf:39:0e:76:18:dd:
a4:60:4a:6b:f5:9e:49:75:71:57:ce:a1:26:92:1c:
0a:23:e1:49:10:05:3a:b7:a8:07:df:62:c4:94:36:
42:90:7c:c6:3c:d0:99:0a:ed:93:cf:15:90:81:94:
ad:50:02:eb:3b:55:ee:7b:99:af:f9:0f:1d:82:94:
a8:87:ad:9b:fe:ef:c2:05:43:c7:9d:a2:59:d5:71:
29:15:33:7e:08:f7:c2:a8:ec:db:90:47:39:60:95:
c4:05:2a:a6:54:b0:65:fd:a5:03:e8:c7:8f:d8:86:
cc:7a:49:e1:ff:f0:70:c6:af:15:96:92:25:70:79:
65:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:76:39:AC:6E:41:90:1F:5D:91:CA:9F:72:77:92:C9:3C:26:46:BA
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/MXY5rG5BkB9dkcqfcneSyTwmRro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.182.0/23
95.158.156.0/22
95.158.172.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:88:c9:c4:93:f8:88:58:bc:6a:be:40:68:82:9b:85:10:b5:
bc:b4:d4:c7:95:8c:d6:ef:e0:cc:6d:d4:f1:8f:c6:c9:eb:64:
ba:0c:a6:5d:a5:3d:7a:83:0b:c3:53:d1:13:63:92:ec:0d:d7:
08:39:28:10:f3:f0:28:45:39:33:10:0f:bc:77:ab:bb:d9:72:
55:f9:9a:64:a1:4b:b5:01:0c:f3:ed:b2:ad:41:d4:f3:cf:ae:
e3:74:1b:c8:55:74:d3:c3:af:d4:8f:b8:bf:4c:fe:42:50:b8:
84:95:d8:ae:e9:b0:05:bf:81:8c:90:62:67:1d:ad:b2:6a:4f:
df:de:91:bb:0a:b6:ba:00:33:1d:9d:a3:2e:f3:08:b8:e0:98:
a6:ca:30:e9:d2:90:68:77:53:91:bf:e2:f4:69:20:0d:0b:a3:
87:90:bc:aa:ee:27:74:ba:ff:b3:ea:4b:35:42:f7:07:f7:91:
38:6d:7b:5a:ab:4b:a5:47:46:fb:91:c7:b4:a1:1b:57:37:31:
91:f0:97:8f:f6:f3:35:e6:39:24:7c:b1:af:b2:67:b4:a9:0d:
28:81:8d:d6:cd:ab:43:11:72:74:44:4b:fb:3f:a2:b3:d4:cb:
97:42:9f:0f:a5:c0:e9:61:a0:44:44:7a:fb:7f:34:1c:b0:d1:
b8:94:18:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVvy4P8B3TNcrmtO+fF6xiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjMwMTAyMDAwNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTc2MzlhYzZlNDE5MDFmNWQ5MWNhOWY3Mjc3OTJjOTNjMjY0NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjq52NfwOMLuEH5lWGKi6Ug2m0VkH
1R6J3Ob0+igwEEkxNDNJEMZN/c5xzz91tUOjrGqYxeerbDPoFJnjlEUH8y7IeNuG
HwfgLuJ9pPKeM//fseQ2UxKIjR66OHCh5m2p8fInLUVbKHdd5diRzDcoSlqZEqxg
jqzmKZlJ6IkC3da/OQ52GN2kYEpr9Z5JdXFXzqEmkhwKI+FJEAU6t6gH32LElDZC
kHzGPNCZCu2TzxWQgZStUALrO1Xue5mv+Q8dgpSoh62b/u/CBUPHnaJZ1XEpFTN+
CPfCqOzbkEc5YJXEBSqmVLBl/aUD6MeP2IbMeknh//Bwxq8VlpIlcHll7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDF2OaxuQZAfXZHKn3J3ksk8Jka6MB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvTVhZNXJHNUJrQjlka2NxZmNuZVN5VHdtUnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLiO2AwQC
X56cAwQCX56sMA0GCSqGSIb3DQEBCwUAA4IBAQC0iMnEk/iIWLxqvkBogpuFELW8
tNTHlYzW7+DMbdTxj8bJ62S6DKZdpT16gwvDU9ETY5LsDdcIOSgQ8/AoRTkzEA+8
d6u72XJV+ZpkoUu1AQzz7bKtQdTzz67jdBvIVXTTw6/Uj7i/TP5CULiEldiu6bAF
v4GMkGJnHa2yak/f3pG7Cra6ADMdnaMu8wi44JimyjDp0pBod1ORv+L0aSANC6OH
kLyq7id0uv+z6ks1QvcH95E4bXtaq0ulR0b7kce0oRtXNzGR8JeP9vM15jkkfLGv
sme0qQ0ogY3WzatDEXJ0REv7P6Kz1MuXQp8PpcDpYaBERHr7fzQcsNG4lBjr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:24 2024 by rpki-client on console-fra.rpki-client.org